
Show HN: REDasm Disassembler 2.0 - Dax89
https://redasm.io/
======
jchw
Nice! A lot of open source debug tools don't have terribly great UIs and this
one looks pretty good. I can't imagine it's as versatile or intelligent as
IDA, but on the other hand for the low price of FOSS it is hard to be
disappointed. Especially since my hopes of affording a copy of IDA for my
hobbyist reverse engineering is basically nil.

This is definitely going in my toolchain of RE apps, alongside x64dbg.

~~~
gizmo
You shouldn't feel bad about buying an (expensive) license if reverse
engineering a hobby of yours. Computing is such a cheap hobby it's OK to
splurge every once in a while. And there's a good chance the skills you build
end up paying dividends later.

Compare computing to other hobbies. Anything involving cars/boats/motorcycles:
expensive. Woodworking, metalworking or anything else that requires a shop:
way expensive. It's easy to spend thousands upon thousands on most hobbies
every year. In contrast with computing you can do almost anything with very
basic tools.

It's great when there are high quality free tools out there. But most of the
time these free products get abandoned or are left unfinished. It's hard to
get a community of volunteers to do the schleppy maintenance work for 20 years
when the product is already feature-complete. And that's why we should be glad
there are commercial alternatives, even if they're a bit pricey.

~~~
jchw
It's actually a lot simpler than that: I can't afford it. I don't have the
free cash at the moment. I am focused on eliminating debt and increasing
savings and I can't do either if I spend some grand on an IDA Pro license.

~~~
souprock
Maybe you really can't afford it, but given the job opportunities this is a
bit like saying that you can't afford college. The cost with all 5 decompilers
is about $15,000. That is comparable in cost to a semester of college. It
might be a better deal if you bother to really learn the tool.

I guess there aren't student loans for IDA, but there definitely is
employment. Once you become competent with IDA, you can apply for jobs like
these at my workplace:
[https://news.ycombinator.com/item?id=19284153](https://news.ycombinator.com/item?id=19284153)
Being competent means you can navigate around in a binary without symbols,
that you can mentally convert assembly to C, and generally that you can find
things of interest in the binary and understand them.

Binary Ninja (binja) is $149 from Vector35. That might be optimal for you.

~~~
jchw
I feel you may misunderstand me. I _do_ have a nice comfy job at a big
company, in the Bay Area, as a software engineer. My career is still young, so
I don't have a ton of savings. I couldn't afford college; I went to a cheaper
one, took about a year's worth of classes before my debt became too much
higher than my income and gave up. That's a big part of the equation, along
with a car loan I still owe a fair bit on. Luckily I found most employers did
not care about the lack of a degree and so began my career without much
trouble.

I realize someone's probably going to comment that I'm an idiot for living in
the Bay Area, but consider this: after living expenses, I still make a fair
bit more than I did in Detroit, and I much prefer living here. So it is what
it is.

I think in a few years I should be more than capable of buying an IDA Pro
license, but as it stands I am not taking on that debt for a hobby. As for
whether or not I will get a job doing reverse engineering, I think it's
unlikely any time soon, though certainly possible in the future.

That's a lot more context than I feel is necessary to explain why I can't
casually drop $3k-5k on a hobby, but hopefully it makes more sense.

------
tacotime
Does anyone know why this disassembler might be a good choice over another
open source option like Medusa or Radare?

I’m very interested in this stuff. I tried getting into IDA before I had a
good understanding of programming and it was a struggle. I have been thinking
about trying my hand at it again lately.

~~~
pjc50
Radare is also pretty difficult to learn on.

------
_wmd
This looks very nice! But posting it a day ahead of NSA's Ghidra unveiling?
It's going to be buried in the noise :(

~~~
Dax89
I know about Ghidra, the release day is just a coincidence.

There is no problem btw, I have posted here to see if someone was interested
to the project. In any case I will continue to develop REDasm because I use it
at work and I need it.

------
johnisgood
I get "Graph creation failed". I tried to achieve the same thing that can be
found on redasm.io. Any ideas why or how to fix? Tried with 2.0 and nightly.

~~~
Dax89
Open an issue on GitHub:
[https://github.com/REDasmOrg/REDasm/issues](https://github.com/REDasmOrg/REDasm/issues)

~~~
johnisgood
Hold on, I see that it needs D3/Dagre/Dagre-D3. I am installing a few packages
from AUR. It may work in a bit!

~~~
Dax89
Everything is bundled in the executable!

When you see that message, for some reason REDasm cannot generate a path for
the current function and it should be fixed.

~~~
johnisgood
Ah. I do not have a GitHub account right now so I cannot create an issue. :(

------
dgellow
That looks great! Any plan to run on macOS?

~~~
Dax89
I don't own a Mac, so I can't test the generated binaries.

Someone reported me on Twitter that it compiles fine on a 64-bit OS with
Clang.

It doesn't compile with Clang on a 32-bit OS (there is a bug report for that).

~~~
dgellow
So, I'm on macOS, 64bit, trying to compile with clang, and I get some errors
concerning comparisons between size_t and u64 values. I was able to progress a
bit by changing some size_t to u64, or the opposite, but I'm quite sure that
I'm breaking a bunch of things at the same time :)

I will continue a bit then open an issue with details.

~~~
Dax89
It looks like this:
[https://github.com/REDasmOrg/REDasm/issues/14](https://github.com/REDasmOrg/REDasm/issues/14)

But the OP doesn't answer so I can't fix it

~~~
vkaku
Please publish a binary/dmg. This would be sweet. Thank you for getting this
to work on macOS :)

~~~
Dax89
It's WIP: I'm receiving bug reports and pull requests for macOS support

------
merlincorey
If one is on Debian, here is a partial list of QT packages one might want to
install to try this out:

    
    
        qt5-default
        libqt5webengine5
        libqt5webenginewidgets5 
    

Also it needs at least QT5.9, but Debian Stretch only has QT5.7.

------
eggy
Downloading now. I realize it's not IDA, but does anyone have any preliminary
comments on how practical, fast and useful this is for disassembling x86-64
binaries?

~~~
Dax89
Hi, I'm the developer. And I'm also a fan of IDA-like environment.

REDasm is a project that tries to mimic IDAs interface and shortcuts but with
a nicer, modern API.

About the quality of x86-64 binaries: it should be pretty good (but far from
perfect).

Obviously with more binaries and test cases the quality of the generated
listing can be improved!

~~~
eggy
I like the interface. When I saw "RED" I thought it was developed in Red's
system language.

The release of Ghidra by the NSA has stole some of my attention. Given your
expertise, what are your thoughts on Ghidra aside from the source? Thanks!

~~~
Dax89
Well, it's a personal opinion (and I haven't used Ghidra too much) so:

The UI is a lot 90s/ish and a bit unconfortable to use, but it ships a great
decompiler and it can render nice graphs, the quality of the generated listing
is good, but inferior compared to IDA's one.

And...Java...

------
vkaku
Sweet! Good to have an IDA alternative!

I hope the pricing remains sane once you guys make it big :)

------
RDeckard
Any keyboard shortcuts? Can't seem to find any docs on it

------
videoForensics
So I use capstone regularly. This sounds like a ui layer on top?

~~~
Dax89
Capstone is just a backend above LibREDasm: you can create a new architecture
from scratch.

