[–]▶ No.1038525>>1038531 >>1038615 >>1038670 >>1038671 >>1038836 >>1039796 >>1049287 [Watch Thread][Show All Posts]
Ghidra is a static analysis/reverse engineering tool that is apparently very similar to big commercial offerings such as IDA Pro. It was developed internally by the NSA, but is just now being released to the public. They put it out there as Free Software under the Apache license. It is written in Java.
>Site
https://ghidra-sre.org/
>Source code
https://github.com/NationalSecurityAgency/ghidra
▶ No.1038531>>1038614 >>1039707
>>1038525 (OP)
How is it compared to Radare2?
▶ No.1038541>>1050562
>literal glownigger code
What could possibly go wrong?
▶ No.1038574>>1038806
>by NSA
i wouldn't even run this in a VM
▶ No.1038614
>>1038531
Basically trash. Use if for the decompiler nothing else.
▶ No.1038615
>>1038525 (OP)
>no such agency has a github account
>they release code for their secret hack tools there
>guthub is owned by microsoft
>microsoft is run by a pajeet and likes oss/linux now
What the fuck even is this reality
▶ No.1038616>>1038617
If I remember correctly the US government commissioned an IDA replacement a while ago. Sounds like that is it. Knowing how government projects like these turn out, it's probably hilariously bad compared to the original.
▶ No.1038617>>1038621 >>1038855 >>1039625 >>1050195
>>1038616
Why would they try to replace something that works perfectly fine?
▶ No.1038621>>1038622 >>1038672
>>1038617
>Why does a government agency waste shitloads of money on golden toilets?
Beats me, maybe they thought The Great And Powerful NSA (dog bless aberiga) could easily outdo whatever other product, even though their staff is mostly redditards.
▶ No.1038622>>1038623
>>1038621
>even though their staff is mostly redditards.
Are they?
▶ No.1038623
>>1038622
The leaks sure gave me that impression, especially the wiki. Gave off a similar air to googlefags in terms of being high on your own fumes.
▶ No.1038670
▶ No.1038671>>1038691 >>1038700
>>1038525 (OP)
>It is written in Java.
Wow, it's fucking retard garbage.
▶ No.1038672>>1038681 >>1038791 >>1048834
>>1038621
Drink bleach and shoot yourself in the mouth, you fucking failed abortion.
▶ No.1038691>>1038728 >>1038875 >>1039795
>>1038671
In your own words, please explain your qualms with Java and tell me how the target language effects you, not as a contributing developer but as a user of the tool.
▶ No.1038700>>1038734 >>1038831
>>1038671
actually Java is pretty good and safe language and muh compile once, run everywhere is pretty comfy (when it's feasible)
▶ No.1038725>>1038734
It litterally has a backdoor. Don't use it.
▶ No.1038728>>1038853
>>1038691
Usually terrible UIs, poor performance compared to native, the mere existence of the JVM on your machine is a security risk given Java's poor track record.
▶ No.1038734>>1038795
>>1038700
>Java is pretty good and safe language
Java isn't safe at all, there's a lot of exploits for it.
>>1038725
Proof?
▶ No.1038791
>>1038672
Neck yourself you worthless nigger.
▶ No.1038795
>>1038734
i'm as much of a java hater as the next guy but the 'poor track record' for java is primarily concerned with client-side exploits targeting the virtual machine.
keep in mind, default behavior in say C, is totally unchecked allocations.
▶ No.1038806>>1038809 >>1039795
>>1038574
It's probably clean. If they were to bug it they wouldn't release it as the NSA. The question then is why they'd release it. I think it's to attract talent, hoping a few shiny toys will make people ignore the fact they're working for the devil.
▶ No.1038809
>>1038806
Yep. They've even got a recruitment pitch in the README.
▶ No.1038825
Only complaint i heard so far was from some poorly included debug mode bug that opened a port. Sensationalist, but it at least shows one issue. Be interesting to see if they push fixes once the source is posted. I might give it a spin since a lot are raving its comparable to IDA in some regards
▶ No.1038831
>>1038700
Write once, run everywhere is sadly a meme.
t. victim of write once, debug everywhere
▶ No.1038836>>1049618
>>1038525 (OP)
The NSA has open sourced software before. I can't remember the name of it. Oh yeah because it was fucking useless.
Security moralfags.
▶ No.1038853>>1038860
>>1038728
Isn't a bad security track record (somewhat ironically) a good thing? It means the issues have already been found and fixed earlier in the projects life cycle.
Bad UI's seems a bit unfair since that's going to differ on a program to program and even framework to framework basis.
Likewise with performance, that's mostly dependent on the platform it runs on. I'm not going to pretend like safe, runtime oriented languages are going to be faster but the difference should be negligible in most cases.
I can't imagine something like this, which will mostly be idle, being perf dependent. Unlike say, a video encoder trying to max out your CPU for the duration of the process lifetime.
You're obviously free to feel however you wish, but I myself don't think these are reasonable objections in this context. I feel like people see Java and instantly write something off and I don't understand that. Just because some programs written in Java are bad does not make all Java program inherently unusable imo.
▶ No.1038855>>1038863 >>1050195 >>1050272
>>1038617
Because old software is too correct and efficient. Nu-software is inclusive and has contributions by women, homosexuals and brown people.
▶ No.1038860>>1038865
>>1038853
>Isn't a bad security track record (somewhat ironically) a good thing?
Not really since many discovered flaws don't mean few remaining flaws. However, it tells you something (bad) about the quality of the programmers and the program's design.
▶ No.1038863
>>1038855
You forgot the transsexuals and fishmouth people. Please be more inclusive next time, it's very insensitive to leave out under represented degenerates.
▶ No.1038865>>1038893
>>1038860
Consider it, I might say it's moot then.
Regardless of the past, it's not indicative of the current state. Something is either exploitable or not and we cannot really know until after an exploit has been found.
Also audit and dev teams change so the quality could have gone in either direction as well.
That being said, my stance is that it's still unfair to judge a program based on the language alone, and even extending to Java here, it may not be fair to judge them based on their past versions, or make assumption about the current state of it without certainty.
The Java bullies will be stopped.
▶ No.1038875
>>1038691
Not him, but here it goes.
Slow, every large java application I have used has been unresponsive and slow to the point where I don't want to use it. This includes net-simulators, UML graph tools, ide's. Once it might be retarded devs, but when it repeats then, no, it's java.
▶ No.1038893
>>1038865
What else do you judge things on except their past?! It's not like they completely rewrite the thing or replace the entire team every time a new version comes around. Additionally, the problem with security exploits is that things can be failing horribly while you are none the wiser, so you necessarily have to rely on heuristics; what better heuristic is there than the project's past?
Just look at something like OpenSSL: Their code is awe-inspiringly terrible (no really, I was literally in awe at how bad it is), but you would be able to tell as much even if it was closed source, simply because they constantly have massive security problems. In a sanely designed program with good developers, these problems simply don't occur at that frequency. If you naively assume that every fixed bug was the last one for real this itme, you get fucked nonstop. Honestly, I'm kinda interested where this attitude comes from, because it seems completely batshit insane to me. Is it wishful thinking?
This also extends to language, e.g. because the language makes it very easy to make such mistakes (C etc) or because the language has a large pool of bad developers (PHP and JS are the primary examples of this, but it applies to Java as well). Or in this case, because the above stuff applies to its implementation. That said, I do agree that shitting on Java is a big meme on /tech/ and mostly comes from people who couldn't program their way out of a paper bag. It's the cool thing to hate.
▶ No.1038901>>1038919
Remember when getting into the NSA was a challenge?
▶ No.1038919
>>1038901
Remember when Whites were a super-majority? Everything today is degraded.
▶ No.1039625>>1039626 >>1039630
>>1038617
Look up IDA's licensing fees some time and you'll immediately understand why.
▶ No.1039626>>1039708
>>1039625
Why don't they just pirate it?
▶ No.1039630
>>1039625
Why did you take the bait?
▶ No.1039707
>>1038531
Blows IDA and Radare out of the park
▶ No.1039708
>>1039626
Why would you install proprietary software
▶ No.1039720>>1039745
>>1038580
you're a shill
How is github abotnet that compares to foogle?
▶ No.1039745>>1039874
>>1039720
It's owned by kikerosoft
▶ No.1039795>>1039798
>>1038691
>Is java really that bad?
The short answer is that large java applications open slowly, but then after that are as fast, if not faster, than anything else.
Taking 30-60 seconds to open wasn't that bad 10 years ago, but now people think that's terrible, as if it was really such a massive amount of time. The bad impression at opening the software sticks and retards then think it's always slow and never use it again, because they could opened 10 snapchat messages in the time to open. Java hate = short attention span
>>1038806
>The NSA didn't backdoor the software
hahahahahahahahahahaha
You missed the news didn't you?
▶ No.1039796
>>1038525 (OP)
Does this mean they have something way better and this ghidra is obsolete?
▶ No.1039798>>1050078
>>1039795
What would be the point of backdooring a reverse engineering tool?
▶ No.1039810>>1039840
Wow /tech/ is worse than /g/
>muh backdoors in an open source program directed at reverse engineers
They release it because they want people to fix it for free and attract new talent at the same time
▶ No.1039840>>1039851
>>1039810
It's not open source though since the code hasn't been released.
Anyway's not it's not /g/ to be weary of THE FUCKING NSA. Fuck off glow-in-the-dark.
▶ No.1039851
>>1039840
If you find a backdoor in Ghidra I will unironically kill myself on stream.
▶ No.1039874
>>1039745
Ok that makes sence come again
▶ No.1048736
https://www.ghidra-sre.org/releaseNotes.html
It's still under development.
Maybe they forgot the backdoor.
▶ No.1048739
>proprietary software
>written by nsa
shit, tyrone
▶ No.1048834
>>1038672
LARPer detected. Nothing wrong with Java for this type of program.
▶ No.1049214>>1049289
Full source code was released today. This includes the source to the decompiler and sleigh parser which wasn't included in the initial release.
https://www.nsa.gov/ghidra
https://github.com/NationalSecurityAgency/ghidra
Thoughts?
▶ No.1049287
>>1038525 (OP)
What tf am I even supposed to do with it?
▶ No.1049289>>1049337
>>1049214
The UI feels pretty slow compared to IDA or radare but it works quite well.
Considering I always do REing in a VM anyways I don't see a reason not to use this.
▶ No.1049337
>>1049289
I’d set affinity to a single core, it wasn’t coded correctly and is probably less deterministic than the lottery.
▶ No.1049343>>1049346
You fools, the backdoor is not in Ghidra itself, but a backdoor is dynamically inserted into the code it decompiles so that if you compile it again it's botnet.
▶ No.1049346
>>1049343
but cant you read the source to find any such things
▶ No.1049553>>1049628
I have a theory that the NSA knows we're all totally owned and with WWIII on the horizon really wants people to discover a lot about the different ways we're owned, and maybe JUUUST maybe, there are "totally not NSA security researchers and teams" who already have a bunch of these vulns which need to be released in a deniable way so the NSA doesn't reveal its capabilities?
That's what I'd do anyways.
▶ No.1049618
>>1038836
You're thinking of RSA and DSA encryption
▶ No.1049628
>>1049553
Well, I know they have a bad history, but there is plenty of bad blood between the CIA and the NSA. Also, I don't remember Terry Davis saying anything about glow in the dark "NSANiggers". We also have the NSA to thank, indirectly, for being able to shut off Israel Inside's ME bullshit.
▶ No.1049695>>1049702
Ghidra might be reverse engineered itself, at least in order for it to be version 9 and be horribly coded.
▶ No.1049702
>>1049695
like version numbers mean anything these days. just look at chrome..
▶ No.1050025>>1050037 >>1050038 >>1050831
Now the source code is out, but I can't figure out how to fucking build it. Apparently it requires gradle, so I installed gradle and ran it in the root ghidra directory. Whoops. It requires an older gradle (5.0, specifically). Fine. I install that instead. Now it's complaining about something related to jython and that I don't have a repository set up. I installed jython, but apparently that's not what it's asking for.
I looked through the source tree for variations of *build* to see if there were some build instructions, but I couldn't find any. The README is useless. The wiki/FAQ on github has no info about building. Is there some obvious build documentation I'm missing? Has anybody actually build this?
▶ No.1050037
▶ No.1050038>>1050215 >>1050828
>>1050025
isnt there any build script like a makefile or something? just read it if there is
▶ No.1050078
>literal glow in the dark CIAnigger software
<not a botnet goyim
>>1039798
lol gtfo
<what was the point of systemd, what was the point of eternalblue, heartbleed(cia used for at least 2+ yrs prior to discovery) etc etc etc
▶ No.1050195>>1050272 >>1050577
Looks cool for me. I've scanned the source code with clamav. I'll check, if the code has any analitics shit, if not I'll try it. Not using the software your enemy uses is funny, especially if you have the source code.
>>1038617
>Why would they try to replace something that works perfectly fine?
<nonfree software
<working perfectly fine
Lol
>>1038855
>Because old software is too correct and efficient. Nu-software is inclusive and has contributions by women, homosexuals and brown people.
<nonfree software
<too correct and efficient
<Proprietary software is the best software goy!
Yeah, 100% straight male proprietary software is better that this dirty SJW free/libre software.
▶ No.1050215
>>1050038
It's a Java project, Gradle is the build system.
▶ No.1050272
>>1050195
>Yeah, 100% straight male proprietary software is better that this dirty SJW free/libre software.
It is.
>>1038855
>women, homosexuals, or brown people had anything to do with coding this software.
:^)
▶ No.1050562
>>1038541
It's open source, and so the irony is that only a nigger like you won't be able to tell if its safe or not.
▶ No.1050577>>1050606
>>1050195
>Yeah, 100% straight male proprietary software is better that this dirty SJW free/libre software.
Unironically true.
▶ No.1050606>>1050770 >>1050771 >>1050843
>>1050577
Lol that picrel.
>powershell
slow as fuck
>profit-driven innovation
>innovation
funny
>full hardware support
Last time I checked (month ago) windows couldn't find USB driver. Linux (kernel) is better at loading binary blobs, than windows.
>full hardware performance
You mean when they don't install security patch for meltdown and spectre, so games can run smoothly, or when ton of spyware is running in the background?
>just works
Just doesn't work it crashes all the time. Updates often break something.
>WSL
Because Windows wasn't good enough so they had to put GNU/Linux inside.
>IDEs
Implying there are no IDEs on GNU/Linux. Better pay for your monthly Visual Studio subscription.
On GNU/Linux
>end user compilation
This is actually an advantage.
>No flash
Why would I use this spyware?
>shell scripts
that's a good thing
>No hardware support
Why would I use nonfree drivers/firmware? I don't want to use malicious software on my computer.
>systemdick etc.
There are some problems, but it is still better than being exploited and controlled.
When did /tech/ became a place full of botnet lovers and windows useds?
▶ No.1050770
>>1050606
>windows couldn't find USB driver
lol stopped reading there
▶ No.1050771>>1050802
>>1050606
>>no flash
>Why would I use this spyware?
objectively untrue as well.
▶ No.1050802
▶ No.1050828>>1050831
▶ No.1050831
▶ No.1050843>>1050889
>>1050606
>Why would I use nonfree drivers/firmware?
Here we see the loonix fag claiming a problem is a solution
▶ No.1050889>>1050920
>>1050843
>Here we see the loonix fag claiming a problem is a solution
That's not because driver devs are retarded, but hardware manufacturers are - they won't tell how the hardware works, they'll just give you a binary blob. There are some backward engineering efforts, but it is hard and firmware is often signed with a crypto key, so you can't use your own software on that hardware.
The solution is to support only copmanies that produce libre hardware.
▶ No.1050920
>>1050889
Libre hardware is great to have but not necessary. What's absolutely necessary is accurate technical documentation about the specifications of the hardware. When programmers have the proper specifications, then the programmer should be able to write the appropriate driver for the hardware device. Libre hardware should have this level of technical specification. However it's perfectly fine for a black box device as long as the interfaces and relevant internal knowledge are documented for the programmer.