MASTG-TOOL-0129: rabin2

{:target="blank"} rabin2 is a command-line utility within the Radare2 framework ( radare2 for iOS, radare2 for Android_) designed for extracting and presenting detailed information from binary files. It supports various file formats, including Java CLASS, ELF, PE, Mach-O, and others through plugins. Rabin2 can retrieve data such as symbol imports/exports, library dependencies, data section strings, cross-references, entry point addresses, sections, and architecture types. The extracted information can be output in multiple formats compatible with other tools, including Radare2 itself.

Techniques

MASTG-TECH-0019: Retrieving Strings MASTG-TECH-0018: Disassembling Native Code MASTG-TECH-0140: Obtaining Debugging Information and Symbols MASTG-TECH-0115: Obtaining Compiler-Provided Security Features MASTG-TECH-0071: Retrieving Strings MASTG-TECH-0054: Obtaining and Extracting Apps MASTG-TECH-0111: Extracting Entitlements from MachO Binaries MASTG-TECH-0113: Obtaining Debugging Symbols

Tests

MASTG-TEST-0011: Testing Memory for Sensitive Data MASTG-TEST-0044: Make Sure That Free Security Features Are Activated MASTG-TEST-0060: Testing Memory for Sensitive Data MASTG-TEST-0076: Testing iOS WebViews MASTG-TEST-0070: Testing Universal Links MASTG-TEST-0075: Testing Custom URL Schemes MASTG-TEST-0071: Testing UIActivity Sharing MASTG-TEST-0077: Testing WebView Protocol Handlers

Demos

MASTG-DEMO-0036: Debuggable Entitlement Enabled in the entitlements.plist with rabin2