It seems that our rejection from the GSoC is becoming a tradition: along with Mozilla, Tor, The Linux Foundation, and OWASP, we weren't accepted. But fear not, like last year, we're going to do our very own Radare Summer of Code: welcome to the RSoC'15!
Last year was our first time. Some things went wrong, others went well; but at the end r2 gained both shiny features and happy new contributorsa and those are the only things that really matter. This year, we'll try to improve our weak points, to make it ever more awesome for students, mentors, and users!
Of course, if would have been great to be accepted by Google. Their program has more visibility, more money, and a larger student pool.
However, this situation also has advantages: we accept everyone, not only students, we don't have country-based restrictions, and we don't have strict deadlines: if you want to work a bit less, or a bit more, this is not an issue; we're flexible on everything.
So, stay tuned, you'll hear about our RSoC soon, we promise!
We have applied to be a mentoring organization for this year’s Google Summer of Code.
We recognize that GSoC is always a fierce competition, but we are, as ever, hopeful that we will join many other fine organizations in a great summer of hacking. If you are a student interested in applying, please head over to our ideas page and begin thinking about what you might like to hack on. Furthermore, we have several low-hanging fruits if you want to play a bit with the codebase.
We already applied last year, but were rejected; maybe we'll make it this year. And if we don't, we'll do a RSoC again!
The graph feature of IDA, ImmunityDBG or Hopper are great to have a quick overview of what you're dealing with. This is why we have graphs too in radare2, but since we're terminal-lovers, ours are
cooler in ASCII!
After analyzing a function with
af or any other method, type
VV to get:
We've got call graphs, which are way more understandable than simply listing the XREF adresses. To see it, simply press
V when you're in graph mode.
Unfortunately, the classic 80x24 terminal size is not that convenient when it comes to having an overview of a big function. This is why we also have
VVn, to show a mini-graph.
On the left, you can see the code of the current node (The one with
@@ on it. You can switch nodes with
t branche stands for true and
f for false.
Every graph is interactive: you can move their nodes around, walk them (
u), show bytes/flags (
O), debug within them (
Z), jump around xrefs (
To scroll the RConsCanvas use the
asdw keys. The
hjkl ones are used for moving the nodes around. Also bear in mind that ASDW and HJKL will do the same as the lowercase ones, but faster!
And of course, it's documented, with
If you think that we're missing your favourite type of graph, feel free to come rant about this on irc ;)
There's also three different graphs implementations in the WebUI, which works fine with touchscreens, but its still not perfect, you can check the default one by pressing
space in the disasm view of
r2 -c=H /bin/ls
Ho, and speaking of graph, tracing information from the debugger or the esil emulation is now displayed in the web interface!
Future plans for graphs are:
- Better layout (no more overlapping nodes)
- Support Colors
- Support UTF-8
- Group nodes
- Add comments in nodes
- Save/Restore graph states (wip in the webui)
- Print graph to file
- Generic API and commandline tool to create graphs like
- Better WebUI graphs
If you want to do any of those things feel free to checkout the code