table of contents
other versions
- wheezy 0.9-3
- jessie 0.9.6-3.1+deb8u1
- testing 1.1.0+dfsg-5
- unstable 1.1.0+dfsg-5
- experimental 1.5.0+dfsg-1
| RAGG2(1) | General Commands Manual | RAGG2(1) |
NAME¶
ragg2 — radare2 utility to run programs in exotic environmentsSYNOPSIS¶
| ragg2 | [-a arch] [-b bits] [-k kernel] [-f format] [-o file] [-i shellcode] [-I path] [-e encoder] [-B hexpairs] [-c k=v] [-C file] [-d off:dword] [-D off:qword] [-w off:hexpair] [-p padding] [-FOLsrxvh] |
DESCRIPTION¶
ragg2 is a frontend for r_egg, compile programs into tiny binaries for x86-32/64 and arm. This tool is experimental and it is a rewrite of the old rarc2 and rarc2-tool programs as a library and integrated with r_asm and r_bin. Programs generated by r_egg are relocatable and can be injected in a running process or on-disk binary file. ragg2-cc is another tool that comes with r2 and it is used to generate shellcodes from C code. The final code can be linked with rabin2 and it is relocatable, so it can be used to inject it on any remote process. ragg2-cc is conceptually based on shellforge4, but only linux/osx x86-32/64 platforms are supported.DIRECTIVES¶
The rr2 (ragg2) configuration file accepts the following directives, described as key=value entries and comments defined as lines starting with '#'.- -a arch
- set architecture x86, arm
- -b bits
- 32 or 64
- -k kernel
- windows, linux or osx
- -f format
- select binary format (pe, elf, mach0)
- -o file
- output file to write result of compilation
- -i shellcode
- specify shellcode name to be used (see -L)
- -e encoder
- specify encoder name to be used (see -L)
- -B hexpair
- specify shellcode as hexpairs
- -c k=v
- set configure option for the shellcode encoder. The argument must be key=value.
- -C file
- include contents of file
- -d off:dword
- Patch final buffer with given dword at specified offset
- -D off:qword
- Patch final buffer with given qword at specified offset
- -w off:hexpairs
- Patch final buffer with given hexpairs at specified offset
- -p padding
- Specify generic paddings with a format string.
- -F
- autodetect native file format (osx=mach0, linux=elf, ..)
- -O
- use default output file (filename without extension or a.out)
- -I path
- add include path
- -s
- show assembler code
- -x
- execute (just-in-time)
EXAMPLE¶
$ cat hi.r
/* hello world in r_egg */
write@syscall(4);
exit@syscall(1);
main@global(128) {
.var0 = "hi!0;
write(1,.var0, 4);
exit(0);
}
$ ragg2 -O -F hi.r
$ ./hi
hi!
$ cat hi.c
main() {
write(1, "Hello0, 6);
exit(0);
}
$ ragg2 hi.c
$ ./hi.c.bin
Hello
SEE ALSO¶
radare2(1), rahash2(1), rafind2(1), rabin2(1), rafind2(1), ranal2(1), radiff2(1), rasm2(1),AUTHORS¶
pancake <pancake@nopcode.org>| October 11, 2011 | Debian |