Installing / Building

Installing from pre packaged binaries

Instructions on building for Windows OLD These pre packaged binaries/installers are not always up to date

Building

To compile radare2, simply run meson.bat - meson.bat -p outputs a Visual Studio project file

Config file

  • To find the location of the radare2rc config file for windows, run r2 -hh and look for the environment variable RHOMEDIR

Using an installer

To get the latest installer, go to this site or this site and click the appropiate job name (32 vs 64bit) and then click artifacts to download the installer. The installer adds right click context for any file

Debugging

Winedbg

  • Untested
In one terminal do: # winedbg --gdb --no-start foo.exe
(it will show some output, and at the end it will tell you the port number, like 1234)
In the other terminal: r2 gdb://localhost:1234

Resources

DLL support

dll support using rarun2

Syntax is rarun2.exe runlib=[path\to\library] runlib.fcn=[function_name] [arg1=argument1 arg2=argument2...]. - Example: rarun2.exe runlib=C:\Windows\System32\user32.dll runlib.fcn=MessageBoxA arg1=%0 arg2=Body arg3=Title arg4=%1 - It should be possible to use a rarun2 profile to debug a dll in this manner.

dll resources

Snojan analysis

PDB support

Helpful: cabextract in linux

  • 🚀 Use idpi to show show debug information about a file. asciinema
  • Use idpd to download available files
  • 🚀 Use .idpi* to populate the flag space fs. asciinema
  • e pdb.server can be used to configure differnt pdb server. Default is Microsoft. e pdb.autoload can be set to 1 to automatically download pdb files if available.

Resources

CTF Windows binaries

Windows kernel

Windows malware / scripts

r2msdn

  • r2msdn
    • r2msdn is used to automatically annotated MSDN function description and args

Malware analysis scripts

Misc scripts

Videos

video