Paul's Security Weekly (Audio) Hacking IP KVMs & Reversing with Radare2 - Sergi Àlvarez - PSW #918
Mar 19, 2026
Sergi Àlvarez (Pancake), creator of the Radare2 reverse engineering framework and NowSecure researcher. He chats about Radare2’s architecture, plugin system, and how it grew from forensics roots. Short takes on decompilation vs disassembly, recovering symbols from stripped binaries, and securing contributions. Also: research into nine IP KVM vulnerabilities and other recent hardware and mobile security stories.
AI Snips
Chapters
Transcript
Episode notes
Stripped Binaries Lose Names But Not Behavior
- Stripping symbols reduces metadata but doesn't remove executable logic; unstripped samples let you map names into stripped binaries.
- Generating signatures from non-stripped binaries recovers meaningful names in stripped builds.
One Analysis Loop Serves Many Architectures
- Radare2's shared analysis pipeline works across architectures while triggering architecture-specific plugins during the loop.
- A single core analysis with plugin hooks simplifies cross-architecture tooling and reuse of analysis passes.
Recover Symbols By Matching Unstripped Builds
- When you have both stripped and unstripped builds, generate signatures from the unstripped build and apply them to stripped binaries.
- This recovers function names and accelerates reverse engineering.