r2con2024 was the extremely anticipated return of the Radare2 convention after a five-year pause, pushed by the challenges of the COVID-19 pandemic and a interval of neighborhood reorganization. Because the gathering spot for builders, safety researchers and lovers of the open-source Radare2 framework, this 12 months’s occasion stands as a robust testomony to the resilience of the neighborhood, with new instruments, contemporary insights and an expanded give attention to inclusivity and data sharing.
Over time, NowSecure has constantly supported the Radare2 mission and Frida, a toolkit for dynamic evaluation, recognizing the dear function these instruments play in cellular safety and binary evaluation. Open-source instruments like Radare2 and Frida at the moment are important in safety analysis, serving to customers worldwide perceive and safe cellular apps in opposition to new threats. Via this assist, NowSecure promotes a collaborative strategy to safety, giving researchers the assets to enhance their expertise, acquire necessary insights and make cellular software safety testing stronger and extra accessible.
NowSecure Key Highlights
At r2con2024, NowSecure audio system hosted shows and workshops targeted on binary evaluation, cellular safety and vulnerability detection. Their talks lined matters like new strategies in binary evaluation and methods to make use of Radare2 and Frida for cellular safety mixing concept with sensible methods. These classes highlighted the teamwork throughout the Radare2 neighborhood to enhance instruments and methods that make cellular safety stronger for everybody.
Combining frida-trace with radare2
Ole André Vadla Ravnås, Analysis Engineer at NowSecure, kicked off the second day of r2con2024 along with his presentation, “Combining frida-trace with radare2,” which showcased the highly effective new integration of radare2 with Frida’s tracing capabilities. He launched a streamlined approach to examine meeting code instantly from an internet browser utilizing a brand new Frida hint UI. This interface integrates a WebAssembly construct of radare2, permitting customers to view and modify hooks in actual time with just some clicks. With this seamless expertise, Ole demonstrated how Frida customers might shortly turn into conversant in radare2’s options, opening up new potentialities for intuitive and interactive code evaluation.
Frida hooking methods on non-jailbroken iOS
Francesco Tamagni, iOS Safety Analysis Engineer and also referred to as mrmacete, explored how Frida may be utilized in iOS environments with and with out jailbreak privileges. He examined the constraints and trade-offs of “jailed” hooking methods, providing a sensible information on putting Frida hooks inside app processes when jailbreak superpowers are unavailable. Francesco offered step-by-step examples, showcasing methods to examine dyldcaches.
Decompiling with AI
In an surprising and thrilling twist at r2con2024, NowSecure Analysis Engineer and radare2 creator Pancake stunned attendees with a demo of Decai, an AI-powered decompiler built-in with radare2. Decai takes radare2’s pseudocode and interprets it into high-level languages like Python, Swift, and even C#, making it simpler to establish vulnerabilities in fashionable purposes. This functionality is very worthwhile for analyzing SwiftUI and Unity apps, the place high-level code readability can reveal safety flaws inside complicated code constructions. The speak, not listed on the official schedule, captivated the viewers as Pancake demonstrated how this new function might rework the pace and ease of binary evaluation for cellular app safety.
NowSecure has constantly supported the Radare2 mission and Frida, a toolkit for dynamic evaluation, recognizing the dear function these instruments play in cellular safety and binary evaluation.
Hack-proof your cellular apps
Carlos Holguera, often known as grepharder, and a key determine within the OWASP neighborhood, as a co-author of the Cellular Utility Safety Testing Information (MASTG) shared essential insights into cellular safety dangers and steering from the talked about mission. He demonstrated how static and dynamic evaluation instruments, primarily radare2 and Frida, are used to uncover safety and privateness points inside iOS and Android binaries. Attendees have been launched to the brand new Cellular Utility Safety Weak spot Enumeration (MASWE).
A Hitchhikers Information for Unity: Reversing cellular video games on iOS
NowSecure Analysis Lead Alex Soler, often known as Murphy, introduced “A Hitchhiker’s Information for Unity: Reversing Cellular Video games on iOS,” providing a deep dive into the world of reverse-engineering Unity-based cellular video games. In his speak, Alex demonstrated methods to leverage r2frida, il2cpp, and Decai to decompile Unity purposes, sideload metadata, and symbolicate the code again into readable C#.
Via these methods, he walked attendees by recovering key components of the unique sport code to grasp the app’s inside logic because the developer supposed. Alex additionally highlighted the safety implications, explaining some weaknesses in APIs and fee methodologies inside Unity video games can pose dangers to each the ecosystem and the consumer expertise. His presentation showcased the r2frida plugin capabilities in analyzing and manipulating sport conduct dynamically.
Different r2con2024 Highlights
This 12 months’s version featured six workshops on Friday, starting from introductory growth classes delving into the internals of the radare2 codebase to hands-on purposes of radare2 for {hardware} hacking.
Audio system from across the globe shared their experience, together with Travis Goodspeed from america, who led a coaching on recovering Gameboy ROMs by analyzing pictures taken with a microscope. Condret from Germany explored the superior potential of radare2’s IO library, sha0 carried out an introductory session on malware evaluation, and pancake ran a workshop on the scripting capabilities of radare2, demonstrating varied strategies for automating binary evaluation processes.
On Saturday, the main focus shifted to shows. After Ole’s presentation on the brand new frida-trace UI, Sylvain and Karim Sudki’s shared their work on enhancing cryptographic assist in radare2. They showcased enhancements to the toolset’s means to scan for personal keys and demonstrated cracking the SM4 algorithm on actual gadgets. Lars adopted with a presentation on his multi-user platform constructed on radare2, designed to allow analysts to reuse work throughout totally different variations of the identical binaries, making evaluation extra environment friendly and collaborative.
Sunday’s shows have been absolutely on-line, streamed on YouTube, permitting distant members to benefit from the talks from house. Satk0 from Poland launched his first contribution to the mission, a plugin named “afen,” which rewrites expressions to help in reverse-engineering Flutter apps. Subsequent, dnakov from New York showcased his work on the brand new Visible mode in r2ai, demonstrating its “auto mode,” able to fixing crackmes and different reverse engineering duties with a single immediate.
Additional highlights included apkunpacker’s demonstration of utilizing radare2, Frida and r2frida to bypass SSL pinning in Flutter apps with statically linked SSL libraries. Roman Valls (aka brainstorm) introduced his efforts in fixing e-waste by reverse-engineering {hardware} firmware with radare2 and DecAI, the AI-powered decompiler, which efficiently analyzed STM8 chip firmware. Closing the day, Dennis Goodlett mentioned the vulnerabilities in Python’s Pickle binaries, explaining how they might result in code execution and demonstrating varied obfuscation methods utilizing his radare2 plugins for enhanced safety testing.
Wanting Forward and Closing
With r2con2024 concluded, it gives a second to replicate on the significance of free software program and the open-source contributions and gathering meetups from the safety neighborhood. NowSecure stays devoted to supporting radare2’s progress and evolution, reinforcing its perception within the worth of accessible, collaborative instruments for safety analysis.
For safety professionals trying to increase their expertise, radare2 gives a wealthy setting for exploring binary evaluation and cellular safety, bringing highly effective insights inside attain. This 12 months’s r2con underscored the neighborhood’s resilience, creativity and shared dedication to innovation.
NowSecure is proud to contribute to those developments and appears ahead to pushing the boundaries of cellular safety by continued analysis and energetic engagement in occasions like r2con, retaining the spirit of collaboration and studying alive.
To study extra about r2con and Radare2, try these assets:
