This is what I had done and worked on :
bianchi@ubuntu:~/Documents/Coreboot Column$ r2 i946gz_Edited.bin
[f000:fff0]> s f000:0
[f000:0000]> pD 0xffff
Do you want to print 4401484 chars? (y/N)
; [0] va=0x000f0000 pa=0x00070000 sz=65536 vsz=65536 rwx=-rwx
bootblk
;-- section.bootblk:
,=< f000:0000 ead41100f0 jmp word 0xf000:0x11d4
| f000:0005 0000 add [bx+si], al
| f000:0007 0000 add [bx+si], al
| f000:0009 0000 add [bx+si], al
| f000:000b 0000 add [bx+si], al
| f000:000d 0000 add [bx+si], al
| f000:000f 00e8 add al, ch
| f000:0011 0c01 or al, 0x1
,==< f000:0013 745e jz 0xf0073
and so on until the bottom 4401481 chars...
On 9/11/2016 2:32 AM, Zoran Stojsavljevic wrote:
Hello to all radare2 experienced people,
From my VM Fedora 25 x86_64 on the top of VMWorkstation 12.5.1, on
WIN10 64 Pro!
Here is my take on radare2... And I am not getting through. Transcript
follows:
[zoran@localhost bios]$ radare2 -e asm.bits=16 -e io.va
<http://io.va>=true BIOS_AMI_BIOS.bin
-- attempt to dissasemble Core IVB AMI BIOS
[0000:0000]> S $s-0x10000 0xF000:0x0000 0x10000 0x10000 bootblk rwx
[0000:0000]> e asm.segoff=true
[0000:0000]> e asm.syntax = intel
[0000:0000]> s 0xf000:0xfff0
[f000:fff0]> pd 16
f000:fff0 ff invalid
f000:fff1 ff invalid
f000:fff2 ff invalid
f000:fff3 ff invalid
f000:fff4 ff invalid
f000:fff5 ff invalid
f000:fff6 ff invalid
f000:fff7 ff invalid
f000:fff8 ff invalid
f000:fff9 ff invalid
f000:fffa ff invalid
f000:fffb ff invalid
f000:fffc ff invalid
f000:fffd ff invalid
f000:fffe ff invalid
f000:ffff ff00 inc word [bx + si]
[f000:fff0]>
Help needed/comments appreciated. What am I doing wrong?
Thank you,
Zoran
On Mon, Nov 7, 2016 at 2:08 AM, Riko Ho <antonius.r...@gmail.com
<mailto:antonius.r...@gmail.com>> wrote:
Hi Zoran,
I reckon that's the right radare, find *.bin or *.rom or *.hex and run
[zoran@localhost ~]$ radare2 *.bin
and s command and pD command....for example :
[f000:fff0]> s f000:0
[f000:0000]> pD 0xffff
more info :
https://radare.gitbooks.io/radare2book/content/disassembling/intro.html
<https://radare.gitbooks.io/radare2book/content/disassembling/intro.html>
On 7/11/2016 5:41 AM, Zoran Stojsavljevic wrote:
Hello Riko,
I recently also became very interested to start using radare2
(Raphael Machado's dissasembly attempts got involved me, to set
the tool). Since I am very lazy person, the first was to ask my
Fedora 25 distro does the distro have package radare2?
Yes, it does have it, so I have installed it. And for you, here
is the transcript of my CLI for you.
CLI traces (radare --help) are worth 1000nd words, don't you
agree? ;-)
Best Regards,
Zoran
_______
[zoran@localhost ~]$ uname -r
4.8.6-300.fc25.x86_64
[zoran@localhost ~]$ which radare2
/usr/bin/radare2
*/_[zoran@localhost ~]$ radare2 --help_/*
radare2: invalid option -- '-'
r_config_get: variable 'lp' not found
-- open radare2 on an empty file
- equivalent of 'r2 malloc://512'
= read file from stdin (use -i and -c to run cmds)
-= perform !=! command to run all commands remotely
-0 print \x00 after init and every command
-a [arch] set asm.arch
-A run 'aaa' command to analyze all referenced code
-b [bits] set asm.bits
-B [baddr] set base address for PIE binaries
-c 'cmd..' execute radare command
-C file is host:port (alias for -c+=http://%s/cmd/)
-d debug the executable 'file' or running process 'pid'
-D [backend] enable debug mode (e cfg.debug=true)
-e k=v evaluate config var
-f block size = file size
-F [binplug] force to use that rbin plugin
-h, -hh show help message, -hh for long
-i [file] run script file
-I [file] run script file before the file is opened
-k [k=v] perform sdb query into core->sdb
-l [lib] load plugin file
-L list supported IO plugins
-m [addr] map file at given address (loadaddr)
-M do not demangle symbol names
-n, -nn do not load RBin info (-nn only load bin structures)
-N do not load user settings and scripts
-o [OS/kern] set asm.os (linux, macos, w32, netbsd, ...)
-q quiet mode (no prompt) and quit after -i
-p [prj] use project, list if no arg, load if no file
-P [file] apply rapatch file and quit
-R [rarun2] specify rarun2 profile to load (same as -e
dbg.profile=X)
-s [addr] initial seek
-S start r2 in sandbox mode
-t load rabin2 info in thread
-u set bin.filter=false to get raw sym/sec/cls names
-v, -V show radare2 version (-V show lib versions)
-w open file in write mode
-z, -zz do not load strings or load them even in raw
Scripts:
system /usr/share/radare2/radare2rc
user ~/.radare2rc ${RHOMEDIR}/radare2/radare2rc (and
radare2rc.d/)
file ${filename}.r2
Plugins:
plugins /usr/lib/radare2/last
user ~/.config/radare2/plugins
LIBR_PLUGINS /usr/lib/radare2/0.10.6-git
Environment:
RHOMEDIR /home/zoran/.config/radare2
RCFILE ~/.radare2rc (user preferences, batch script)
MAGICPATH /usr/lib64/radare2/0.10.6-git/magic
R_DEBUG if defined, show error messages and crash signal
VAPIDIR path to extra vapi directory
R2_NOPLUGINS do not load r2 shared plugins
Paths:
PREFIX /usr
INCDIR /usr/include/libr
LIBDIR /usr/lib64
LIBEXT so
[zoran@localhost ~]$
On Sat, Nov 5, 2016 at 3:55 AM, Riko Ho <antonius.r...@gmail.com
<mailto:antonius.r...@gmail.com>> wrote:
Hi Rafael, For example I want to see the asm code for the
whole 512Kbytes....is that possible ? How ? Thanks
On 5/11/2016 3:36 AM, Rafael Machado wrote:
Hi
You can use the pd command.
p = Print
d = disassemby
You can also add the number of instruction you whant to see.
For example:
pd 10
Thanks
Rafael Machado
Em qua, 2 de nov de 2016 às 04:01, Riko Ho
<antonius.r...@gmail.com <mailto:antonius.r...@gmail.com>>
escreveu:
Everyone, Idwer, I have radare question : I played until
this point : c:>radare2 -e asm.bits=16 -e io.va
<http://io.va>=true i946gz.bin -- radare2 is WYSIWYF -
what you see is what you fix [f000:fff0]> S $s-0x10000
0xF000:0x0000 0x10000 0x10000 bootblk rwx [f000:fff0]> e
asm.segoff=true [f000:fff0]> s 0xf000:0xffff0
[f000:ffff]> How can I see the assembler code from there
? It's started from FFFF0....I'm sure the last byte
instruction is jump to 0x00000 Cheers -- coreboot
mailing list: coreboot@coreboot.org
<mailto:coreboot@coreboot.org>
https://www.coreboot.org/mailman/listinfo/coreboot
<https://www.coreboot.org/mailman/listinfo/coreboot>
-- */*===*/ Kind regards, Riko Ho /*===*/ *
-- coreboot mailing list: coreboot@coreboot.org
<mailto:coreboot@coreboot.org>
https://www.coreboot.org/mailman/listinfo/coreboot
<https://www.coreboot.org/mailman/listinfo/coreboot>
-- */*===*/ Kind regards, Riko Ho /*===*/ *
-- */*===*/ Kind regards, Riko Ho /*===*/ *
--
coreboot mailing list: coreboot@coreboot.org
https://www.coreboot.org/mailman/listinfo/coreboot
