
Cutter – A Qt and C++ GUI for Radare2 reverse engineering framework - xvilka
https://github.com/radareorg/cutter
======
souprock
Cutter is "A Qt and C++ GUI for radare2".

There are more alternatives to IDA Pro. Hopper Disassembler is one. Binary
Ninja (binja) is another.

Here is an independent review of Binary Ninja:
[https://www.trailofbits.com/research-and-
development/binja/](https://www.trailofbits.com/research-and-
development/binja/)

Here is the project itself: [https://binary.ninja/](https://binary.ninja/)

I happen to know most of the people involved in Binary Ninja. They do great
work. They really understand security and the need to operate off-line.

BTW, if disassembly is a career interest for you, see
[https://news.ycombinator.com/item?id=17208556](https://news.ycombinator.com/item?id=17208556)
for my "Ask HN: Who is hiring? (June 2018)" comment.

~~~
voltagex_
Reverse engineering has been a constant interest for me but I've never managed
to get it to "click" for me. I don't particularly _need_ the skill, but it's
one I'd like to have (at least to the extent of being able to do simple
crackmes).

~~~
stevekemp
My earliest exposure to computers was the ZX Spectrum, an 8-bit home-computer
from the 80s, which was insanely populare in the UK.

Having few games, and little budget for more, most of the kids around would
swap home-copied games. I used to have fun removing protection, or hacking the
games for infinite lives. At the time I was 12-15 and it was very much a case
of trial or error.

Assuming a game started with 3 lives I would look for every occurance of "LD
A,3", and change the 3 to 5. If that didn't work I'd eventually replace every
occurance of 3 with a different number. As you can imagine this was a tedious
process!

If I was lucky enough to find the right "starting value" I'd then go on to
look which memory-address the value was saved in. That would then let me
search for that same address in the rest of the program, and hopefully spot
something like:

    
    
         LD A,(addr)
         DEC A
         LD (addr),A
    

At that point I was done. Removing the decrement would stop the lives-counter
from being decreased - giving you as many as you wanted.

Later I moved to the PC, and I found +fravia's site very educational. There
are still mirrors which show how you could remove protection from commercial
software - and oftentimes I'd be reminded of my previous attempts. Sometimes
it is very simple, and sometimes not. Educational regardless.

Random mirror here -
[http://acrigs.com/FRAVIA/aca400.htm](http://acrigs.com/FRAVIA/aca400.htm)

The main reason I stopped this work? Few programs on Linux prompt you for
license keys! But a good disassembler is a worthwhile thing to explore,
whether for debugging your own code, or randomly exploring crackmes.

~~~
Hugie
My first and only hacks were at the age of 12 where i "patched" the copy
protection keywords from the first XWing in 1993 [0]. I only knew 1 password
and searched for it in a hex editor. I found it and recognized a pattern with
similar words. Replacing them with the Ascii Space resulted in "press return
to pass" password checks :D Damn i was proud.

At the same age, i rewrote the Story Text of "The Adventures of Robin Hood"
(1991)[1] via hex and "Try and Errored" all Ascii combinations to develop my
own Ascii chart. You can imagine what a 12 year old rewrote a love story to...
my older brother was quite happy :D

I later tried to patch Dune2 Level files to create my own but did not
understand a thing.

Now i write medical software and sometimes feel the same ;)

[0]: [https://en.wikipedia.org/wiki/Star_Wars:_X-
Wing_(video_game_...](https://en.wikipedia.org/wiki/Star_Wars:_X-
Wing_\(video_game_series\)#X-Wing)

[1]:
[https://en.wikipedia.org/wiki/The_Adventures_of_Robin_Hood_(...](https://en.wikipedia.org/wiki/The_Adventures_of_Robin_Hood_\(video_game\))

------
joshumax
I've been watching the ecosystem of radare2 GUIs for a while now. I've loved
IDA for its long-standing support of numerous architectures, as well as its
built-in interpreter for running Python/IDC scripts with ease, however the
price is nearly inhibitive for the average student or weekend hacker. IMO, the
one major reason that radare isn't as widely adopted in the RE industry is
simply because of a lack of GUIs that aren't either web-based or half-baked
and partially broken. In many ways, the radare2 plugin architecture is far
superior to IDAs, and I hope this project can start to bridge the gap between
functionality and ease-of-use.

On an entirely separate note, I'd love to see a port of this for Android :)

~~~
colechristensen
I looked into buying IDA Pro a while back and the experience was like buying
enterprise software in 1997. There's not much of a reason for me to have it
but it'd be a fun thing to have and toy with in spare time but I'm not really
willing to pay an insane subscription price on a sketchy website.

~~~
rocky12
Sure, but it's not really the type of tool you play with during the weekends.
It's high powered and the industry standard.

I, and many of my colleagues, would gladly play 4 or 5 times the price for IDA
and Hex Rays. Though, any decent security company will purchase a subscription
for it's employees.

~~~
colechristensen
>it's not really the type of tool you play with during the weekends

I am not so sure I agree. I can take another example, CAD software. There are
high powered industry standard softwares which I would love to use on weekends
and maybe even use in side projects for profit, but there's no way I can pay
$2k/year and justify that. A $2k permanent license? Sure, it's a stretch but
I'd probably go for it. 180/month though, whatever I'm doing would have to be
really serious before I could justify that.

And I won't ever start at that price so the deal is dead.

There's a parallel in 3d printing. Not so long ago 3d printers were insanely
expensive and only accessible to professionals. Now consumer grade machines
are starting to replace machines that cost 10-100x more.

It's a frustrating thing about the economy where power tools that could enable
a lot of people to do a lot of things are priced so that only a few people who
can pay a lot can have access to them. I get that the people making them need
to make a livelihood, but the frustration remains.

~~~
slobotron
For free CAD, checkout OnShape if you don't mind all your drawings to be
public.

[https://www.onshape.com/](https://www.onshape.com/)

~~~
colechristensen
Oh yes there's plenty of free CAD (for example, FreeCAD), but there are some
truly excellent but insanely expensive tools out there too.

I would be happy to spend a large sum of money for a copy, but you can't any
more. You have to buy a subscription.

If I can buy something excellent and know that I'll be able to use it, even if
outdated, in 10 years, there's real value to an investment like that.

If I'm throwing several dollars a day into a hole for something I'll probably
only use sometimes, and at that, perhaps taking years between uses, I can't
justify the expense.

Something like how I bought the best cordless drill I could find. Not because
I use it every day, or even every month, but because I wanted my drilling
experience to be good every time I used it.

If you have good tools you're more likely to do things and do them well.

People give the same advice about guitars. Don't buy a cheap guitar if you
want to pick up the skill. It will be difficult to tune, it won't keep a tune,
and it won't sound great whatever you do. Buy a good guitar and what you do
will sound better and encourage you to keep it up and get better.

A lot of free software tools are the same. They can do what they do, but their
flaws discourage use and make failure as a beginner a lot more likely.

There is probably an optimum there. Not so refined as to be too expensive to
be accessible to most people and not so rudimentary as to turn away people who
try with low success.

------
sguav
I discovered Radare2 some years ago, and found that Cutter strongly lowers the
learning curve of r2.

On that note, I used to play (as a n00b) to some crackmes and ctf, but not
having kept up to date I can't find a live replacement for crackmes.de (or .cf
today...still an archive though). Any suggestions of current resources to
"play" with r2 and Cutter?

~~~
Pourliver
I don't know those websites, but I can recommand something in the same genre :
pwnable.tw

------
JepZ
I wish there would be some App/Website similar to DragonBox [1] but to learn
assembler instead of math ;-)

[1]:
[https://dragonbox.com/products/algebra-12](https://dragonbox.com/products/algebra-12)

~~~
dpwm
TIS-100 by Zachtronics is a game based around a very small instruction set
assembly language on an interesting architecture.

Shenzhen I/O is also meant to be good, but I haven't played it.

Neither are even close in complexity or sheer number of instructions to x86,
but then I get the sense that x86 tends to put people off assembly in a way
that simpler architectures don't.

~~~
gmueckl
TIS-100 is a neat programming puzzle game. A lot of the programming challenges
revolve around the limited nature of the CPU nodes in each system (two
registers, no memory, very limited space for assembler source code). It's a
fun game if you love to program. However, I found the later challenges somehow
too frustrating and I haven't finished the game.

------
zellyn
I learned to use Radare2 a bit during our company's last CTF, and while it's
super awesome in terms of capabilities, the GUI story is terrible: if you
start investigating, it seems there's a long debris trail of half-done GUIs
where someone said, “Hey, this would be easier if there were a GUI”. Even the
visual mode inside radare2 has _completely_ different commands from the non-
GUI mode, and you almost certainly need to switch back and forth.

If radare2 found a couple of undergrad usability students to contribute and
then focused on consistency and bug-fixing, it would be able to live up to its
truly amazing potential.

------
xtrapolate
[https://rada.re/r/cmp.html](https://rada.re/r/cmp.html)

Radare, in my opinion, is mostly lacking on the user-experience sides. IDA is
easier to pick-up and use. Also, I feel Radare's decompilers don't fare as-
well as Hex-Rays. I equate this to Windbg - your best Windows debugger, which
unfortunately is relatively tough to pick up (I'd argue, mostly due to poor UI
choices). Forgoing that, Radare is absolutely packing.

I've moved on to reverse most of my projects with Radare. I'm still missing a
handful of small features/plugins from IDA, but it's not a big issue.

~~~
bennofs
The thing that r2 is lacking is a good decompiler. IDAs decompiler really
helps a lot if you are reversing a big binary with many structs.

~~~
hjek
Avast released RetDec as free software not long ago:
[https://news.ycombinator.com/item?id=15912595](https://news.ycombinator.com/item?id=15912595)

------
aetherspawn
This looks proper good. Interesting to see pseudo code support too.

------
JesusTheGod
This is great. I've tried to pickup radare2 multilple times for fun and I
always struggled with the CLI. I will give it one more go with Cutter.

