I have uploaded the version of radare into the mercurial repository for the next-month release.
Yesterday I uploaded a new build of radare with mingw32 and it's already uploaded in: http://radare.nopcode.org/get/w32 I got some segmentation faults using wine, so I must think that the w32 port is not very stable, so I encourage you to test it and report patches to make the 0.9.8 stable for w32. Few years ago I tested boomerang[1] a decompilation program to translate binary files into compilable C. The result is not as good as hexrays, but they have done a very good job because decompilation is not an easy task. So, after playing a bit with the latest CVS version and aplying some null-pointer related bugs in the source I was able to use it enought stable to decompile without segfaults most of the functions while debugging random programs. I wrote a stupid rsc script called "rsc boomerang" to be able to call it from the radare shell. There's a demonstration of its usage in the forum. I will be happy to hear your feedback :) http://radare.nopcode.org/forum/viewtopic.php?pid=9 [1] http://boomerang.sf.net So, for the browser-less people here's the copypasta version: $ radare -e dbg.bep=main -d /bin/ls argv = '/bin/ls', ] entry at: 0x8049a80 cont: breakpoint stop (0x8049a80) main at: 0x804e880 cont: breakpoint stop (0x804e880) Program '/bin/ls' loaded. Warning: sysctl -w kernel.randomize_va_space=0 open debugger ro /bin/ls 96 symbols added. [0x0804E884]> s 0x8059ED0 [0x08059ED0]> pD 60 0x08059ED0, 55 push ebp 0x08059ED1 31c0 eax ^= eax 0x08059ED3 89e5 ebp = esp 0x08059ED5 53 push ebx 0x08059ED6 e8efffffff ^ call 0x8059ECA ; [1] 0x08059EDB 81c329420000 ebx += 0x4229 0x08059EE1 83ec0c esp -= 0xc ; 12 ' ' ; eax+0xb 0x08059EE4, 8b93fcffffff edx = [ebx-0x4] 0x08059EEA 85d2 test edx, edx .==< 0x08059EEC, 7402 v jz 0x8059EF0 ; [2] | 0x08059EEE 8b02 eax = [edx] `--> 0x08059EF0, 89442408 [esp+0x8] = eax 0x08059EF4, 8b4508 eax = [ebp+0x8] 0x08059EF7 c7442404000000. dword [esp+0x4] = 0x0 0x08059EFF 890424 [esp] = eax 0x08059F02 e819f6feff ^ call 0x8049520 ; sym___cxa_atexit [3] 0x08059F07 83c40c esp += 0xc ; 12 ' ' ; eax+0xb 0x08059F0A 5b pop ebx 0x08059F0B 5d pop ebp 0x08059F0C, c3 ret ;-- [0x08059ED0]> !rsc boomerang $FILE $XOFFSET decompiling entry point proc1 void proc2(); // address: 0x8059ed0 void proc1() { __size32 eax; // r24 __size32 ebp; // r29 __size32 ebx; // r27 __size32 edx; // r26 int esp; // r28 unsigned int local0; // m[esp - 12] __size32 local1; // m[esp - 8] __size32 local2; // m[esp - 4] eax = proc2(pc, ebx, ebp, 0, ebx, esp - 4, LOGICALFLAGS32(0), LOGICALFLAGS32(0), LOGICALFLAGS32(0)); /* Warning: also results in ebx, esp, ebp */ edx = *(ebx + 0x4225); if (edx != 0) { eax = *edx; } local2 = eax; eax = *(ebp + 8); local1 = 0; local0 = eax; __cxa_atexit(); return; } The rsc script looks like: $ cat /usr/libexec/radare/boomerang #!/bin/sh # # Usage: !rsc boomerang $FILE $XOFFSET # # author: pancake <@youterm.com> # FILE=$1 XOFFSET=$2 VERBOSE=$4 if [ -z "$XOFFSET" ]; then echo "Usage: rsc boomerang [file] [offset]" exit 1 fi DIR=.boomerang-output mkdir -p ${DIR} rm -rf ${DIR}/* if [ -n "${VERBOSE}" ]; then boomerang -o ${DIR} -E $XOFFSET $FILE less -r ${DIR}/*/*.c else boomerang -o ${DIR} -E $XOFFSET $FILE 2>&1 > /dev/null cat ${DIR}/*/*.c fi rm -rf ${DIR} --pancake _______________________________________________ radare mailing list [email protected] http://lists.nopcode.org/listinfo.cgi/radare-nopcode.org
