Ryfujk

How to override view.xml file in custom module

What's the purpose of these copper coils with resitors inside them in A Yamaha RX-V396RDS amplifier?

Incompressible fluid definition

Do my Windows system binaries contain sensitive information?

Is my plan for fixing my water heater leak bad?

Sometimes a banana is just a banana

Why is c4 a better move in this position?

What php.ini used my system?

Can the Assuming function be used with ContourPlot or DensityPlot?

Could quantum mechanics be necessary to analyze some biology scenarios?

Auto Insert date into Notepad

What's the rationale behind the objections to these measures against human trafficking?

Why zero tolerance on nudity in space?

Why is this code uniquely decodable?

What is better: yes / no radio, or simple checkbox?

What to do when being responsible for data protection in your lab, yet advice is ignored?

Can chords be played on the flute?

Hacker Rank: Array left rotation

Which aircraft had such a luxurious-looking navigator's station?

Six real numbers so that product of any five is the sixth one

Where was Karl Mordo in Infinity War?

Can the Count of Monte Cristo's calculation of poison dosage be explained?

How to get Region text from address id (Magento 2)

Proof by Induction - New to proofs

How to print eax value with Radare2?

How to print from pointers in radare2 in debug sessionHow to debug (like gdb) with radare2?How to print from pointers in radare2 in debug sessionDumping binary with radare2How to debug a hang application with radare2?Split view radare2 print heapHow To Print Addresses in Radare2How do you print fixed width strings with radare's print format `pf`?grep -E with Radare2Disassembly - Why the CMP instruction is multiplying by 2 the value being comparedHow to print the value of register with Radare 2

2

I am solving a crack me challenge but I am stuck. The challenge executes several jne tests. The first test is the simpliest but I don't arrive to print the eax value to know the content of cmp instruction. According to this block of code :

|    ; DATA XREF from sym.main (0x804848e)

|    0x08048497      b88a55ea8b     mov eax, 0x8bea558a

|    0x0804849c      45             inc ebp

|    0x0804849d      f4             hlt

|    0x0804849e      83c004         add eax, 4

|    0x080484a1      8a00           mov al, byte [eax]

|    0x080484a3      38c2           cmp dl, al

|,=< 0x080484a5      753d           jne 0x80484e4

How can I print the eax value to understand what are compared in the instruction ?

0x080484a1 8a00 mov al, byte [eax]

According to this question, I tried the 0x080484a1 but when I enter the command pxr 1 @ eax+0x4, nothing appears. If I enter the command pxr @ eax+0x4, this code appears :

0x080c288c  0x6f6c6165  ealo ascii

0x080c2890  0x00796768  hgy. ascii

The ascii printed is linked with the string compared ksuiealohgy.

debugging radare2 debuggers

share|improve this question

asked 14 hours ago

AnonymeAnonyme

414

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  does the execution reach that place ? there is a hlt instruction before i dont think your execution will reach this point if the flow was linear en.wikipedia.org/wiki/HLT_(x86_instruction)
  
  – blabb
  6 hours ago
  
  
  

  
  
  
  

add a comment | 

2

I am solving a crack me challenge but I am stuck. The challenge executes several jne tests. The first test is the simpliest but I don't arrive to print the eax value to know the content of cmp instruction. According to this block of code :

|    ; DATA XREF from sym.main (0x804848e)

|    0x08048497      b88a55ea8b     mov eax, 0x8bea558a

|    0x0804849c      45             inc ebp

|    0x0804849d      f4             hlt

|    0x0804849e      83c004         add eax, 4

|    0x080484a1      8a00           mov al, byte [eax]

|    0x080484a3      38c2           cmp dl, al

|,=< 0x080484a5      753d           jne 0x80484e4

How can I print the eax value to understand what are compared in the instruction ?

0x080484a1 8a00 mov al, byte [eax]

According to this question, I tried the 0x080484a1 but when I enter the command pxr 1 @ eax+0x4, nothing appears. If I enter the command pxr @ eax+0x4, this code appears :

0x080c288c  0x6f6c6165  ealo ascii

0x080c2890  0x00796768  hgy. ascii

The ascii printed is linked with the string compared ksuiealohgy.

debugging radare2 debuggers

share|improve this question

asked 14 hours ago

AnonymeAnonyme

414

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  does the execution reach that place ? there is a hlt instruction before i dont think your execution will reach this point if the flow was linear en.wikipedia.org/wiki/HLT_(x86_instruction)
  
  – blabb
  6 hours ago
  
  
  

  
  
  
  

add a comment | 

I am solving a crack me challenge but I am stuck. The challenge executes several jne tests. The first test is the simpliest but I don't arrive to print the eax value to know the content of cmp instruction. According to this block of code :

|    ; DATA XREF from sym.main (0x804848e)

|    0x08048497      b88a55ea8b     mov eax, 0x8bea558a

|    0x0804849c      45             inc ebp

|    0x0804849d      f4             hlt

|    0x0804849e      83c004         add eax, 4

|    0x080484a1      8a00           mov al, byte [eax]

|    0x080484a3      38c2           cmp dl, al

|,=< 0x080484a5      753d           jne 0x80484e4

How can I print the eax value to understand what are compared in the instruction ?

0x080484a1 8a00 mov al, byte [eax]

According to this question, I tried the 0x080484a1 but when I enter the command pxr 1 @ eax+0x4, nothing appears. If I enter the command pxr @ eax+0x4, this code appears :

0x080c288c  0x6f6c6165  ealo ascii

0x080c2890  0x00796768  hgy. ascii

The ascii printed is linked with the string compared ksuiealohgy.

debugging radare2 debuggers

share|improve this question

asked 14 hours ago

AnonymeAnonyme

414

|    ; DATA XREF from sym.main (0x804848e)

|    0x08048497      b88a55ea8b     mov eax, 0x8bea558a

|    0x0804849c      45             inc ebp

|    0x0804849d      f4             hlt

|    0x0804849e      83c004         add eax, 4

|    0x080484a1      8a00           mov al, byte [eax]

|    0x080484a3      38c2           cmp dl, al

|,=< 0x080484a5      753d           jne 0x80484e4

0x080c288c  0x6f6c6165  ealo ascii

0x080c2890  0x00796768  hgy. ascii

share|improve this question

asked 14 hours ago

AnonymeAnonyme

414

share|improve this question

asked 14 hours ago

AnonymeAnonyme

414

asked 14 hours ago

AnonymeAnonyme

414

asked 14 hours ago

AnonymeAnonyme

414

1 Answer
1

active

oldest

votes

2

Not sure why you used pxr as you could get the output with px 1 @ eax+0x4. But another options would be that you could run this opcode and then read the register value of al to get that. But in order to do that you need to use debugger commands instead (of course you need to be in debugging mode):

[0x7f5953803e90]> dr?

Usage: dr   Registers commands

| dr                     Show 'gpr' registers

<snip>

So to get the value of al execute during debugging session:

[0x7f5953803e90]> dr al

0x00000090

share|improve this answer

answered 13 hours ago

Paweł ŁukasikPaweł Łukasik

2,4461520

add a comment | 

Your Answer

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "489"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2freverseengineering.stackexchange.com%2fquestions%2f20762%2fhow-to-print-eax-value-with-radare2%23new-answer', 'question_page');
}
);

Post as a guest

Name

Email

Required, but never shown

2

Not sure why you used pxr as you could get the output with px 1 @ eax+0x4. But another options would be that you could run this opcode and then read the register value of al to get that. But in order to do that you need to use debugger commands instead (of course you need to be in debugging mode):

[0x7f5953803e90]> dr?

Usage: dr   Registers commands

| dr                     Show 'gpr' registers

<snip>

So to get the value of al execute during debugging session:

[0x7f5953803e90]> dr al

0x00000090

share|improve this answer

answered 13 hours ago

Paweł ŁukasikPaweł Łukasik

2,4461520

add a comment | 

2

Not sure why you used pxr as you could get the output with px 1 @ eax+0x4. But another options would be that you could run this opcode and then read the register value of al to get that. But in order to do that you need to use debugger commands instead (of course you need to be in debugging mode):

[0x7f5953803e90]> dr?

Usage: dr   Registers commands

| dr                     Show 'gpr' registers

<snip>

So to get the value of al execute during debugging session:

[0x7f5953803e90]> dr al

0x00000090

share|improve this answer

answered 13 hours ago

Paweł ŁukasikPaweł Łukasik

2,4461520

add a comment | 

Not sure why you used pxr as you could get the output with px 1 @ eax+0x4. But another options would be that you could run this opcode and then read the register value of al to get that. But in order to do that you need to use debugger commands instead (of course you need to be in debugging mode):

[0x7f5953803e90]> dr?

Usage: dr   Registers commands

| dr                     Show 'gpr' registers

<snip>

So to get the value of al execute during debugging session:

[0x7f5953803e90]> dr al

0x00000090

share|improve this answer

answered 13 hours ago

Paweł ŁukasikPaweł Łukasik

2,4461520

[0x7f5953803e90]> dr?

Usage: dr   Registers commands

| dr                     Show 'gpr' registers

<snip>

[0x7f5953803e90]> dr al

0x00000090

share|improve this answer

answered 13 hours ago

Paweł ŁukasikPaweł Łukasik

2,4461520

answered 13 hours ago

Paweł ŁukasikPaweł Łukasik

2,4461520

answered 13 hours ago

Paweł ŁukasikPaweł Łukasik

2,4461520