Highest Voted 'ghidra' Questions

0

votes

1 answer

Ghidra Python, creating a memory reference to an already defined string

Ghidra 10.3 and MS-DOS 16-bit executables. I'm having trouble figuring out how to script creating memory references. The goal is to locate patterns for MOV DX,VALUE then create a memory reference for VALUE if it's validated as the location of a…

python reference ghidra

asked Jun 28 '23 at 19:24

user177731

23
4

0

votes

1 answer

parsing il2cpp_ghidra.h from il2cppdumper in ghidra fails

when i use il2cppdumper, get il2cpp.h, then run il2cpp_header_to_ghidra.py and after that trying to open il2cpp_ghidra.h with ghidra (File > Parse C source > add il2cpp_ghidra.h to list > parse program) i'm getting error in il2cpp_ghidra.h: Error:…

il2cpp ghidra

asked May 30 '23 at 21:02

Sirox0

1
1

0

votes

1 answer

How to build Ghidra from source code in China?

Here is Ghidra build steps: https://github.com/NationalSecurityAgency/ghidra#build When I run this command: gradle -I gradle/support/fetchDependencies.gradle init The error: URL:…

powershell github proxy ghidra

asked May 04 '23 at 09:57

qux

505
4
9

0

votes

1 answer

What are the differences between Cheat engine and other applications like IDA, Ghidra, and x64dbg?

I have used Cheat Engine to the point where I now understand how I can access memory in the program, how to view the assembly code, find pointers, use the debugger, etc. I have not used IDA, Ghidra, x64dbg (or any others I don't know about) and was…

c debugging ida cheat-engine ghidra

asked Apr 19 '23 at 20:14

DevFish

11
6

0

votes

1 answer

Trouble installing r2ghidra

I am using a MacBook with OS Ventura 13.3 and trying to install the r2ghidra plug-in through the command r2pm -ci r2ghidra but it fails with the following error: I have tried various fixes such as reinstalling radare2 both by running brew install…

ghidra radare2

asked Apr 10 '23 at 12:51

adahy

25
4

0

votes

0 answers

How to change the FSRL for a file in Ghidra

Is there a similar way to change the FSLR ("File System Resource Locator") of a file in GHidra, like there is to change its "Executable Location" with 'currentProgram.setExecutablePath("/new/path/to/binary.elf")' as described here? There doesn't…

java jython ghidra

asked Apr 07 '23 at 14:47

LN2

11
2

0

votes

1 answer

Finding algorithm with Binwalk

actually, it all started when I wanted to update the map of my car navigation. The map of the device can only be updated with the sd card and unfortunately it does not update because the cid code on the sd card does not match. I wanted to find the…

algorithm firmware reversing ghidra binwalk

asked Mar 01 '23 at 23:21

RNS315

1
2

0

votes

0 answers

How to modify an exe(change operation/control/hot keys)

What should I look for inside a decompiled exe to change hotkeys? Context- I got a menu with default control keys like numpad* to open the menu, 2846 for up down left right, etc. I asked the dev to add option to change the keys, he just replied…

exe reverse-engineering ghidra

asked Feb 14 '23 at 22:31

Subhradip Sarkar

1
2

0

votes

1 answer

On execution of a ghidra script, errors from a non-existent script (which once existed) are displayed in the console

I just stumbled over this error, of which I could find no mentioning anywhere in the net. In my case, the (java) script once existed, but was renamed. However, Ghidra continued to complain about errors in it. Using the refresh button in the script…

ghidra

asked Feb 08 '23 at 09:24

karsten

639
5
13

0

votes

0 answers

Decompiler not working in Ghidra Disassembler for Arm64 windows10 pro. [Processor Snapdragon 8cx ]

I'm kind of new to Ghidra Disassembler so kindly bear with me. I was trying to install Ghidra to analyse an executable. After opening the executable in Ghidra it loads everything fine except Decompiler. Decompiler window displays this error…

decompiler ghidra

asked Feb 02 '23 at 18:22

zen lulu

1
2

0

votes

0 answers

What is the best solution to load the correct gpio mapping for atmega328p in ghidra

All the tutorials I found use the default AVR8 default 16 litle gcc configuration when importing the binary. After importing the file with this configuration the gpio register mapping is completely messed up. What is the best solution to load the…

ghidra

asked Dec 27 '22 at 19:16

dsl400

322
3
14

0

votes

2 answers

Java version 11.0.17 (64-bit) is outside of supported range: [17+ 64-bit]

I have installed ghidra on my ubuntu 20.04 os and when i run ghidra with this command ./ghidraRunthis statement is popped out (https://i.stack.imgur.com/FlV2a.png) and when i specify the path i got this error Java version 11.0.17 (64-bit) is…

linux ubuntu ghidra

asked Dec 15 '22 at 09:45

Moemen Attafi

51
4

0

votes

1 answer

Ghidra C dissasembly shows never seen code statement? Keyword "code" with pointer operator

Playing with ghidra and there is this statement on the disassembly display that i don't understand. (**(code **) For example in this context: int *piVar1; int iVar2; uVar3 = (**(code **)(*piVar1 + 8))(iVar2); The internet did not had any good…

c reverse-engineering disassembly ghidra

asked Nov 30 '22 at 20:55

Aedn

5
2

0

votes

1 answer

How do I get the names of exported functions using Ghidra scripting?

I am trying out Ghidra scripting in Java and I would like to get the functions a program exports as shown under the "Exports" folder in the Symbol Tree. However, I can't seem to figure out how to achieve this. I have tried the solution listed here:…

reverse-engineering ghidra

asked Nov 24 '22 at 03:50

0necloud

1

0

votes

0 answers

How do I extract the decompile files from ghidra

I am using ghidra to decompile files into some assembly code. I cannot seem to find the option to download all the code. I am using ghidra to decompile files into some assembly code. I cannot seem to find the option to download all the code.

reverse-engineering ghidra

asked Oct 31 '22 at 16:02

kaiion

1

Questions tagged [ghidra]