Gsyfuy

What happens if a wizard reaches level 20 but has no 3rd-level spells that they can use with the Signature Spells feature?

Am I using the wrong word all along?

How large should photos on my blog be?

What is better: yes / no radio, or simple checkbox?

Avoiding morning and evening handshakes

Word to be used for "standing with your toes pointing out"

Why is c4 a better move in this position?

What is the purpose of easy combat scenarios that don't need resource expenditure?

If I delete my router's history can my ISP still provide it to my parents?

'A' vs 'an' in newspaper article

What is Crew Dragon approaching in this picture?

How to print eax value with Radare2?

How to mitigate "bandwagon attacking" from players?

Is it a fallacy if someone claims they need an explanation for every word of your argument to the point where they don't understand common terms?

Why do neural networks need so many training examples to perform?

Can I become debt free or should I file for bankruptcy? How do I manage my debt and finances?

Meth dealer reference in Family Guy

Has the Isbell–Freyd criterion ever been used to check that a category is concretisable?

How would an AI self awareness kill switch work?

LTSpice: When running a linear AC simulation, how to view the voltage ratio between two voltages?

How do you enable SQL Server 2019's result set caching?

Can a person refuse a presidential pardon?

Obtaining a matrix of complex values from associations giving the real and imaginary parts of each element?

Crystal compensation for temp and voltage

How to print eax value with Radare2?

How to print from pointers in radare2 in debug sessionHow to debug (like gdb) with radare2?How to print from pointers in radare2 in debug sessionDumping binary with radare2How to debug a hang application with radare2?Split view radare2 print heapHow To Print Addresses in Radare2How do you print fixed width strings with radare's print format `pf`?grep -E with Radare2Disassembly - Why the CMP instruction is multiplying by 2 the value being comparedHow to print the value of register with Radare 2

2

I am solving a crack me challenge but I am stuck. The challenge executes several jne tests. The first test is the simpliest but I don't arrive to print the eax value to know the content of cmp instruction. According to this block of code :

|    ; DATA XREF from sym.main (0x804848e)

|    0x08048497      b88a55ea8b     mov eax, 0x8bea558a

|    0x0804849c      45             inc ebp

|    0x0804849d      f4             hlt

|    0x0804849e      83c004         add eax, 4

|    0x080484a1      8a00           mov al, byte [eax]

|    0x080484a3      38c2           cmp dl, al

|,=< 0x080484a5      753d           jne 0x80484e4

How can I print the eax value to understand what are compared in the instruction ?

0x080484a1 8a00 mov al, byte [eax]

According to this question, I tried the 0x080484a1 but when I enter the command pxr 1 @ eax+0x4, nothing appears. If I enter the command pxr @ eax+0x4, this code appears :

0x080c288c  0x6f6c6165  ealo ascii

0x080c2890  0x00796768  hgy. ascii

The ascii printed is linked with the string compared ksuiealohgy.

debugging radare2 debuggers

share|improve this question

asked 4 hours ago

AnonymeAnonyme

414

add a comment | 

2

I am solving a crack me challenge but I am stuck. The challenge executes several jne tests. The first test is the simpliest but I don't arrive to print the eax value to know the content of cmp instruction. According to this block of code :

|    ; DATA XREF from sym.main (0x804848e)

|    0x08048497      b88a55ea8b     mov eax, 0x8bea558a

|    0x0804849c      45             inc ebp

|    0x0804849d      f4             hlt

|    0x0804849e      83c004         add eax, 4

|    0x080484a1      8a00           mov al, byte [eax]

|    0x080484a3      38c2           cmp dl, al

|,=< 0x080484a5      753d           jne 0x80484e4

How can I print the eax value to understand what are compared in the instruction ?

0x080484a1 8a00 mov al, byte [eax]

According to this question, I tried the 0x080484a1 but when I enter the command pxr 1 @ eax+0x4, nothing appears. If I enter the command pxr @ eax+0x4, this code appears :

0x080c288c  0x6f6c6165  ealo ascii

0x080c2890  0x00796768  hgy. ascii

The ascii printed is linked with the string compared ksuiealohgy.

debugging radare2 debuggers

share|improve this question

asked 4 hours ago

AnonymeAnonyme

414

add a comment | 

I am solving a crack me challenge but I am stuck. The challenge executes several jne tests. The first test is the simpliest but I don't arrive to print the eax value to know the content of cmp instruction. According to this block of code :

|    ; DATA XREF from sym.main (0x804848e)

|    0x08048497      b88a55ea8b     mov eax, 0x8bea558a

|    0x0804849c      45             inc ebp

|    0x0804849d      f4             hlt

|    0x0804849e      83c004         add eax, 4

|    0x080484a1      8a00           mov al, byte [eax]

|    0x080484a3      38c2           cmp dl, al

|,=< 0x080484a5      753d           jne 0x80484e4

How can I print the eax value to understand what are compared in the instruction ?

0x080484a1 8a00 mov al, byte [eax]

According to this question, I tried the 0x080484a1 but when I enter the command pxr 1 @ eax+0x4, nothing appears. If I enter the command pxr @ eax+0x4, this code appears :

0x080c288c  0x6f6c6165  ealo ascii

0x080c2890  0x00796768  hgy. ascii

The ascii printed is linked with the string compared ksuiealohgy.

debugging radare2 debuggers

share|improve this question

asked 4 hours ago

AnonymeAnonyme

414

|    ; DATA XREF from sym.main (0x804848e)

|    0x08048497      b88a55ea8b     mov eax, 0x8bea558a

|    0x0804849c      45             inc ebp

|    0x0804849d      f4             hlt

|    0x0804849e      83c004         add eax, 4

|    0x080484a1      8a00           mov al, byte [eax]

|    0x080484a3      38c2           cmp dl, al

|,=< 0x080484a5      753d           jne 0x80484e4

0x080c288c  0x6f6c6165  ealo ascii

0x080c2890  0x00796768  hgy. ascii

share|improve this question

asked 4 hours ago

AnonymeAnonyme

414

share|improve this question

asked 4 hours ago

AnonymeAnonyme

414

asked 4 hours ago

AnonymeAnonyme

414

asked 4 hours ago

AnonymeAnonyme

414

1 Answer
1

active

oldest

votes

2

Not sure why you used pxr as you could get the output with px 1 @ eax+0x4. But another options would be that you could run this opcode and then read the register value of al to get that. But in order to do that you need to use debugger commands instead (of course you need to be in debugging mode):

[0x7f5953803e90]> dr?

Usage: dr   Registers commands

| dr                     Show 'gpr' registers

<snip>

So to get the value of al execute during debugging session:

[0x7f5953803e90]> dr al

0x00000090

share|improve this answer

answered 3 hours ago

Paweł ŁukasikPaweł Łukasik

2,4461520

add a comment | 

Your Answer

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "489"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2freverseengineering.stackexchange.com%2fquestions%2f20762%2fhow-to-print-eax-value-with-radare2%23new-answer', 'question_page');
}
);

Post as a guest

Name

Email

Required, but never shown

2

Not sure why you used pxr as you could get the output with px 1 @ eax+0x4. But another options would be that you could run this opcode and then read the register value of al to get that. But in order to do that you need to use debugger commands instead (of course you need to be in debugging mode):

[0x7f5953803e90]> dr?

Usage: dr   Registers commands

| dr                     Show 'gpr' registers

<snip>

So to get the value of al execute during debugging session:

[0x7f5953803e90]> dr al

0x00000090

share|improve this answer

answered 3 hours ago

Paweł ŁukasikPaweł Łukasik

2,4461520

add a comment | 

2

Not sure why you used pxr as you could get the output with px 1 @ eax+0x4. But another options would be that you could run this opcode and then read the register value of al to get that. But in order to do that you need to use debugger commands instead (of course you need to be in debugging mode):

[0x7f5953803e90]> dr?

Usage: dr   Registers commands

| dr                     Show 'gpr' registers

<snip>

So to get the value of al execute during debugging session:

[0x7f5953803e90]> dr al

0x00000090

share|improve this answer

answered 3 hours ago

Paweł ŁukasikPaweł Łukasik

2,4461520

add a comment | 

Not sure why you used pxr as you could get the output with px 1 @ eax+0x4. But another options would be that you could run this opcode and then read the register value of al to get that. But in order to do that you need to use debugger commands instead (of course you need to be in debugging mode):

[0x7f5953803e90]> dr?

Usage: dr   Registers commands

| dr                     Show 'gpr' registers

<snip>

So to get the value of al execute during debugging session:

[0x7f5953803e90]> dr al

0x00000090

share|improve this answer

answered 3 hours ago

Paweł ŁukasikPaweł Łukasik

2,4461520

[0x7f5953803e90]> dr?

Usage: dr   Registers commands

| dr                     Show 'gpr' registers

<snip>

[0x7f5953803e90]> dr al

0x00000090

share|improve this answer

answered 3 hours ago

Paweł ŁukasikPaweł Łukasik

2,4461520

answered 3 hours ago

Paweł ŁukasikPaweł Łukasik

2,4461520

answered 3 hours ago

Paweł ŁukasikPaweł Łukasik

2,4461520