Rizin 0.4.0 reverse engineering release and its Gui Cutter 2.1.0

Altus Intel
Altus Intel
  • Date Time

took place the release of the framework for reverse engineering Rizin and the associated graphic shell cutter . The Rizin project began as fork Radare2 framework and continued its development with a slope for a convenient API and a focus for analysis of code without Forenzika. From the moment of Fork, the project has switched to a fundamentally excellent mechanism for preserving the session (“projects”) in the form of a state based on serialization. In addition, the code base is significantly redesigned towards the convenience of escort. The project code is written in the language of si and spreads under the license lgplv3. .re/”> Cutter is written C ++ using Qt and it spreads under the GPLV3 license. Cutter, like Rizin itself, is aimed at the process of reverse development of programs in machine code or bytcode (for example, JVM or PYC). For Cutter/Rizin, there are decompilation plugins based on Ghidra, JSDEC and RETDEC.

In the new issue:

  • Added support for creating Flirt signatures, which can then be loaded in IDA Pro;
  • The supply includes a base signature base for popular libraries;
  • Improved recognition of the functions and lines of executable files on GO for X86/X64/PowerPC/Mips/ARM/RISC-V;
  • The new language of the intermediate representation is implemented rzil based on bap core Theory (SMT-like language);
  • Added the possibility of auto-determining the basic address for “raw” files;
  • Support for loading in the debugging mode of “cast” memory based on Windows PageDump/Minidump formats;
  • Improved work with remote debuggers based on Windbg/KD.
  • At the moment, support for architectures ARMV7/ARMV8, AVR, 6052, Brainfuck has been transferred to the new RZIL. To the next release, it is planned to complete the translation for Superh, PowerPC and partially X86.

Also additionally released:

  • rz-libyara -plugin for rizin/cutter to support the loading and creating signatures in Yara;
  • rz-libdemangle -a library of deciphering functions for languages ​​C ++/OBJC/Rust/SWIFT/Java;
  • rz-ghidra -plugin for rizin/matter for decompilation (based on C ++ Ghidra code);
  • jsdec – plugin for Rizin/Cutter for decompilation of the original development;
  • rz-retdec -plugin for rizin/clip for decompilation (based on Retdec);
  • rz-tracetest -a utility of a cross-cutting correctness of the machine code in Rzil by comparing the emulation route (based on Qemu, Vice).
/Media reports.

© 2024 - Altus Intel