daily pastebin goal
53%
SHARE
TWEET

Untitled

a guest Sep 6th, 2017 708 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. r2 unpacking cheatsheet
  2. =======================
  3.  
  4. Follow Execution Flow
  5. ---------------------
  6.  
  7. r2 -d <file_path>: opens file in r2 for debugging
  8. dc: continues execution
  9. ds: single step
  10. dcr: continues until stack frame return
  11. dr <register>: shows the value of specified register
  12.  
  13. Breakpoints
  14. -----------
  15.  
  16. db <address>: sets software breakpoint on specified address
  17. dbc <address> <r2_cmd>: assigns r2 command to be executed when bp on address is triggered
  18. drx <number> <address> <len> <rwx>: sets hardware breakpoint on specified address range (by address and len) when accessed for read, write or execute
  19. db- <address>: removes software breakpoint on specified address
  20. drx- <number>: removes hardware breakpoint on specified address
  21.  
  22. Memory Maps
  23. -----------
  24.  
  25. dm: lists memory map of target process
  26. dmi <address | libname>: lists loaded DLL symbols
  27.  
  28. Memory Dumping
  29. --------------
  30.  
  31. wtf <filename> <size> @<starting_address>: saves memory region to file
  32. dmd <filename> @<address>: dumps memory map at given address to a file
  33.  
  34. Misc
  35. ----
  36.  
  37. /A <opcode>: searches for specified opcode on current section
  38. pf p4 @<address>: retrieves 4 bytes of content from pointer at given address
  39. *<address>: equivalent to pf p4 @ <address>
  40. “e cmd.vprompt=px@esp”: In visual mode, it shows the stack on top of the view
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top