dddddddddddddddddddddddddddddddddddddddd/     
      ddddddddddddddddddMMMMdddddddddddddddddd/     
      ``````````````````NMMM``````````````````      
   ---------------------NMMM---------------------`  
  `NNNNNNNNNNNNNNNNNNNNNMMMMNNNNNNNNNNNNNNNNNNNNNo  
  `MMMmoooooooooooooooooNMMMooooooooooooooooosMMMs  
  `MMMy                 NMMM                 -MMMs  
  `MMMy  /hhhhhhhhhhh`  NMMM   hhhhhhhhhhhs  -MMMs  
  `MMMy  /hhhhhhhhhhh`  NMMM   hhhhhhhhhhhs  -MMMs  
  `mmms                 NMMM                 -mmmo  
        /ssssssssssss`  NMMM   sssssssssssss.       
        sNNNNNNNNNNNN`  NMMM   NNNNNNNNNNNNN-       
                        oooo                        
        ::::::::::::::::::::::::::::::::::::`       
       `MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM/       
        ////////////////////////////////////.       
                                                    
 -yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyo 
 :MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMd 
  ````````````-NMMMd.```````````-ohNh+.```````````` 
             :NMMMo`            `+hMMMNy:`          
            +NMMm:             ````-sNMMMmo.        
    .yyyyyydMMMMmdddddmmmmmmmmmmmmNNNMMMMMMNh:      
    `MMMMMMMNNNNNNNmmmmmmddddddhhhhhhyyyyymMMMd/    
     ---............`````````````         `+mds:    
                                            ``      
                 [deroad's  blog]
                      [home]

# 2022-07-05 | Rizin 0.4.0
{

  Has been a while since i posted an update on the blog, but is a good time to write about Rizin 0.4.0 due
  the new features we have implemented:

  FLIRT files can be used to apply analysis information gathered from one binary to another one, allowing
  the reverse engineer to more easily recognize library functions or standard functions that are usually
  not binary specific.
  Rizin can now create such FLIRT files (both in .pat and .sig extensions), which can be later applied to
  other Rizin sessions or even opened directly by IDA.

FLIRT signature creation

  BaseFind is a lovely tool that allows, without any structured file format (e.g. ELF) to find the base
  address where the raw data is supposed to be run. This can be performed via the new B command.

$ rizin -e basefind.progress=true -qc B stm32f103-bluepill.bin basefind: thread 0: 0x3c000000 / 0x3c000000 100% basefind: thread 1: 0x78000000 / 0x78000000 100% basefind: thread 2: 0xb4000000 / 0xb4000000 100% basefind: thread 3: 0xf0000000 / 0xf0000000 100% score candidate ----------------- 4 0x08000000 1 0x79ca6000
} # References: Rizin https://github.com/rizinorg/rizin