Wednesday 7 December 2011

And finally... Bokken 1.5

Once the development has finished, radare2 0.9 has been released and the project site has been updated, the moment has arrived: Bokken 1.5 is here!

Take a look at the previous post to read some of the new features of this release and keep reading to see most of them in detail; for the rest... install Bokken and enjoy them!

As mentioned before, one of the most important features added is the support of radare2 as backend. So now Bokken can work with either Pyew or Radare, each one having its own advantages and drawbacks.

Most of the development efforts for this release have gone to improve the GUI in order to make it cleaner and easier to use.


The disassembly view has gained in interactivity, and now it features, among others:
  • Code navigation by clicking over: functions, basic blocks, address, section names, etc...
  • Add comments, view and follow xrefs or view opcode information by right-clicking on a code line.

The graph tab has been improved mainly if radare backend is used; if so, the graph will show flowgraph or callgraph and popup a xrefs menu if a node is right-clicked.


Even the hexdump has received some love and now has syntax highlighting and selected bytes will be disassembled.


If the radare backend is used, a new tab will be added with extended target information like entry points, symbols, imports, sections and strings.


Do you want to use Bokken to find the exploit of the latest patched vulnerability from your favorite vendor? Congrats! Bokken 1.5 features for the first time a binary diffing plugin that can be used with radare.


Other plugins added are:
  • Assembler/Disassembler: create and export assembly code snippets in many architectures.
  • Visual representation of binary sections.
  • Advanced calculator with many input and output formats.
  • File magic identification.
Finally, if you have problems with x86 assembly, stack inners or other issues, take a look at the RCE cheat sheet included.


There are many other new hidden features awaiting to be discovered on this release, too much to be mentioned here; take a look at the project documentation to discover and learn about them. Now it's time for you to download and install :-)

Windows installer and debian packages will be available soon but, meanwhile, manual installation is easy and straightforward.

We hope you enjoy this release as much as we did working on it and, as always, send us your feedback, bugs, and requests to our mailing list:

bokken-devel at inguma.eu

Special thanks for this release go to:

  • @trufae and @earada for radare2, their help and testing
  • @zxlain for the OSX testing and encouragement
  • @huahe for the incredible logo

Thanks and stay tuned (in @ingumito)!

Contributors