NSA will release some sort of advanced IDA reversing tool in March
NSA has developed a software reverse engineering framework known as GHIDRA, which will be demonstrated for the first time at RSAC 2019. An interactive GUI capability enables reverse engineers to leverage an integrated set of features that run on a variety of platforms including Windows, Mac OS and LINUX and supports a variety of processor instruction sets. The GHIDRA platform includes all the features expected in high-end commercial tools, with new and expanded functionality NSA uniquely developed, and will be released for free public use at RSA.
https://www.rsaconference.com/events/us19/agenda/sessions/16608-come-get-your-free-nsa-reverse-engineering-tool |
wow.
Is it more powerful than IDA? |
Quote:
|
Will be interesting to see how it competes with IDA and BinaryNinja. Given that it is free, if it can give those a run for their money, it could be a good thing and we could see the prices of the other two go down to compete. But, given that it is made by the NSA, there isn't much really pushing for their tool to be anything amazing and there are already worries of trust and what the tool will include in terms of phone-home like telemetry.
|
Some spoilers could be found on Wikileak: https://search.wikileaks.org/?q=Ghidra
|
Some code tools are now free from NSA
Code:
https://code.nsa.gov/ |
Is this an old resource or just to save face in wake of the leaks?
|
The tool has leaked before, but this is a recent announcement that they plan to fully release it from what the various articles have mentioned. The tool was part of some of the WikiLeaks dumps in the past and you can get it already and compile it yourself if you wanted to though.
|
Quote:
|
Any comments about the quality of the decompiler?
|
Quote:
https://search.wikileaks.org/?q=Ghidra More specific ones with actual info: https://wikileaks.org/ciav7p1/cms/page_11628795.html https://wikileaks.org/ciav7p1/cms/page_51183656.html There are leaks around the web still that have the Vault 7 files and such, some were uploaded to GitHub and similar. But they are all still findable on Google. |
There Is A Actual download Link on Wikileaks but can't access to that site
"The Ghidra packages are available on DEVLAN @ \\fs-01.devlan.net\share\NSA\Ghidra" |
That site is probably internally accessible only and a honeypot from the outside so be careful.
|
I heared somewhere that the NSA tool were useful to defeat (at least a part) of themida protector. I hope their source code will help our community.
I'll never run their jar :D |
I can't imagine it will be a full-fledged decompiler which beats hex-rays in its current incarnation though. From what I have seen it looks like just another advanced disassembly tool with some basic decompilation tricks.
But did anyone notice how chessgod101 mysteriously deleted his post after I called it out as an obvious honeypot? |
All times are GMT +8. The time now is 15:01. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX