ghidraninja / ghidra_scripts Goto Github PK
View Code? Open in Web Editor NEWScripts for the Ghidra software reverse engineering suite.
License: GNU General Public License v3.0
ghidra_scripts's People
Contributors
Stargazers
Watchers
Forkers
olivierh59500 materaj2 interrupt21h richsurgenor labba vladi12 solertis modulexcite pharazone l9sk stblinux heruix marcomafcorp sasson22 sigma-random chxnugs trietptm-on-coding-algorithms stjordanis unixfreaxjp digmi seabreg freemanzyq francozappa yuroc0598 shanehuntley arminschupp jurbz2019 rdtcrew mewbak tquentin maciejmacko ajmartel yehias rob-rychs reversetools hashbrown1013 peterg75 sharad1126 chrisdevchroma marciopocebon wxh0000mm hackalicious hello-xbugs horaddrim kelamrani vestigej 5l1v3r1 tonylambiris suicidemouse er28-0652 emtuls xzvb12 mowloodpour digitalarche anaswae te-k aone75 dump-guy daniellimws m4xx101 st-rnd tin-z antichown cpgarrison startergo praetorian-jeffrey-hofmann netindiapro michaelkoczwara kyapp69 jordanauge natechambers mkulasi drakearonhalt graveslinger faango3764 6un9-h0-dan haruki-09 marsman1994 dusmana cc-404 synack-securities inno157 nankeen zriowa winux138 oaksen crackercat ma5onic rand-tech xmamonx bao-kim ejortega sf4bin 1-tong ngodcomplex opaxiv myapit bluepeople1 enoch3eneghidra_scripts's Issues
[Errno 2] Error on os.unlink with binwalk.py
Latest (10.1.5) Ghidra. I can post whatever is needed to fix it, just ask.
This is the terminal output:
binwalk.py> Running...
Failed
[Errno 2] No such file or directory
Traceback (most recent call last):
File "C:\Tools\Ghidra\ghidra_10.1.5_PUBLIC\plugins\ghidra_scripts\binwalk.py", line 39, in <module>
os.unlink(result_file)
OSError: unlink(): an unknown error occurred: C:\Users\kyle\AppData\Local\Temp\tmpbvukcw
binwalk.py> Finished!
Ghidra is capable of demangling the rust format as of 9.2 as the Gnu Demangler Analyzer will allow the specifying of the format option. You would simply specify `-s rust` I think.
Ghidra is capable of demangling the rust format as of 9.2 as the Gnu Demangler Analyzer will allow the specifying of the format option. You would simply specify -s rust I think.
Originally posted by @astrelsky in #10 (comment)
yara. py AttributeError: 'NoneType' object has no attribute 'setComment'
Traceback (most recent call last):
File "ghidra_scripts/yara.py", line 53, in
add_bookmark_comment(vaddr, current_rule)
File "ghidra_scripts/yara.py", line 30, in add_bookmark_comment
cu.setComment(CodeUnit.EOL_COMMENT, text)
AttributeError: 'NoneType' object has no attribute 'setComment'
golang_renamer update for golang1.16
It looks like an update for the project that golang_renamer.py is built on has an update for golang1.16
https://github.com/sibears/IDAGolangHelper/blob/master/GO_Utils/Gopclntab.py
Would it be possible to patch in the newer check_is_gopclntab16, rename16 functions and lookup16 data?
yara.py not correctly finding executable on imported projects
Long story short, I'm following your excellent Youtube series on reversing wannacry, and due to headaches with the ooanalyzer plugin, moved from Windows to Linux, and transferred the project from one to the other in order to preserve my work so far.
However, the following line in yara.py:
currentProgram.getDomainFile().getMetadata()["Executable Location"]
Returns the old location on my C: drive, rather than its current location in my Linux machine. I can workaround this by manually specifying the executable location.
This may be a bug with Ghidra rather than your script.
golang_renamer Data Type Error
I faced these two strange issue when running golang_renamer
I Fixed it by importing Data Type using its name
Ghidra 9.1.2
Java 14.0.2
Mac Catalina 10.15.7
no such file or directory
i have my ios executable loaded in ghidra and the yara script loaded, but i get this.. unsure how to fix..
yara.py> Running...
Traceback (most recent call last):
File "/opt/Mobile-Testing/ghidra_scripts/yara.py", line 46, in
output = subprocess.check_output(["yara", "--print-string-length", rule_location, file_location], stderr=None)
File "/opt/Mobile-Testing/ghidra_10.3.1_PUBLIC/Ghidra/Features/Python/data/jython-2.7.3/Lib/subprocess.py", line 579, in check_output
process = Popen(stdout=PIPE, *popenargs, **kwargs)
File "/opt/Mobile-Testing/ghidra_10.3.1_PUBLIC/Ghidra/Features/Python/data/jython-2.7.3/Lib/subprocess.py", line 892, in init
self._execute_child(args, executable, preexec_fn, close_fds,
File "/opt/Mobile-Testing/ghidra_10.3.1_PUBLIC/Ghidra/Features/Python/data/jython-2.7.3/Lib/subprocess.py", line 1402, in _execute_child
raise OSError(errno.ENOENT, os.strerror(errno.ENOENT))
OSError: [Errno 2] No such file or directory
yara.py> Finished!
Binwalk issue
I keep getting this issue after running the binwalk plugin on ghidra
Out of memory issue
Ghidra 10.1.5 on Win11
golang_renamer.py> Running...
745490
Traceback (most recent call last):
File "\ghidra_scripts\golang_renamer.py", line 152, in <module>
GoRename()
File "\ghidra_scripts\golang_renamer.py", line 141, in GoRename
process_segment(go_renamer)
File "\ghidra_scripts\golang_renamer.py", line 81, in process_segment
h = handler(addressToInt(position.getStart()), get_bitness())
File "\ghidra_scripts\golang_renamer.py", line 95, in go_renamer
ptr.maker(base+offset)
File "\ghidra_scripts\golang_renamer.py", line 50, in MakeQword
listing.createData(addr, QWORD)
at ghidra.program.database.code.CodeManager.checkValidAddressRange(CodeManager.java:1941)
at ghidra.program.database.code.CodeManager.createCodeUnit(CodeManager.java:2055)
at ghidra.program.database.ListingDB.createData(ListingDB.java:422)
at jdk.internal.reflect.GeneratedMethodAccessor108.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:568)
ghidra.program.model.util.CodeUnitInsertionException: ghidra.program.model.util.CodeUnitInsertionException: Insufficent memory at address 00b3d560 (length: 8 bytes)
golang_renamer.py> Finished!
Error message
Hi
if I try to run the binwalk or the yara script I receive the following message in the console:
yara.py> Running...
CRC32_poly_Constant /root/winbin/test.exe
Failed
'NoneType' object has no attribute 'setComment'
yara.py> Finished!
yara failed
I'm getting this error ๐ข
yara.py> Running...
Failed
[Errno 2] No such file or directory
yara.py> Finished!
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.