deploy: 1a9b7b7

search.json

@@ -34,7 +34,7 @@
     "href": "src/introduction/overview.html",
     "title": "1  The Rizin Framework",
     "section": "",
-    "text": "Rizin is a free and open-source reverse engineering framework that delivers a comprehensive binary analysis experience. It focuses on usability, stability, and functional features, striving to create a welcoming environment for developers and users.\nAt its core, Rizin consists of a set of small command-line utilities. These utilities can be used in tandem with Rizin or independently, each serving specific purposes. While this chapter provides a brief introduction to these tools, dedicated sections for each tool can be found at the end of this book for more detailed information.\n\n1.0.1 rizin\nThe primary command line tool within the framework is rizin. It encompasses various features such as a disassembler, hexadecimal editor, and debugger. Rizin enables you to treat multiple input/output sources, such as plain text files, executables, kernel drivers, processes, etc., as if they were straightforward text files.\nIt incorporates a sophisticated command line interface for navigating through the accessed resource, analyzing data, disassembling, patching binaries, comparing data, searching, replacing, and visualizing. Furthermore, scripting capabilities are available with a range of languages, including Python, Haskell, OCaml, JavaScript, and others.\n\n\n1.0.2 rz-bin\nThe rz-bin utility serves the purpose of extracting information from executable binaries, encompassing formats like ELF, PE, Java CLASS, Mach-O, and any other format supported by rizin plugins. Within the core functionality, rz-bin plays a crucial role in obtaining data such as exported symbols, imports, file details, cross references, library dependencies, and sections.\n\n1.0.2.1 Examples\n$ rz-bin -I unknown.bin\n[Info]\narch     x86\ncpu      N/A\nbaddr    0x00000000\nbinsz    0x000213b3\nbintype  elf\nbits     64\nclass    ELF64\ncompiler GCC: (GNU) 13.2.1 20230801\ndbg_file N/A\nendian   LE\nhdr.csum N/A\nguid     N/A\nintrp    /lib64/ld-linux-x86-64.so.2\nladdr    0x00000000\nlang     c\nmachine  AMD x86-64 architecture\nmaxopsz  16\nminopsz  1\nos       linux\ncc       N/A\npcalign  0\nrelro    full\nrpath    NONE\nsubsys   linux\nstripped true\ncrypto   false\nhavecode true\nva       true\nsanitiz  false\nstatic   false\nlinenum  false\nlsyms    false\ncanary   true\nPIE      true\nRELROCS  false\nNX       true\n\n\n\n1.0.3 rz-asm\nThe rz-asm tool operates as a command line assembler and disassembler, catering to various architectures such as Intel x86 and x86-64, MIPS, ARM, PowerPC, Java, and numerous others.\n\n1.0.3.1 Examples\n$ rz-asm -a java 'nop'\n00\n$ rz-asm -a x86 -d '90'\nnop\n$ rz-asm -a x86 -b 32 'mov eax, 33'\nb821000000\n$ echo 'push eax;nop;nop' | rz-asm -f -\n509090\n\n\n\n1.0.4 rz-hash\nrz-hash stands as an implementation of a block-based hash tool. It offers support for a range of algorithms, including MD4, MD5, CRC, SHA1, SHA256, and more, accommodating both small text strings and large files. Its utility extends to checking the integrity or monitoring changes in substantial files and memory dumps.\n\n\n1.0.5 Examples\n$ rz-hash file.bin\nfile.bin: 0x00000000-0x00000007 sha256: 887cfbd0d44aaff69f7bdbedebd282ec96191cce9d7fa7336298a18efc3c7a5a\n$ rz-hash -a md5 file.bin\nfile.bin: 0x00000000-0x00000007 md5: d1833805515fc34b46c2b9de553f599d\n\n\n1.0.6 rz-diff\nThe rz-diff utility serves as a binary diffing tool, implementing various algorithms. It facilitates byte-level or delta diffing for binary files and code-analysis diffing to identify alterations in fundamental code blocks derived from the rizin code analysis.\nThis tool optimally leverages multi-threading to enhance performance, particularly on CPU-intensive and time-consuming tasks.\n\n\n1.0.7 rz-find\nrz-find operates as a program designed to locate byte patterns in files. It provides the capability to search for various types of signatures, including strings in different encodings such as ASCII, UTF-8, wide, and more, across multiple encoding types.\n\n\n1.0.8 rz-gg\nrz-gg is a tool designed to compile programs written in a simple high-level language into compact binaries suitable for x86, x86-64, and ARM architectures.\n\n1.0.8.1 Examples\n$ cat hi.r\n/* hello world in r_egg */\nwrite@syscall(4); //x64 write@syscall(1);\nexit@syscall(1); //x64 exit@syscall(60);\n\nmain@global(128) {\n .var0 = \"hi!\\n\";\n write(1,.var0, 4);\n exit(0);\n}\n$ rz-gg -O -F hi.r\n$ ./hi\nhi!\n\n$ cat hi.c\nmain@global(0,6) {\n write(1, \"Hello0\", 6);\n exit(0);\n}\n$ rz-gg hi.c\n$ ./hi.c.bin\nHello\n\n\n\n1.0.9 rz-run\nrz-run functions as a launcher for executing programs within diverse environments, allowing customization of various aspects such as arguments, permissions, directories, and overridden default file descriptors. This utility proves beneficial for activities like solving crackmes, fuzzing, and running test suites.\nThe versatility of rz-run is evident in its capabilities. Here are a few examples illustrating how it can be utilized:\n\n1.0.9.1 Sample rz-run script\n$ cat foo.rrz\n#!/usr/bin/rz-run\nprogram=./pp400\narg0=10\nstdin=foo.txt\nchdir=/tmp\n#chroot=.\n./foo.rrz\n\n\n1.0.9.2 Connecting a program with a socket\n$ nc -l 9999\n$ rz-run program=/bin/ls connect=localhost:9999\n\n\n1.0.9.3 Debugging a program redirecting STDIO into another terminal\n1 - Open a new terminal and type ‘tty’ to get a terminal name:\n$ tty ; clear ; sleep 999999\n/dev/ttyS010\n2 - Create a new file containing the following rz-run profile named foo.rrz:\n#!/usr/bin/rz-run\nprogram=/bin/ls\nstdio=/dev/ttys010\n3 - Launch the following rizin command:\nrizin -r foo.rrz -d /bin/ls\n\n\n\n1.0.10 rz-ax\nrz-ax stands out as a minimalistic mathematical expression evaluator tailored for the shell. Its utility extends to facilitating base conversions between floating-point values, hexadecimal representations, hexpair strings to ASCII, octal to integer, and more. Notably, it supports endianness settings and can serve as an interactive shell when invoked without arguments.\n\n1.0.10.1 Examples\n$ rz-ax 1337\n0x539\n\n$ rz-ax 0x400000\n4194304\n\n$ rz-ax -b 01111001\ny\n\n$ rz-ax -S rizin\n72616461726532\n\n$ rz-ax -s 617765736f6d65\nawesome",
+    "text": "Rizin is a free and open-source reverse engineering framework that delivers a comprehensive binary analysis experience. It focuses on usability, stability, and functional features, striving to create a welcoming environment for developers and users.\nAt its core, Rizin consists of a set of small command-line utilities. These utilities can be used in tandem with Rizin or independently, each serving specific purposes. While this chapter provides a brief introduction to these tools, dedicated sections for each tool can be found at the end of this book for more detailed information.\n\n1.0.1 rizin\nThe primary command line tool within the framework is rizin. It encompasses various features such as a disassembler, hexadecimal editor, and debugger. Rizin enables you to treat multiple input/output sources, such as plain text files, executables, kernel drivers, processes, etc., as if they were straightforward text files.\nIt incorporates a sophisticated command line interface for navigating through the accessed resource, analyzing data, disassembling, patching binaries, comparing data, searching, replacing, and visualizing. Furthermore, scripting capabilities are available with a range of languages, including Python, Haskell, OCaml, JavaScript, and others.\n\n\n1.0.2 rz-bin\nThe rz-bin utility serves the purpose of extracting information from executable binaries, encompassing formats like ELF, PE, Java CLASS, Mach-O, and any other format supported by rizin plugins. Within the core functionality, rz-bin plays a crucial role in obtaining data such as exported symbols, imports, file details, cross references, library dependencies, and sections.\n\n1.0.2.1 Examples\n$ rz-bin -I unknown.bin\n[Info]\narch     x86\ncpu      N/A\nbaddr    0x00000000\nbinsz    0x000213b3\nbintype  elf\nbits     64\nclass    ELF64\ncompiler GCC: (GNU) 13.2.1 20230801\ndbg_file N/A\nendian   LE\nhdr.csum N/A\nguid     N/A\nintrp    /lib64/ld-linux-x86-64.so.2\nladdr    0x00000000\nlang     c\nmachine  AMD x86-64 architecture\nmaxopsz  16\nminopsz  1\nos       linux\ncc       N/A\npcalign  0\nrelro    full\nrpath    NONE\nsubsys   linux\nstripped true\ncrypto   false\nhavecode true\nva       true\nsanitiz  false\nstatic   false\nlinenum  false\nlsyms    false\ncanary   true\nPIE      true\nRELROCS  false\nNX       true\n\n\n\n1.0.3 rz-asm\nThe rz-asm tool operates as a command line assembler and disassembler, catering to various architectures such as Intel x86 and x86-64, MIPS, ARM, PowerPC, Java, and numerous others.\n\n1.0.3.1 Examples\n$ rz-asm -a java 'nop'\n00\n$ rz-asm -a x86 -d '90'\nnop\n$ rz-asm -a x86 -b 32 'mov eax, 33'\nb821000000\n$ echo 'push eax;nop;nop' | rz-asm -f -\n509090\n\n\n\n1.0.4 rz-hash\nrz-hash stands as an implementation of a block-based hash tool. It offers support for a range of algorithms, including MD4, MD5, CRC, SHA1, SHA256, and more, accommodating both small text strings and large files. Its utility extends to checking the integrity or monitoring changes in substantial files and memory dumps.\n\n1.0.4.1 Examples\n$ rz-hash file.bin\nfile.bin: 0x00000000-0x00000007 sha256: 887cfbd0d44aaff69f7bdbedebd282ec96191cce9d7fa7336298a18efc3c7a5a\n$ rz-hash -a md5 file.bin\nfile.bin: 0x00000000-0x00000007 md5: d1833805515fc34b46c2b9de553f599d\n\n\n\n1.0.5 rz-diff\nThe rz-diff utility serves as a binary diffing tool, implementing various algorithms. It facilitates byte-level or delta diffing for binary files and code-analysis diffing to identify alterations in fundamental code blocks derived from the rizin code analysis.\nThis tool optimally leverages multi-threading to enhance performance, particularly on CPU-intensive and time-consuming tasks.\n\n\n1.0.6 rz-find\nrz-find operates as a program designed to locate byte patterns in files. It provides the capability to search for various types of signatures, including strings in different encodings such as ASCII, UTF-8, wide, and more, across multiple encoding types.\n\n\n1.0.7 rz-gg\nrz-gg is a tool designed to compile programs written in a simple high-level language into compact binaries suitable for x86, x86-64, and ARM architectures.\n\n1.0.7.1 Examples\n$ cat hi.r\n/* hello world in r_egg */\nwrite@syscall(4); //x64 write@syscall(1);\nexit@syscall(1); //x64 exit@syscall(60);\n\nmain@global(128) {\n .var0 = \"hi!\\n\";\n write(1,.var0, 4);\n exit(0);\n}\n$ rz-gg -O -F hi.r\n$ ./hi\nhi!\n\n$ cat hi.c\nmain@global(0,6) {\n write(1, \"Hello0\", 6);\n exit(0);\n}\n$ rz-gg hi.c\n$ ./hi.c.bin\nHello\n\n\n\n1.0.8 rz-run\nrz-run functions as a launcher for executing programs within diverse environments, allowing customization of various aspects such as arguments, permissions, directories, and overridden default file descriptors. This utility proves beneficial for activities like solving crackmes, fuzzing, and running test suites.\nThe versatility of rz-run is evident in its capabilities. Here are a few examples illustrating how it can be utilized:\n\n1.0.8.1 Sample rz-run script\n$ cat foo.rrz\n#!/usr/bin/rz-run\nprogram=./pp400\narg0=10\nstdin=foo.txt\nchdir=/tmp\n#chroot=.\n./foo.rrz\n\n\n1.0.8.2 Connecting a program with a socket\n$ nc -l 9999\n$ rz-run program=/bin/ls connect=localhost:9999\n\n\n1.0.8.3 Debugging a program redirecting STDIO into another terminal\n1 - Open a new terminal and type ‘tty’ to get a terminal name:\n$ tty ; clear ; sleep 999999\n/dev/ttyS010\n2 - Create a new file containing the following rz-run profile named foo.rrz:\n#!/usr/bin/rz-run\nprogram=/bin/ls\nstdio=/dev/ttys010\n3 - Launch the following rizin command:\nrizin -r foo.rrz -d /bin/ls\n\n\n\n1.0.9 rz-ax\nrz-ax stands out as a minimalistic mathematical expression evaluator tailored for the shell. Its utility extends to facilitating base conversions between floating-point values, hexadecimal representations, hexpair strings to ASCII, octal to integer, and more. Notably, it supports endianness settings and can serve as an interactive shell when invoked without arguments.\n\n1.0.9.1 Examples\n$ rz-ax 1337\n0x539\n\n$ rz-ax 0x400000\n4194304\n\n$ rz-ax -b 01111001\ny\n\n$ rz-ax -S rizin\n72616461726532\n\n$ rz-ax -s 617765736f6d65\nawesome",
     "crumbs": [
       "Introduction",
       "<span class='chapter-number'>1</span>  <span class='chapter-title'>The Rizin Framework</span>"