The Official Radare2 Book | страница 82
0x0040487c f0505449c7c0 +invoke-object-init-range {}, method+18772 ;[0]
0x00404882 90244100 add-int v36, v65, v0
e asm.bits = 16
0000:4870 31ed xor bp, bp
0000:4872 49 dec cx
0000:4873 89d1 mov cx, dx
0000:4875 5e pop si
0000:4876 48 dec ax
0000:4877 89e2 mov dx, sp
This latest operation can also be done using & in Visual mode.
e asm.pseudo = true
0x00404870 31ed ebp = 0
0x00404872 4989d1 r9 = rdx
0x00404875 5e pop rsi
0x00404876 4889e2 rdx = rsp
0x00404879 4883e4f0 rsp &= 0xfffffffffffffff0
e asm.syntax = att
0x00404870 31ed xor %ebp, %ebp
0x00404872 4989d1 mov %rdx, %r9
0x00404875 5e pop %rsi
0x00404876 4889e2 mov %rsp, %rdx
0x00404879 4883e4f0 and $0xfffffffffffffff0, %rsp
e asm.describe = true
0x00404870 xor ebp, ebp ; logical exclusive or
0x00404872 mov r9, rdx ; moves data from src to dst
0x00404875 pop rsi ; pops last element of stack and stores the result in argument
0x00404876 mov rdx, rsp ; moves data from src to dst
0x00404879 and rsp, -0xf ; binary and operation between src and dst, stores result on dst
You can use Visual Mode to assemble code using A. For example let's replace the push by a jmp:
Notice the preview of the disassembly and arrows:
You need to open the file in writing mode (r2 -w or oo+) in order to patch the file. You can also use the cache mode: e io.cache = true and wc?.
Remember that patching files in debug mode only patch the memory not the file.
Ve or e in visual mode allows you to edit radare2 configuration visually. For example, if you want to change the assembly display just select asm in the list and choose your assembly display flavor.
Example switch to pseudo disassembly:
Visual Panels is characterized by the following core functionalities:
1. Split Screen
2. Display multiple screens such as Symbols, Registers, Stack, as well as custom panels
3. Menu will cover all those commonly used commands for you so that you don't have to memorize any of them
CUI met some useful GUI as the menu, that is Visual Panels.
