other versions
- bookworm-backports 5.9.4+dfsg-1~bpo12+1
- testing 5.9.4+dfsg-1+b1
- unstable 5.9.8+dfsg-1
| RADIFF2(1) | General Commands Manual | RADIFF2(1) |
NAME¶
radiff2 - binary diffing utility
SYNOPSIS¶
radiff2 [-1abcCdeGhijnropqsSxuUvVzZ] [-A[A]] [-B #] [-g sym] [-m graph_mode][-t %] file file
DESCRIPTION¶
radiff2 is a tool from the radare2 suite designed for binary diffing code and data.
It supports a wide range of formats and features, including architecture and bits specification, delta diffing, graph diffing, and more.
OPTIONS¶
- -1
- Output in Generic binary DIFF (0xd1ffd1ff magic header).
- -a [arch]
- Specify architecture plugin to use (x86, arm, etc.).
- -A [-A]
- Run aaa or aaaa after loading each binary (see -C).
- -b [bits]
- Specify register size for architecture (16 (thumb), 32, 64, etc.).
- -B [baddr]
- Define the base address to add the offsets when listing.
- -c
- Count of changes.
- -C
- Graphdiff code (columns: off-A, match-ratio, off-B) (see -A).
- -d
- Use delta diffing.
- -D
- Show disasm instead of hexpairs.
- -e [k=v]
- Set eval config var value for all RCore instances.
- -g [arg]
- Graph diff of [sym] or functions in [off1,off2].
- -G [cmd]
- Run an r2 command on every RCore instance created.
- -i [ifscm]
- Diff imports | fields | symbols | classes | methods.
- -j
- Output in JSON format.
- -m [mode]
- Choose the graph output mode (aditsjJ).
- -n
- Print bare addresses only (diff.bare=1).
- -O
- Code diffing with opcode bytes only.
- -p
- Use physical addressing (io.va=false) (only for radiff2 -AC).
- -q
- Quiet mode (disable colors, reduce output).
- -r
- Output in radare commands.
- -s
- Compute edit distance (no substitution, Eugene W. Myers O(ND) diff algorithm).
- -ss
- Compute Levenshtein edit distance (substitution is allowed, O(N^2)).
- -S [name]
- Sort code diff (name, namelen, addr, size, type, dist) (only for -C or -g).
- -t [0-100]
- Set threshold for code diff (default is 70%).
- -T
- Analyze files in threads (EXPERIMENTAL, 30% faster and crashy).
- -u
- Unified output (---+++).
- -U
- Unified output using system 'diff'.
- -v
- Show version information.
- -V
- Be verbose (current only for -s).
- -x
- Show two-column hexdump diffing.
- -X
- Show two-column hexII diffing.
- -z
- Diff on extracted strings.
- -Z
- Diff code comparing zignatures.
GRAPH OUTPUT FORMATS (-m [mode])¶
USAGE EXAMPLES¶
- Comparing two binaries
- radiff2 bin1 bin2
- Using graph diffing to compare functions by name
- radiff2 -g main bin1 bin2
- Counting the number of changes between two binaries
- radiff2 -c bin1 bin2
- Outputting the diff in a unified format
- radiff2 -u bin1 bin2
- Comparing the opcodes of two functions
- radiff2 -O bin1 bin2
'C' COMMAND IN R2¶
The 'c' command in r2 is used for various comparison operations within data inside the same file. Here are some examples of its usage:
- Compare a plain string with escaped chars
- c "string to compare"
- Compare byte at a specific address with current offset
- c1 0x100
- Compare block size bytes from current offset and the 0x100 offset
- cc 0x100
- Unified diff of disassembly from current seek and given address
- cud 0x200 @ 0x100
- Compare memory hexdumps in unified diff format
- cu 0x100 @ 0x200
For more detailed usage of the 'c' command, refer to the `c[?dfx] [argument]` help section.
SEE ALSO¶
AUTHOR¶
pancake <pancake@nopcode.org>
| radiff2 tool | Mar 16, 2024 |