1RABIN2(1)                 BSD General Commands Manual                RABIN2(1)
2

NAME

4     RABIN2 — Binary program info extractor
5

SYNOPSIS

7     rabin2 [-AceghHiIsSMzlpRrLxvhqQTuUwV] [-a arch] [-b bits] [-B addr]
8            [-C fmt:C:[D]] [-D lang sym|-] [-f subbin] [-k query] [-K algo]
9            [-O binop] [-o str] [-m addr] [-@ addr] [-n str] [-X fmt file ...]
10            file
11

DESCRIPTION

13     This program allows you to get information about ELF/PE/MZ and CLASS
14     files in a simple way.
15
16     All those command-line flags are also available under the i command in
17     radare2. Type i? for help.
18
19     -@ addr     Show information (symbol, section, import) of the given ad‐
20                 dress
21
22     -A          List sub-binaries and their associated arch-bits pairs
23
24     -a arch     Set arch (x86, arm, .. accepts underscore for bits x86_32)
25
26     -b bits     Set bits (32, 64, ...)
27
28     -B addr     Override baddr
29
30     -c          List classes
31
32     -cc         List classes in header format
33
34     -C [fmt:C[:D]]
35                 Create [elf,mach0,pe] for arm and x86-32/64 tiny binaries
36                 where 'C' is an hexpair list of the code bytes and ':D' is an
37                 optional concatenation to describe the bytes for the data
38                 section.
39
40     -d          Show debug/dwarf information
41
42     -D lang symbolname|-
43                 Demangle symbol name (or - to read from stdin) for lang (cxx,
44                 swift, java, cxx, ..)
45
46     -e          Show entrypoints for disk and on-memory
47
48     -ee         Show constructor/destructors (extended entrypoints)
49
50     -f subbin   Select sub-binary architecture. Useful for fat-mach0 binaries
51
52     -F binfmt   Force to use that bin plugin (ignore header check)
53
54     -g          Show all possible information
55
56     -G addr     Load address . offset to header
57
58     -h          Show usage help message.
59
60     -H          Show header fields (see ih command in r2)
61
62     -I          Show binary info (iI in r2)
63
64     -i          Show imports (symbols imported from libraries) (ii)
65
66     -j          Output in json
67
68     -k query    Perform SDB query on loaded file
69
70     -K algo     Select a rahash2 checksum algorithm to be performed on sec‐
71                 tions listing (and maybe others in the future) i.e 'rabin2 -K
72                 md5 -S /bin/ls'
73
74     -l          List linked libraries to the binary
75
76     -L          List supported bin plugins
77
78     -M          Show address of 'main' symbol
79
80     -m addr     Show source line reference from a given address
81
82     -N minlen:maxlen
83                 Force minimum and maximum number of chars per string (see -z
84                 and -zz). if (strlen>minlen && (!maxlen || strlen<=maxlen))
85
86     -n str      Show information (symbol, section, import) at string offset
87
88     -o str      Output file/folder for write operations (out by default)
89
90     -O binop    Perform binary operation on target binary (dump, resize,
91                 change sections, ...) see '-O help' for more information
92
93     -p          Disable VA. Show always physical addresses (not the same as
94                 -B0)
95
96     -P          Show debug/pdb information
97
98     -PP         Download pdb file for binary
99
100     -q          Be quiet, just show fewer data
101
102     -qq         Show less info (no offset/size for -z for ex.)
103
104     -Q          Show load address used by dlopen (non-aslr libs)
105
106     -r          Show output in radare format
107
108     -R          Show relocations
109
110     -s          Show exported symbols
111
112     -S          Show sections
113
114     -SS         Show segments
115
116     -t          Show file hashes
117
118     -T          Show Certificates
119
120     -u          Unfiltered (no rename duplicated symbols/sections)
121
122     -U          Show Resources
123
124     -v          Show version information
125
126     -V          Show binary version information
127
128     -w          Show try/catch blocks
129
130     -x          Extract all sub binaries from a fat binary (f.ex: fatmach0)
131
132     -X format file ...
133                 Package a fat or zip containing all the files passed (fat,
134                 zip)
135
136     -z          Show strings inside .data section (like gnu strings does)
137
138     -Z          Guess size of binary program
139
140     -zz         Shows strings from raw bins
141
142     -zzz        Dump raw strings to stdout (for huge files)
143

ENVIRONMENT

145     RABIN2_LANG same as r2 -e bin.lang for rabin2
146
147     RABIN2_DEMANGLE demangle symbols
148
149     RABIN2_MAXSTRBUF same as r2 -e bin.maxstrbuf for rabin2
150
151     RABIN2_DEBASE64 try to decode all strings as base64 if possible
152
153     RABIN2_STRFILTER same as r2 -e bin.str.filter for rabin2
154
155     RABIN2_STRPURGE same as r2 -e bin.str.purge for rabin2
156
157     RABIN2_DEMANGLE_TRYLIB same as r2 -e bin.demangle.trylib=<bool> - try to
158     dynamically load libraries to demangle
159

EXAMPLES

161     List symbols of a program
162
163       $ rabin2 -s a.out
164
165     Get offset of symbol
166
167       $ rabin2 -n _main a.out
168
169     Get entrypoint
170
171       $ rabin2 -e a.out
172
173     Load symbols and imports from radare2
174
175       $ r2 -n /bin/ls
176       [0x00000000]> .!rabin2 -prsi $FILE
177

SEE ALSO

179     radare2(1)
180

AUTHORS

182     Written by pancake <pancake@nopcode.org>.
183
184                                 Nov 22, 2021
Impressum