[0x00000000]> cx 7f469046

Compare 2/4 equal bytes

0x00000001 (byte=02) 45 'E' -> 46 'F'

0x00000002 (byte=03) 4c 'L' -> 90 ' '

You can use the compare command to find differences between a current block and a file previously dumped to a disk:

r2 /bin/true

[0x08049A80]> s 0

[0x08048000]> cf /bin/true

Compare 512/512 equal bytes

SDB stands for String DataBase. It's a simple key-value database that only operates with strings created by pancake. It is used in many parts of r2 to have a disk and in-memory database which is small and fast to manage using it as a hashtable on steroids.

SDB is a simple string key/value database based on djb’s cdb disk storage and supports JSON and arrays introspection.

There’s also the sdbtypes: a vala library that implements several data structures on top of an sdb or a memcache instance.

SDB supports:

   • namespaces (multiple sdb paths)

   • atomic database sync (never corrupted)

   • bindings for vala, luvit, newlisp and nodejs

   • commandline frontend for sdb databases

   • memcache client and server with sdb backend

   • arrays support (syntax sugar)

   • json parser/getter

Let's create a database!

$ sdb d hello=world

$ sdb d hello

world

Using arrays:

$ sdb - '[]list=1,2' '[0]list' '[0]list=foo' '[]list' '[+1]list=bar'

1

foo

2

foo

bar

2

Let's play with json:

$ sdb d g='{"foo":1,"bar":{"cow":3}}'

$ sdb d g?bar.cow

3

$ sdb - user='{"id":123}' user?id=99 user?id

99

Using the command line without any disk database:

$ sdb - foo=bar foo a=3 +a -a

bar

4

3

$ sdb -

foo=bar

foo

bar

a=3

+a

4

-a

3

Remove the database

$ rm -f d

So, you can now do this inside your radare2 sessions!

Let's take a simple binary, and check what is already sdbized.

$ cat test.c

int main(){

puts("Hello world\n");

}

$ gcc test.c -o test

$ r2 -A ./test

[0x08048320]> k **

bin

anal

syscall

debug

[0x08048320]> k bin/**

fd.6

[0x08048320]> k bin/fd.6/*

archs=0:0:x86:32

The file corresponding to the sixth file descriptor is a x86_32 binary.

[0x08048320]> k anal/meta/*

meta.s.0x80484d0=12,SGVsbG8gd29ybGQ=

[...]

[0x08048320]> ?b64- SGVsbG8gd29ybGQ=

Hello world

Strings are stored encoded in base64.

List namespaces

k **

List sub-namespaces

k anal/**

List keys

k *

k anal/*

Set a key

k foo=bar

Get the value of a key

k foo

List all syscalls

k syscall/*~^0x

List all comments

k anal/meta/*~.C.

Show a comment at given offset:

k %anal/meta/[1]meta.C.0x100005000

Radare2 comes with the lean readline-like input capability through the lean library to handle the command edition and history navigation. It allows users to perform cursor movements, search the history, and implements autocompletion. Moreover, due to the radare2 portability, dietline provides the uniform experience among all supported platforms. It is used in all radare2 subshells - main prompt, SDB shell, visual prompt, and offsets prompt. It also implements the most common features and keybindings compatible with the GNU Readline.

Dietline supports two major configuration modes : Emacs-mode and Vi-mode.

It also supports the famous Ctrl-R reverse history search. Using TAB key it allows to scroll through the autocompletion options.

In the every shell and radare2 command autocompletion is supported. There are multiple modes of it - files, flags, and SDB keys/namespaces. To provide the easy way to select possible completion options the scrollable popup widget is available. It can be enabled with scr.prompt.popup, just set it to the true.

By default dietline mode is compatible with readline Emacs-like mode key bindings. Thus active are:

   • Ctrl-a - move to the beginning of the line

   • Ctrl-e - move to the end of the line

   • Ctrl-b - move one character backward

   • Ctrl-f - move one character forward

   • Ctrl-w - delete the previous word

   • Ctrl-u - delete the whole line

   • Ctrl-h - delete a character to the left

   • Ctrl-d - delete a character to the right

   • Alt-d - cuts the character after the cursor

   • Ctrl-k - kill the text from point to the end of the line.

   • Ctrl-x - kill backward from the cursor to the beginning of the current line.

   • Ctrl-t - kill from point to the end of the current word, or if between words, to the end of the next word. Word boundaries are the same as forward-word.

   • Ctrl-w - kill the word behind point, using white space as a word boundary. The killed text is saved on the kill-ring.

   • Ctrl-y - yank the top of the kill ring into the buffer at point.

   • Ctrl-] - rotate the kill-ring, and yank the new top. You can only do this if the prior command is yank or yank-pop.

   • Ctrl-r - the reverse search in the command history

Radare2 also comes with in vi mode that can be enabled by toggling scr.prompt.vi. The various keybindings available in this mode are:

   • ESC - enter into the control mode

   • i - enter into the insert mode

   • j - acts like up arrow key

   • k - acts like down arrow key

   • a - move cursor forward and enter into insert mode

   • I - move to the beginning of the line and enter into insert mode

   • A - move to the end of the line and enter into insert mode

   • ^ - move to the beginning of the line

   • 0 - move to the beginning of the line

   • $ - move to the end of the line

   • h - move one character backward

   • l - move one character forward