Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/radareorg/radare2-snap

Radare2 snap and docker repository
https://github.com/radareorg/radare2-snap

binary-analysis comandline docker forensics malware-analysis radare2 reverse-engineering security snapcraft

Last synced: 9 months ago
JSON representation

Radare2 snap and docker repository

Awesome Lists containing this project

README 

          
# radare2 docker image



Radare2 (also known as r2) is a complete framework for reverse-engineering

and analyzing binaries; composed of a set of small utilities that can be used

together or independently from the command line. Built around a disassembler

for computer software which generates assembly language source code from

machine-executable code, it supports a variety of executable formats for

different processors and operating systems. Apart from the static analysis

feature it also supports debugging and emulation. The architecture of the

framework is modular and allows to use existing or create new plugins for new

file formats, architectures, analysis features.



## Official stable version



This registry image is for the stable version is based on **Ubuntu** and the [radare2 snap](https://snapcraft.io/radare2) build.

The Dockerfile used to build it can be found in [this dedicated repository](https://github.com/radareorg/radare2-snap).

Any issue found in this packaging can be opened [there](https://github.com/radareorg/radare2-snap/issues).



The resulting build includes the following projects:



* [radare2](https://github.com/radareorg/radare2)

* [r2ghidra](https://github.com/radareorg/r2ghidra)

* [r2frida](https://github.com/nowsecure/r2frida) (only in supported platforms)

* [r2dec](https://github.com/wargio/r2dec-js)

* [r2yara](https://github.com/radareorg/r2yara)

* [r2ai](https://github.com/radareorg/r2ai)

* [r2pipe](https://pypi.org/project/r2pipe/) (for Python)

* [r2book](https://github.com/radareorg/radare2-book) (as info page)



### Run



To use this docker image you can use either:



```sh

docker run -ti radare/radare2

podman run -ti docker.io/radare/radare2

nerdctl run -ti radare/radare2

```



To use the docker image as one shot so it removes everything inside the container on exit just add `--rm` as follows:



```sh

docker run --rm -ti radare/radare2

```



Another example to use for debugging inside the docker:



```sh

docker run --tty --interactive --privileged --cap-add=SYS_PTRACE --security-opt seccomp=unconfined --security-opt apparmor=unconfined radare/radare2

```



Also there is the option to open the [r2book](https://book.rada.re/) inside the container:



```sh

info r2book

```



### Verify



The image can be verified that has been generated by GitHub Actions by runing the following command:



```sh

cosign verify docker.io/radare/radare2 --experimental-oci11=true --certificate-oidc-issuer=https://token.actions.githubusercontent.com --certificate-identity-regexp='https://github\.com/radareorg/radare2-snap/.*@refs/heads/main'

```



## GIT version (r2docker)



Alternatively there is a version with radare2 GIT aimed to be build locally.



This will build an image using **Debian** with radare2 from git with latest changes.

The Dockerfile to build can be found inside the `dist/docker` directory in the [radare2](https://github.com/radareorg/radare2) source tree.



### Build from GIT



To build this other image run the following lines:



```sh

git clone https://github.com/radareorg/radare2.git

cd radare2

make -C dist/docker

```



This will build an image with the following plugins:



* [r2ghidra](https://github.com/radareorg/r2ghidra)

* [r2frida](https://github.com/nowsecure/r2frida)

* [r2dec](https://github.com/wargio/r2dec-js)



It is possible to specify more packages using the `R2PM` make variable:



```sh

make -C dist/docker R2PM=radius2

```



Also, you can select the architecture (amd64 / arm64) to compile the image by using the `ARCH` make variable.



## Run a container as r2web server



By default both images are intended to be used in a interactive terminal.



But both can also be launched directly to use the radare2 web UI.



The do so it can be launched using the following command:



```sh

docker run -p 9090:9090 radare/radare2 r2 -c '=h' -

```



Or the following docker-compose structure:



```yaml

version: "3.8"

services:

  radare2:

    image: radare/radare2

    command: r2 -c '=h' -

    network_mode: bridge

    ports:

      - "9090:9090"

```



Or if debugging functionality is required:



```yaml

version: "3.8"

services:

  radare2:

    image: radare/radare2

    command: r2 -c '=h' -

    network_mode: bridge

    ports:

      - "9090:9090"

    privileged: true

    cap_add:

      - SYS_PTRACE

    security_opt:

      - "seccomp=unconfined"

      - "apparmor=unconfined"

```



## Links



You can read more about the project in the following links:



* 

*