Code Monkey home page Code Monkey logo

gtirb-ghidra-plugin's Introduction

GTIRB Ghidra Plugin

This repo contains the source for building a Ghidra plugin to handle GTIRB files.

Some limitations:

  • Imports GTIRB created from ELF files (only)
  • Supported architectures are IA32, ARM, X86-64, and PPC32
  • File name must have ".gtirb" suffix (otherwise you will have to manually select the GTIRB loader)
  • Builds are specific to a single version of Ghidra and will not work with newer or older Ghidra releases.

Demonstration:

A video demonstration of installing and using this plugin is available at gtirb-ghidra-plugin-intro.mov.

Build and Install

See the Installation section above to use the provided builds. To build from source instead:

The command-line examples in this section are for Ubuntu 20.04 and Ghidra 10.1.2, assuming you want to install Ghidra and Gradle to ~/.local. Adjust them as appropriate to fit your system and Ghidra version.

  1. Download the latest release of Ghidra from Github.
  2. Download Gradle 7 from https://gradle.org/releases/
  3. Install OpenJDK 11 
    sudo apt-get install openjdk-11-jdk
  4. Extract Ghidra and Gradle somewhere convenient 
    unzip -d ~/.local ~/Downloads/ghidra_10.1.2_PUBLIC_20220125.zip
unzip -d ~/.local ~/Downloads/gradle-7.3.3-bin.zip
  5. Add your Ghidra install path to a Gradle properties file 
    mkdir -p ~/.gradle
echo "GHIDRA_INSTALL_DIR=$HOME/.local/ghidra_10.1.2_PUBLIC" >> ~/.gradle/gradle.properties
  6. Download or clone the gtirb-ghidra-plugin source. 
    git clone https://github.com/GrammaTech/gtirb-ghidra-plugin.git
cd gtirb-ghidra-plugin
  7. Build gtirb from source for Java and install its gtirb_api and protobuf-java JAR files to gtirb-ghidra-plugin/Gtirb/lib. You can use the gtirb_java_build.sh script to automate this. 
    ./scripts/gtirb_java_build.sh
  8. Build the plugin with Gradle and extract it to GHIDRA_INSTALL_DIR/Ghidra/Extensions. You can use the install_plugin.sh script to automate this. 
    ./Gtirb/install_plugin.sh

Usage - GUI

Use Ghidra's ghidraRun script to launch the Ghidra project window.

To import a GTIRB file, simply open it from the "File -> Import File..." menu. Ghidra should automatically use the installed GTIRB plugin to load it.

To export a program to GTIRB, import it into your Ghidra project then open it with Ghidra's CodeBrowser. In CodeBrowser, select the "File -> Export Program..." menu option. Select "GTIRB Exporter" in the format dropdown to create a GTIRB file for the current program.

Usage - headless

The export-gtirb script is provided to automatically use Ghidra to create a GTIRB file. Simply provide an input binary and the output filename.

./scripts/export-gtirb /bin/true ~/true.gtirb

gtirb-ghidra-plugin's People

Contributors

amygale avatar eschulte avatar tneale-gt avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

crackercat harp-lab

gtirb-ghidra-plugin's Issues

Support GTIRB v2?

Hello,
Nowadays, running the plugin with ddisasm outputs shows an error due to the mismatch:

gtirb-ghidra-plugin/Gtirb/src/main/java/com/grammatech/gtirb_ghidra_plugin/GtirbLoader.java

Lines 1183 to 1188 in 41ea0b2

if (fileVersion != thisVersion) {
Msg.error(this, "GTIRB file import failed, GTIRB version " +
fileVersion +
" does not match expected version (" +
thisVersion + ").");
return null;

I have worked around it by just ignoring it!
First, is that a good idea?

Otherwise, I'm thinking that if gtirb v2 is backwards compatible with v1, then it'd be safe to remove this version check, correct?

Looking at the difference when the major version changed at
GrammaTech/gtirb@v1.10.0...v1.10.1

I'm seeing that the only notable difference is the new byte endianness field.

Update Support for Latest Ghidra and GTIRB Versions

The gtirb-ghidra-plugin repository has not seen updates for quite some time, and it currently supports specific versions of Ghidra and GTIRB. As the community relies on this plugin for handling GTIRB files within Ghidra, it’s essential to ensure compatibility with the latest versions of both tools.
Is there a plan to update the code base to support the most recent releases of Ghidra and GTIRB?
If so, what is the expected timeline for these updates?

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    πŸ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. πŸ“ŠπŸ“ˆπŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❀️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.