22.7 forum: Scripting with lua (2)

Yesterday..well this morning..but before going to sleep Osmile I commited into the repository a new namespace for the radare lua api to analyze code and data.

Actually this matches with the latest changes in the core while deprecating commands like (pA, pC and pG) into a more logical new command called 'a' (analyze) to merge all code and data analysis.

So if you want to analyze an opcode you type "ao" and it will show a hashtable like this one.

[0x00000000]> ao
index = 0
opcode =   jg 0x47
size = 2
type = conditional-jump
bytes = 7f 45 
base = 0x00000000
jump = 0x00000047
fail = 0x00000002

This output can be easily parsed in lua in this way:

Code:

function Radare.Analyze.opcode(addr)
  if addr == nil then addr = "" else addr= "@ "..addr end
  local res = split(Radare.cmd("ao "..addr),"\n")
  local ret = {}
  for i = 1, #res do
    local line = split(res[i], "=")
    ret[chop(line[1])] = chop(line[2])
  end
  return ret;
end

So from our scripts we can write something like this:

Code:

op = Radare.Analyze.opcode()

print("Attributes for this opcode")
for k,v in pairs(op) do
        print (" - "..k.." = "..v)
end

print("Opcode size: "..op["size"])

-- change EIP instead of perform a call
if op["type"] == "call" then
  Radare.Debugger.set("eip", op["jump"])
fi

Im currently having a look on different APIs like the IDA one to try to get a good approach to ease the code analysis from scripts.

But for now, using the "ac" command you can analyze code and get the code blocks with a certain depth. Expect a mostly stable api for analyzing code blocks, data, opcodes for all the current supported architectures of radare before the 0.9.7 release. (~20 of Jun)

As you see. using lua as scripting lang for radare is really easy and extensible, just adapting output of commands and providing a minimal lua layer to handle it.