The MASM Forum

Specialised Projects => Assembler/Compiler Technology => Topic started by: K_F on March 17, 2021, 07:59:11 PM

Title: Ghidra - Who would have thought
Post by: K_F on March 17, 2021, 07:59:11 PM
While at work yesterday, thinking about what to do next,... a long time thing that was bothering me came to mind.

The Orbiter Simulation https://www.orbiter-forum.com (https://www.orbiter-forum.com) is very nice, based on more realism than Kerbal Space Program https://forum.kerbalspaceprogram.com (https://forum.kerbalspaceprogram.com), but it doesn't have many features.
If you write any modules for Orbiter you're limited with a Vinka.dll written by a person a while back, who's since dissapeared.

With no more info on this dll, I aways wanted to dig into this, and replicate it (improve it) to make Kerbal style plugin modules for Orbiter.

At work, having a Linux machine I start a search for a windoze debugger/disassembler for Linux.
IDA is there at whopping $800+ (the free one seems to be a problem on Linux), others are just messy with a load of dependencies.... but there at the bottom of the search page I see https://ghidra-sre.org (https://ghidra-sre.org) and it's for free.  :tongue:
And released by our friends at https://en.wikipedia.org/wiki/Ghidra (https://en.wikipedia.org/wiki/Ghidra)  :shhh:

Curious I download it and run it - It's really an amazing tool.

Like all tools like this (Olly, IDA..etc) it can be used incorrectly, so i post it here anyway for education and honest usage.

 :thumbsup:
Title: Re: Ghidra - Who would have thought
Post by: Biterider on March 17, 2021, 08:55:56 PM
Hi K_F
Ghidra has already been mentioned by Sinsi here http://masm32.com/board/index.php?topic=7924.msg86882#msg86882 (http://masm32.com/board/index.php?topic=7924.msg86882#msg86882), but it would be nice if you could share your experience with it.

Biterider
Title: Re: Ghidra - Who would have thought
Post by: K_F on March 17, 2021, 10:12:35 PM
Missed that completely..   :bgrin:
Only just started.

First impression is more about how the information is presented and the layout looks good.
It seems to do all that IDA does and more - still to discover how much more though.

There is a GUI 'manual' over here - https://github.com/0xAlexei/INFILTRATE2019/blob/master/INFILTRATE%20Ghidra%20Slides.pdf (https://github.com/0xAlexei/INFILTRATE2019/blob/master/INFILTRATE%20Ghidra%20Slides.pdf) which I still have to read through.
Title: Re: Ghidra - Who would have thought
Post by: felipe on March 18, 2021, 12:14:19 PM
I still think ida is the best.  :icon_idea:
Title: Re: Ghidra - Who would have thought
Post by: LiaoMi on March 18, 2021, 11:04:44 PM
Ghidra disassembles PE files very slowly, the biggest gap in this project, a huge plus that this is an open source project. You can create tickets with errors and wishes. In the Ida Pro project, the authors ignore everyone, because until recently they considered themselves as monopolists.