I have got an idea that could make radare become nicer for patching assembly.
The idea is: - You open a binary or starts debugging a program $ radare /bin/ls or $ radare dbg:///bin/ls - Enters en visual mode (command 'V') - Walk to the place you want to patch in disassembly print mode (pd) - Press 'e' (to edit the current code block). .. then radare with launch an rsc script to dump the contents of this block giving information of the context (previous and following bytes) and the size of the block you're going to modify. - When you save and close the vim session. the rsc script will launch some radare commands to make this change happen. This model is so flexible, you can make a raw c&p of assembly from anywhere and write some prefix header context to make radare know where to write this. The way to make radare find the place to write this code is by searching for a context pattern. Something like (prefix)(~N bytes)(sufix). So, you will be able to apply a single binary patch on different versions of the same binary. Useful for progressive or version patching. This piece of code will need some work, so I dont predict to have it done soon(R), but it will go. --pancake _______________________________________________ radare mailing list [email protected] https://lists.nopcode.org/mailman/listinfo/radare
