This is beautiful. #aor24 day 15 #bindiffing #radare2
#aor24
Even I don’t know what config use by default atm, I’ve found the #aor24 14 a very nice approach to configure your own setup according to the needs :)
Solutions from @alkali posted in bluesky #aor24 https://bsky.app/profile/alkalinesec.bsky.social/post/3ldpahcoauk2e
My #aor24 day 13 result:
pdb @@= 0x004014a2 0x0040150e 0x0040155e 0x0040f04b
I hate myself a little too much because of my delay. Fucking anxiety abrfffff
One week left to finish the advent calendar of radare! Which post did you enjoyed the most until the date? Share your feedback and learning tips using the #aor24 hashtag!
If you want to solve the 7th advent challenge you can take this commit as inspiration https://github.com/radareorg/radare2/commit/7a7999ed543c733ea58de358b32850feb6283dad
Yesterday’s advent post have the notebook llm podcast attached just because i find it pretty informative and well structured for the contents. I must find a good free tts and do the same for the other posts using r2ai. https://www.radare.org/advent/14.html #radare2 #aor24
Did you solved yesterday’s advent crackme using ESIL emulation? If so, can you write a oneliner that solves it without any interactive prompt or visual interactions? Post it if you do! Today's advent post will help you learn about moving around the disassembly more swiftly! https://www.radare.org/advent/12.html #aor24
when you end with 0x38 ^ 0x38 because moew #aor24 day 12.
#aor24 day 11 challenge has given me an idea to try to solve something that has been in my mind for a while :D
#LetsDropThisHeap
#aor24 10 is like a wet dream… something my 13 years ago self wanted to implement, but some shit and life happened.
Are you enjoying the #aor24 Advent of Radare?
Got Root? the 10th post of the advent of radare digs into the kernel memory to patch the cred struct to escalate privileges using the r2k plugin https://radare.org/advent/10.html #linux #kernel #radare2 #aor24 #reverseengineering https://radare.org/advent/10.html
I feel like a dummy fuzzer with #aor24 xD
But now i'm up to date, and the 09 was fun to read and know more stuff about ARM and watching how instructions are microprogrammed :)
✨This weekend syncs with the first week of the Advent of Radare! Take some weekend time to catch up with the challenges and learn new features and syntax tricks! https://radare.org/advent #aor24
#aor24 day 5 was also fun platino with hexdumps, but i guess i’ll review it again as i was a bit distracted (train issues). Also want to implemente my own backtrace in js :3
I'm a bit late with #aor24 due to health issues, but the day 4 was a funny one.
I’ll write my howto and finally my result, just in case someone wants to skip it :)
I used rax2 to extract the b64: “rax2 -D `cat b64file` > file” , and file was a .xz that contained a Mach-O (using i command within r2).
Analyzing the strings with izzz, there were a lot of swift references, so, as the doc said, /az is our bestie there.
Running that command, some strings appeared that could be potentially the password. I had my guess but seeked to the position of the previous string, printed the next 20 instructions and after my suspected string found something like this “bl sym _stringCompareWithSmolCheck…”, which from my dummy knowledge seems that is comparing the string, so I tested it on the binary and boooom. It worked!
<spoiler>
the password was flag4advent
</spoiler>
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst