7. Log out of your Windows session.

   8. Open up a new Windows Command Prompt: type cmd in the search bar. Ensure that the current path is not in the Radare2 folder.

   9. Check Radare2 version from Command Prompt Window: radare2 -v

Radare2 can be cross-compiled for other architectures/systems as well, like Android.

   • Python 3

   • Meson

   • Ninja

   • Git

   • Android NDK

Download the Android NDK from the official site and extract it somewhere on your system (e.g. /tmp/android-ndk)

$ echo NDK=/tmp/android-ndk > ~/.r2androidrc

./sys/android-build.sh arm64-static

You can build for different architectures by changing the argument to ./sys/android-build.sh. Run the script without any argument to see the accepted values.

Meson needs a configuration file that describes the cross compilation environment (e.g. meson-android.ini). You can adjust it as necessary, but something like the following should be a good starting point:

[binaries]

c = '/tmp/android-ndk/toolchains/llvm/prebuilt/linux-x86_64/bin/aarch64-linux-android28-clang'

cpp = '/tmp/android-ndk/toolchains/llvm/prebuilt/linux-x86_64/bin/aarch64-linux-android28-clang++'

ar = '/tmp/android-ndk/toolchains/llvm/prebuilt/linux-x86_64/bin/aarch64-linux-android-ar'

as = '/tmp/android-ndk/toolchains/llvm/prebuilt/linux-x86_64/bin/aarch64-linux-android-as'

ranlib = '/tmp/android-ndk/toolchains/llvm/prebuilt/linux-x86_64/bin/aarch64-linux-android-ranlib'

ld = '/tmp/android-ndk/toolchains/llvm/prebuilt/linux-x86_64/bin/aarch64-linux-android-ld'

strip = '/tmp/android-ndk/toolchains/llvm/prebuilt/linux-x86_64/bin/aarch64-linux-android-strip'

pkgconfig = 'false'

[properties]

sys_root = '/tmp/android-ndk/sysroot'

[host_machine]

system = 'android'

cpu_family = 'arm'

cpu = 'aarch64'

endian = 'little'

Now setup the build directory with meson as usuaclass="underline"

$

CFLAGS="-static" LDFLAGS="-static" meson --default-library static

--prefix=/tmp/android-dir -Dblob=true build --cross-file

./meson-android.ini

A bit of explanation about all the options:

   • CFLAGS="-static", LDFLAGS="-static", --default-library static: this ensure that libraries and binaries are statically compiled, so you do not need to properly set LD_* environment variables in your Android environment to make it find the right libraries. Binaries have everything they need inside.

   • -Dblob=true: it tells meson to compile just one binary with all the needed code for running radare2, rabin2, rasm2, etc. and creates symbolic links to those names. This avoids creating many statically compiled large binaries and just create one that provides all features. You will still have rabin2, rasm2, rax2, etc. but they are just symlinks to radare2.

   • --cross-file ./meson-android.ini: it describes how to compile radare2 for Android

Then compile and install the project:

$ ninja -C build

$ ninja -C build install

At this point you can copy the generated files in /tmp/android-dir to your Android device and running radare2 from it. For example:

$ cd /tmp && tar -cvf radare2-android.tar.gz android-dir

$ adb push radare2-android.tar.gz /data/local/tmp

$ adb shell

DEVICE:/ $ cd /data/local/tmp

DEVICE:/data/local/tmp $ tar xvf radare2-android.tar.gz

DEVICE:/data/local/tmp $ ./android-dir/bin/radare2

Usage: r2 [-ACdfLMnNqStuvwzX] [-P patch] [-p prj] [-a arch] [-b bits] [-i file]

[-s addr] [-B baddr] [-m maddr] [-c cmd] [-e k=v] file|pid|-|--|=

Radare2 has seen many different user interfaces being developed over the years.

Maintaining a GUI is far from the scope of developing the core machinery of a reverse engineering toolkit: it is preferred to have a separate project and community, allowing both projects to collaborate and to improve together - rather than forcing cli developers to think in gui problems and having to jump back and forth between the graphic aspect and the low level logic of the implementations.

In the past, there have been at least 5 different native user interfaces (ragui, r2gui, gradare, r2net, bokken) but none of them got enough maintenance power to take off and they all died.

In addition, r2 has an embedded webserver and ships some basic user interfaces written in html/js. You can start them like this:

$ r2 -c=H /bin/ls

After 3 years of private development, Hugo Teso; the author of Bokken (python-gtk gui of r2) released to the public another frontend of r2, this time written in c++ and qt, which has been very welcomed by the community.

This GUI was named Iaito, but as long as he prefered not to keep maintaining it, Xarkes decided to fork it under the name of Cutter (name voted by the community), and lead the project. This is how it looks:

   • https://github.com/radareorg/cutter.

The learning curve is usually somewhat steep at the beginning. Although after an hour of using it you should easily understand how most things work, and how to combine the various tools radare offers. You are encouraged to read the rest of this book to understand how some non-trivial things work, and to ultimately improve your skills.

Navigation, inspection and modification of a loaded binary file is performed using three simple actions: seek (to position), print (buffer), and alternate (write, append).

The 'seek' command is abbreviated as s and accepts an expression as its argument. The expression can be something like 10, +0x25, or [0x100+ptr_table]. If you are working with block-based files, you may prefer to set the block size to a required value with b command, and seek forward or backwards with positions aligned to it. Use s++ and s-- commands to navigate this way.