• r2 -d /bin/ls: Opens radare2 with file /bin/ls in debugger mode using the radare2 native debugger, but does not run the program. You’ll see a prompt (radare2) - all examples are from this prompt.

   • db flag: place a breakpoint at flag, where flag can be either an address or a function name

   • db - flag: remove the breakpoint at flag, where flag can be either an address or a function name

   • db: show list of breakpoint

   • dc: run the program

   • dr: Show registers state

   • drr: Show registers references (telescoping) (like peda)

   • ds: Step into instruction

   • dso: Step over instruction

   • dbt: Display backtrace

   • dm: Show memory maps

   • dk <signal>: Send KILL signal to child

   • ood: reopen in debug mode

   • ood arg1 arg2: reopen in debug mode with arg1 and arg2

r2 -d /bin/ls - start in debugger mode => [video]

r2 -d <pid> - attach to process

r2 ptrace://pid - same as above, but only for io (not debugger backend hooked)

[0x7fff6ad90028]> o-225 - close fd=225 (listed in o~[1]:0)

r2 -D gdb gdb://localhost:1234 - attach to gdbserver

Use rarun2 (libpath=$PWD:/tmp/lib, arg2=hello, setenv=FOO=BAR ...) see rarun2 -h / man rarun2

r2 -i <scriptfile> ... - run a script after loading the file => [video]

r2 -I <scriptfile> ... - run a script before loading the file

r2 -c $@ | awk $@ - run through awk to get asm from function => [link]

[0x80480423]> . scriptfile - interpret this file => [video]

[0x80480423]> #!c - enter C repl (see #! to list all available RLang plugins) => [video], everything have to be done in a oneliner or a .c file must be passed as an argument.

To get #!python and much more, just build radare2-bindings

CL @ sym.main - though the feature is highly experimental