Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 19 submissions in the queue.

US NSA Announces Open Source Availability of GHIDRA Software Reverse Engineering Framework

posted by Fnord666 on Wednesday March 06 2019, @08:12AM   Printer-friendly
from the I'm-not-gonna-try-it...YOU-try-it! dept.

martyb writes:

The US National Security Agency (NSA) announces it has made its GHIDRA Software Reverse Engineering (SRE) framework available as open source. Key features of Ghidra are:

  • includes a suite of software analysis tools for analyzing compiled code on a variety of platforms including Windows, Mac OS, and Linux
  • capabilities include disassembly, assembly, decompilation, graphing and scripting, and hundreds of other features
  • supports a wide variety of processor instruction sets and executable formats and can be run in both user-interactive and automated modes
  • users may develop their own Ghidra plug-in components and/or scripts using the exposed API

The framework can be downloaded from https://ghidra-sre.org/. The page has a button labeled "SHA-256" but it seems to require Javascript for it to be displayed. A simple "view source" (you don't think I'm gonna let the NSA have execution permission on my computer!) of the page revealed:

3b65d29024b9decdbb1148b12fe87bcb7f3a6a56ff38475f5dc9dd1cfc7fd6b2 ghidra_9.0_PUBLIC_20190228.zip

Alternatively, it also seems to be available on GitHub.

What I really want to know is how are you supposed to pronounce its name?

Original Submission

 
This discussion has been archived. No new comments can be posted.
US NSA Announces Open Source Availability of GHIDRA Software Reverse Engineering Framework | Log In/Create an Account | Top | 21 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by MichaelDavidCrawford on Wednesday March 06 2019, @08:32AM (7 children)

    by MichaelDavidCrawford (2339) Subscriber Badge <mdcrawford@gmail.com> on Wednesday March 06 2019, @08:32AM (#810632) Homepage Journal

    Or perhaps a test tool, I am symantically unclear.

    How much do you suppose Larry Ellison would pay for a Ghidra-Resistant Binary Executable Shrouder?

    I'm gonna get me some $$$$$ pussy now!

    --
    Yes I Have No Bananas. [gofundme.com]
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2  

  • (Score: 2) by ls671 on Wednesday March 06 2019, @08:59AM (1 child)

    by ls671 (891) Subscriber Badge on Wednesday March 06 2019, @08:59AM (#810641) Homepage

    You don't get it. It is a trojan gift to us all. Who is going to reverse engineer the reverse engineering tool anyway :)

    --

    Everything I write is lies, including this sentence.

    • (Score: 3, Interesting) by c0lo on Wednesday March 06 2019, @12:04PM

      by c0lo (156) Subscriber Badge on Wednesday March 06 2019, @12:04PM (#810669) Journal

      Who is going to reverse engineer the reverse engineering tool anyway :)

      MDC volunteered. For $$$$$ pussy.

      --
      https://www.youtube.com/@ProfSteveKeen https://soylentnews.org/~MichaelDavidCrawford

  • (Score: 3, Interesting) by JoeMerchant on Wednesday March 06 2019, @01:06PM (4 children)

    by JoeMerchant (3937) on Wednesday March 06 2019, @01:06PM (#810689)

    Code obfuscation isn't all that hard, if you don't care about performance. I thought this was evident in Oracle, Microsoft, and many other products since they were introduced.

    --
    🌻🌻🌻🌻 [google.com]

    • (Score: 4, Funny) by DannyB on Wednesday March 06 2019, @03:29PM (3 children)

      by DannyB (5839) Subscriber Badge on Wednesday March 06 2019, @03:29PM (#810728) Journal

      Wait . . . are you saying Oracle and Microsoft code are deliberately obfuscated? I thought that was just the way they wrote software badly. Are you sure they go to an extra step to obfuscate?

      --
      Infinity is clearly an even number since the next higher number is odd.

      • (Score: 2) by sjames on Wednesday March 06 2019, @09:23PM

        by sjames (2882) on Wednesday March 06 2019, @09:23PM (#810874) Journal

        Microsoft takes it to the next level. Even with the documentation in front of you, it's still obfuscated through 12 pages of non-optional parameters all with names that read like they should mean something but what that something might be is a bit of a mystery. Sometimes it's apparently a mystery even to MS.

      • (Score: 2) by JoeMerchant on Wednesday March 06 2019, @09:31PM

        by JoeMerchant (3937) on Wednesday March 06 2019, @09:31PM (#810876)

        Are you sure they go to an extra step to obfuscate?

        It comes from the top-down. Chair throwing is a great way to increase obfuscation the code your developers are producing. Unrealistic launch deadlines, commodity developers, 99.9% legacy support, competing silos, there are plenty of ways that management can cause the code to become more obfuscated without ever having to go down to the developer level themselves.

        --
        🌻🌻🌻🌻 [google.com]

      • (Score: 0) by Anonymous Coward on Thursday March 07 2019, @01:10AM

        by Anonymous Coward on Thursday March 07 2019, @01:10AM (#810956)

        It is called optimization, and name stripping

        https://docs.microsoft.com/en-us/cpp/build/reference/o-options-optimize-code?view=vs-2017 [microsoft.com]

        It may mangle the code a bit.