[HN Gopher] Debugger Ghidra Class
___________________________________________________________________
Debugger Ghidra Class
Author : simonpure
Score : 148 points
Date : 2023-06-19 12:36 UTC (10 hours ago)
(HTM) web link (github.com)
(TXT) w3m dump (github.com)
| status200 wrote:
| Ghidra is a lifesaver for legacy systems that have a bunch of
| home-spun executables that make bespoke things function and
| rotate out random technicians over the years, when they fail it
| is a pain to figure out what they explicitly do, so reverse
| engineering them is sometimes the only option when a new tool
| needs to be built that does the same thing but without the parts
| that are deprecated. I hadn't seen this class before so I look
| forward to filling in my knowledge gaps around this software,
| thank you.
| psychphysic wrote:
| I patched a bug in a router firmware and jailbroke another
| router using Ghidra (mostly but also binwalk).
|
| I have no business being able to do either, still both became
| weekend tasks using Ghidra.
|
| I've since played around with hopper, binary ninja and radare2.
| Fun!
| the_only_law wrote:
| > I've since played around with hopper, binary ninja and
| radare2. Fun!
|
| Would you recommend any of those. I've only ever played with
| the limited free IDA and Ghidra.
| psychphysic wrote:
| Only Radare2 which is FOSS and also can use the Ghidra
| decompiler.
|
| It's also cool as hell to use if you use the command line
| UI (nurses?)
| xvilka wrote:
| You might want to check Cutter[1][2] also. Our release
| builds come with decompiler included.
|
| [1] https://cutter.re
|
| [2] https://github.com/rizinorg/cutter
| psychphysic wrote:
| Sorry I missed you out! I have used cutter.
|
| It may be a sore point but I have a niggling curiousity
| did cutter previously work with R2 and there was some
| beef?
| nereye wrote:
| See "Why did you fork radare2?" [1] from the Rizin FAQ.
|
| For more details, see (well, listen to) the episode of
| the Unnamed Reverse Engineering podcast which covered
| Rizin/Cutter [2].
|
| [1] https://rizin.re/posts/faq/
|
| [2] https://unnamedre.com/episode/45
| rootw0rm wrote:
| there's a name I haven't seen in a minute, I'll have to
| check this out again
| localplume wrote:
| I'd recommend binary ninja if you're serious about
| reversing. Not that expensive for a personal license.
|
| Ghidra is nice, but being FOSS it will always be slightly
| worse then paid. It's fantastic for free, but not perfect.
| If reversing is part time/once a month/once every few
| months then its probably the best choice. Used it for a few
| years professionally.
|
| binja is my favorite and been using it for the last year or
| so. just an absolute pleasure to use and collaborate with.
| IMO the best of all these tools. vector35 are great to work
| with as well. plugin development is real nice too
|
| IDA pro is the worst. hexrays are plain awful to work with
| and its so overpriced.
|
| hopper haven't tried, but seems good. mac only though
|
| r2 is interesting. great if you only have a headless
| connection, but difficult. Learning curve is tough, and
| payoff isn't necessarily there. an alternative to ghidra if
| you want free but want to feel more l33t
| saagarjha wrote:
| > Ghidra is nice, but being FOSS it will always be
| slightly worse then paid.
|
| lol, you know this isn't true :)
| Genghis_Khan wrote:
| > I have no business being able to do either ...
|
| Why not?
| circuit10 wrote:
| They probably mean Ghidra made it relatively easy despite
| them not having that much experience in it
| T3RMINATED wrote:
| [dead]
| [deleted]
| _benj wrote:
| This looks very interesting!
|
| Question: looks like Ghidra can be used as a GDB "interface", is
| that correct?
| t20230619 wrote:
| Yes. Actually, the OP is all about driving gdb from Ghidra. It
| is only one part of the larger "Ghidra Class" (see repo's
| parent folder). The parts are:
|
| - Beginner
|
| - Intermediate
|
| - Advanced
|
| - AdvancedDevelopment
|
| - Debugger (the OP)
|
| - ExerciseFiles
| remram wrote:
| Oh it's "class" as in "lesson", not OOP. Since it's a link to
| GitHub, somehow I expected the latter (a plugin in some NSA
| tool?), but this is much more interesting.
| t20230619 wrote:
| I have a good experience with Cutter (Rizin's official GUI).
|
| Anyone can comment on the functionality difference between the
| two? Any advantages to using Ghidra directly?
|
| I must confess that when starting out I opted for Cutter just
| because of Ghidra's JVM dependency. But this is only due to old
| scars and my aversion to installing Java is probably outdated
| now. (I am not the only one though: Cutter can also use Ghidra's
| decompiler component, and its website proudly adds "no Java
| involved".)
| 36933 wrote:
| Yeah there must be a reason why ,,nobody" is using Cutter,
| interested in that as well.
| c-c-c-c-c wrote:
| Probably because noone wants to user rizin when you can use
| radare2. :-)
| MuffinFlavored wrote:
| What about x64dbg? Is that considered the standard on
| Windows?
| saagarjha wrote:
| Other options are typically more fully-baked and
| conventional.
___________________________________________________________________
(page generated 2023-06-19 23:00 UTC)