r2m2
By: Guillaume "guedou" Valadon
Scheduled on: January 28 at 14:00
Reversing a binary using a rare CPU architecture requires to write a lot of code, such as disassembler, assembler, or block splitting logic. Once implemented, there is still a need for a graphical interface dedicated to reverse. Sooner or later, more needs might also arise: symbolic execution, emulation, jit, debugging, …
miasm2 is a powerful reverse engineering framework written in Python. It greatly simplifies the definition of new CPU architectures, and allows to assemble, disassemble and jit code.
This talk will present r2m2, a radare2 plugin that aims at easing reversing new architectures by leveraging radare2 and miasm2 features. Its goal is to be as architecture independent as possible. r2m2 bridges the radare2 and miasm2 communities: radare2 being the graphical interface of miasm2, and miasm2 simplifying the implementation of new architectures. Currently, r2m2 is able to assemble, disassemble, split blocs, using miasm2, and convert internal miasm2 expressions to radare2 ESIL.
This talk describes how to write r2 plugins. More specifically, it will explain how to call miasm2 from radare2, and will also provide useful miasm2 hints such as implementing as new architecture.
r2m2 is available at https://github.com/guedou/r2m2/ For convenience, a Docker image can be pulled from https://hub.docker.com/r/guedou/r2m2/