Objdump can figure out when the binary is calling GLIBC functions, like printf:
Objdump可以判断二进制文件何时调用GLIBC函数,如printf:
$ objdump -d crackme03.64 -Mintel | grep printf
5c8: ff 25 12 0a 20 00 jmp QWORD PTR [rip+0x200a12] #200fe0 <__printf_chk@GLIBC_2.3.4>
However, looking at the same address, Radare is much less helpful:
然而,看着相同的地址,Radare的帮助却小得多:
[0x000005c8]> pd 2
/ (fcn) sub.__cxa_finalize_224_5c8 8
| sub.__cxa_finalize_224_5c8 ();
| ; CALL XREF from 0x000007bc (sym.main)
| ; CALL XREF from 0x00000809 (sym.main)
| 0x000005c8 ff25120a2000 jmp qword [reloc.__cxa_finalize_224] ; [0x200fe0:8]=0 LEA reloc.__cxa_finalize_224 ; reloc.__cxa_finalize_224
\ 0x000005ce 6690 nop
Is there a way to ask Radare to figure out what these functions correspond to?
有没有办法让Radare弄清楚这些功能对应的是什么?
1 个解决方案
#1
3
It should work if you're using the newest version from git.
如果你使用的是git的最新版本,它应该可以工作。
Radare2’s development is pretty quick – the project evolves every day, therefore it’s recommended to use the current git version. Update your version and it should solve your problem:
Radare2的开发非常迅速 - 该项目每天都在发展,因此建议使用当前的git版本。更新您的版本,它应该解决您的问题:
$ git clone https://github.com/radare/radare2.git
$ cd radare2
$ ./sys/install.sh
#1
3
It should work if you're using the newest version from git.
如果你使用的是git的最新版本,它应该可以工作。
Radare2’s development is pretty quick – the project evolves every day, therefore it’s recommended to use the current git version. Update your version and it should solve your problem:
Radare2的开发非常迅速 - 该项目每天都在发展,因此建议使用当前的git版本。更新您的版本,它应该解决您的问题:
$ git clone https://github.com/radare/radare2.git
$ cd radare2
$ ./sys/install.sh