improvements and minor fixes

r2cheatsheet.tex

@@ -49,15 +49,15 @@ \subsection*{Binary information}
 \subsection*{Patching}
 \cmd{wx}{write hexpairs (\ttc{wv} for endian values)}
 \cmd{wa}{write assembly}
-\cmd{wo}{write in block} %FIXME??
+\cmd{wo}{write operation in current block}
 \cmd{wtf}{write to file (use \ttc{wtff} for \ttc{@@})}
 
-\subsection*{Search} %TODO: review?
-\cmd{/ lib}{find `lib' string}
-\cmd{/x 9090}{hexpairs}
-\cmd{/ad ret}{instructions with {\em ret}}
+\subsection*{Search}
+\cmd{/ str}{find string}
+\cmd{/x hexpairs}{find hexpairs}
+\cmd{/ad inst}{find instructions}
 \cmd{/m}{search for known magic headers}
-\cmd{w lob @@/ lib}{write lob on every lib}
+\cmd{w str0 @@/ str1}{write str0 on every str1}
 
 \subsection*{Analysis and xrefs}
 \cmd{af}{analyze function}
@@ -91,7 +91,7 @@ \subsubsection*{({\tt r2 -d bin})}
 \subsection*{Visual mode}
 \vspace{-8px}
 \subsubsection*{({\tt V} for visual, {\tt v} for panels, {\tt !} to toggle)}
-\cmd{pP}{rotate modes ($<$tab$>$ for submodes)}
+\cmd{pP}{rotate modes ({\scriptsize$<$}tab{\scriptsize$>$} for submodes)}
 \cmd{s/S}{perform step/step over}
 \cmd{b}{browse (flags, config, classes, symbols, ...)}
 \cmd{.}{seek to entrypoint}

r2frida_cheatsheet.tex

@@ -20,7 +20,7 @@ \subsection*{Launching}
 \ttc{r2 frida://action/link/device/target}
 \end{center}
 where:
-\begin{itemize}[itemsep=0pt,topsep=5pt]
+\begin{itemize}[itemsep=0pt, topsep=5pt, leftmargin=*]
 	\itemcmd{action}{list $\vert$ apps $\vert$ attach $\vert$ spawn $\vert$ launch}
 	\itemcmd{link}{local $\vert$ usb $\vert$ remote}
 	\itemcmd{device}{{\tt \textquotesingle \textquotesingle} $\vert$ host:port $\vert$ device-id}
@@ -30,7 +30,7 @@ \subsection*{Launching}
 \subsection*{Target Addresses}
 \noindent
 Commands accepting an {\tt[addr]} follow this pattern:
-\begin{itemize}[itemsep=0pt,topsep=5pt]
+\begin{itemize}[itemsep=0pt, topsep=5pt, leftmargin=*]
 	\itemcmd{0xabcd}{absolute address in hexadecimal}
 	\itemcmd{symname}{symbol name from module exports}
 	\itemcmd{objc:class}{Objective C}
@@ -40,7 +40,7 @@ \subsection*{Target Addresses}
 \subsection*{Trace Format}
 \noindent
 The \ttc{:dtf} command create trace hooks from a simple format-string. See \ttc{:dtf?}
-\begin{itemize}[itemsep=0pt,topsep=5pt]
+\begin{itemize}[itemsep=0pt, topsep=5pt, leftmargin=*]
 	\itemcmd{\^{}}{trace onEnter instead of onExit}
 	\itemcmd{\%{}}{also trace the return value (onLeave)}
 	\itemcmd{+}{show backtrace when trace is hit}
@@ -50,7 +50,7 @@ \subsection*{Trace Format}
 	\itemcmd{x}{hexadecimal value (i=decimal)}
 	\itemcmd{h}{hexdump from pointer (H for ptr+length)}
 \end{itemize}
-\columnbreak
+%\columnbreak
 
 \subsection*{Configuration}
 \cmd{:e}{get and edit r2frida options}
@@ -67,8 +67,8 @@ \subsection*{Basic Commands}
 \cmd{:ih}{parse binary headers of the current module}
 \cmd{:ii[*]}{list imports}
 \cmd{:il}{list libraries}
-\cmd{:is[*] lib}{list local and global symbols of {\em lib}}
-\cmd{:isa[*] [lib] sym}{show address of {\em sym}}
+\cmd{:is[*] lib}{list local and global symbols of lib}
+\cmd{:isa[*] [lib] sym}{show address of sym}
 \cmd{:ie}{show entrypoint}
 \cmd{:iE[*] lib}{same as \ttc{is}, for exported globals}
 \cmd{:ic class}{list Objective-C classes or methods}
@@ -78,17 +78,15 @@ \subsection*{Basic Commands}
 \cmd{:fd[*j] addr}{inverse symbol resolution}
 
 \subsection*{Tracing}
-\begin{flushright}
-\cmd{:dtr addr regs}{trace given registers at {\em addr}}
-\cmd{:dtf addr [fmt]}{trace address with format \ttc{\^{}ixz0} (see \ttc{dtf?})}
+\cmd{:dtr addr regs}{trace given registers at addr}
+\cmd{:dtf addr [fmt]}{trace with format} 
 \cmd{:dt (addr|sym)}{trace addresses or symbols}
 \cmd{:dtl[-*] [msg]}{debug trace log, useful to \ttc{.\textbackslash T*}}
 \cmd{:dt.}{trace at current offset}
 \cmd{:dm[.|j|*]}{show memory regions}
 \cmd{:dmm[.|j|*]}{show memory range (grouped maps)}
 \cmd{:dt-[*]}{clear all tracing}
-\end{flushright}
-\columnbreak
+%\columnbreak
 
 \subsection*{Debugging}
 \cmd{:db (addr|sym)}{list or place breakpoint}
@@ -101,24 +99,24 @@ \subsection*{Debugging}
 \cmd{:dr}{show register values}
 
 \subsection*{Injecting}
-\begin{flushright}
 \cmd{:dxc [target] [args]}{call target symbol with args}
 \cmd{:dxo [sym] [args]}{call an ObjC function with args}
+%TODO: this command should be fixed in the future when related changes applied
 \cmd{:di[0,1,-1] [addr]}{replace function to return value}
 \cmd{:dii [addr] [num]}{replace function to return num}
-\cmd{:dis [addr]}{replace to return a string}
+\cmd{:dis [addr] [str]}{replace to return a string}
 \cmd{:div}{replace with another function returning null}
 \cmd{:dif[0,1,-1] [addr]}{replace the return value}
 \cmd{:difi [addr] [num]}{replace return number}
-\cmd{:difs}{replace return with given string}
-\cmd{:dir}{revert a trace at the given function} % XXX: dir <fun>?
+\cmd{:difs [addr] [str]}{replace return with given string}
+%TODO: this command should be fixed in the future when related changes applied
+\cmd{:dir function}{revert to previous implementation}
 \cmd{:dd}{list file descriptors}
 \cmd{:dl lib}{{\tt dlopen} the given library}
 \cmd{:dlf [path]}{load a framework (ObjC only)}
 \cmd{:dl2 lib [main]}{inject a library}
 \cmd{:. \hspace{-5pt}script.js}{run script}
 \cmd{:eval code.js}{evaluate script in the agent}
-\end{flushright}
 
 \subsection*{Searching}
 \cmd{:/[x][j] pattern}{find hex/str in \ttc{search.in=?}}

r2style.sty

@@ -19,7 +19,7 @@
 \newcommand{\cmd}[2]{{\color{MidnightBlue}{\tt #1}}{\color{lightgray}~\dotfill{}~}#2\\}
 \newcommand{\itemcmd}[2]{\item[--]{\color{MidnightBlue}{\tt #1}}{\color{lightgray}~\dotfill{}~}#2}
 \DeclareTextFontCommand{\ttc}{\color{MidnightBlue}\ttfamily}
-\setlength{\columnsep}{25pt}
+\setlength{\columnsep}{20pt}
 
 \makeatletter
     \edef\gitepoch{\@@input|"echo [$(git log -n1 --format=\@percentchar ct \jobname.tex)]"}