radare2 is a tool for reverse-engineering software. It is quite versatile, and can deal either with binary files of executable code, or even attach to a running process.
Packaging (making available an installation package for end-users) is always an issue, especially when the software gets updated often. There is in the works a snap package for radare2, and in this post we see how to use it. The package is currently in beta, and when it gets out of beta, come back here for updated usage instructions.
Inspecting the radare2 snap package
snap info radare2 to inspect the radare2 snap package. There is a snap package in the
edge channel, for
radare2 4.5.0. It is at 15MB and can be used with the special
devmode (developer mode).
devmode is important at this stage because
radare2 does all sort of things to running binaries; and
devmode disables most security protections over the snap package. That is, with
devmode, we allow
radare2 to have almost full access to our computer in order to perform its magic.
$ snap info radare2 name: radare2 summary: UNIX-like reverse engineering framework and command-line toolset publisher: XVilka store-url: https://snapcraft.io/radare2 contact: anton.... license: LGPL-3.0+ description: | Radare2 (also known as r2) is a complete framework for reverse-engineering and analyzing binaries; composed of a set of small utilities that can be used together or independently from the command line. Built around a disassembler for computer software which generates assembly language source code from machine-executable code, it supports a variety of executable formats for different processors and operating systems. Apart from the static analysis feature it also supports debugging and emulation. The architecture of the framework is modular and allows to use existing or create new plugins for new file formats, architectures, analysis features. snap-id: f4y9TBadauYSgKehljM7KYsS4mThZ17Y channels: latest/stable: – latest/candidate: – latest/beta: – latest/edge: 4.5.0 2020-08-05 (109) 15MB devmode
Installing the radare2 snap package
radare2 is also available as a snap package and can be installed on a system that supports snap packages. See Installing snapd to setup your system to support snap packages.
Status of snap package support
Currently, radare2 is available as an edge snap package that works in devmode security confinement (developer mode). Refer back to this section for updated instructions when radare2 is out of edge/devmode.
Currently, you need to prepend
radare2. to each command you want to run. For example, use
radare2.rabin2 to run
Snap packages that work in devmode security confinement do not appear in search results, when you search for them in the Snap Store. To find information about this snap package, run
snap info radare2. See the section below on this.
This command installs the
radare2 snap package from the edge channel, using the devmode (developer mode) security confinement type. The devmode security confinement disables any restrictions that are applied to typical snap packages. devmode makes a package to work quite similarly to APT and RPM packages.
$ sudo snap install radare2 --channel=edge --devmode
Currently, the radare2 commands can be invoked with the following names:
Getting info about the radare2 snap package
Run the following command to get info about the radare2 snap package. You can see the list of available commands and how to invoke them. There are packages in
edge channels, currently with radare2 4.5.0. The build number in this example is 5, and is an ascending number that characterises each new build. We have installed radare 4.5.0 from build 5, using the devmode security confinement. We are tracking the
edge channel. Since the installed build number is the same as the build number in the channel that we are tracking, we are already running the latest available version.
$ snap info radare2
Radare2 (also known as r2) is a complete framework for reverse-engineering
and analyzing binaries; composed of a set of small utilities
that can be used together or independently from the command line.
Built around a disassembler for computer software which generates
assembly language source code from machine-executable code,
it supports a variety of executable formats for different processors
and operating systems.
refresh-date: today at 12:51 EEST
latest/edge: 4.5.0 2020-07-23 (5) 15MB devmode
installed: 4.5.0 (5) 15MB devmode
The snap packages that are installed in devmode are not updated automatically. You can update manually:
$ sudo snap refresh radare2
See the section above on how to get info about the radare2 snap package and how to determine whether there is an updated version available.
Run the following command to uninstall the snap package of radare2:
$ sudo snap remove radare2
The radare2 snap package is currently available for the following architectures:
- error: snap “radare2” is not available on stable: When installing the snap package of radare2, you currently need to specify the edge channel. Append
--channel=edgeon the installation command line.
- error: The publisher of snap “radare2” has indicated that they do not consider this revision to be of production quality: When installing the snap package of radare2, you currently need to specify the devmode confinement. Append
--devmodeon the installation command line.
- How can I download the snap package for offline use?: Use the command
snap download radare2 --channel=edge. You can then run
sudo snap installto install the
.snappackage that was just downloaded.
- Do I need to use “sudo” with snap commands?: You need to prepend
sudowhen you run most snap commands that perform privileged actions. However, if you log in into the Snap Store using
sudo snap login, then you do not need anymore to prepend
radare2cannot open a file in
/tmp?!?!? Why?: Snap packages, even those running in
devmode, get to have their own private
tmpdirectory. In the case of
/tmp/snap.radare/tmp/. But within the
radare2application, any access to files in
/tmpis redirected into access to