Skip to content

Reverse engineering tool by the NSA: GHIDRA – Installation and rev. eng. example – HOXFRAMEWORK

Posted in VIDEOS

Ghidra. “A software reverse engineering (SRE) suite of tools developed by NSA”. By using crackmes.one website and the official ghidra website I am going to show you how to reverse engineer a simple program, to get you introduced with Ghidra, as well as how to install it. If you have any questions ask them down in comments.

From official ghidra website (ghidra-sre org) download ghidra zip.
run:
unzip <ghidra_zip_file_you_downloaded>
if you dont have unzip : apt-get install unzip

Before you run ghidra, you need javajdk:
sudo apt install openjdk-11-jdk

-if there is an error saying it cant find the package, add the repository by:
sudo add-apt-repository ppa:linuxuprising/java
and then run the apt install openjdk-11-jdk.

Next navigate to Ghidra's directory and run sudo ./ghidraRun 
Thats it :D 

Now you can use ghidra, exit out of hints - and run a new project, make it non-shared and give it a name. Next drag the file in, press OK (if the file format is right) and double click the imported file to get started. (See more about reverse engineering example in the video itself.) (or to download that specific code we are rev.engineering visit crackmes.one website)

Other useful commands mentioned:
strings <file>
file <file>
xxd <file>
ltrace and strace are also very useful but i didnt explain this in deep just mentioned them. 


Thank you so much for Visiting!! 🙂 Have a nice day.