Ghidra Reviews and details

Social recommendations and mentions

• I've figured out what 13 of the 16 enemy flags mean in Ultima V. Help me figure out the last three.

  I've got no experience with reverse-engineering executables, but I got a bunch of code-like stuff showing up when I fed ULTIMA.EXE to Ghidra and told it to analyze it with all the flags set. Source: 11 months ago

• Modding SH2

  The whole game is written in C++ (game logic intertwined with graphics). Ghidra can help you deconstruct the game binaries, but you need to put in a GREAT great effort to even get a starting point. Cheat Engine has been successful for some purposes, including an AI enabling utility for multiplayer (use with great care!). Source: 11 months ago

• You have probably heard of Temu right?

  What I think you’re talking about is reverse engineering. It’s basically taking a program and analysing the compiled code to attempt to find out how it works. It’s a fairly expansive topic, and fairly tricky to do but look at anything to do with Ghidra to get started. Source: 12 months ago

• Asking for clarification ... How is learning C beneficial for becoming a Cyber security expert

  Oh also just as an aside Ghidra is a really cool free tool developed by the NSA which can reverse engineer software by looking at its executable and recreating the C code from the instructions and static data within. It's another way to get familiarized with the relationship between C code and the instructions it compiles to. Source: about 1 year ago

• Super Smash Bros. Melee HD Port Will "Never Happen," According to Former Nintendo Employees

  There exist decompilers and other tools for helping make sense of assembly and that can automate some of the conversion back to higher level languages. In my brief involvement with Slippi I used Ghidra - a tool developed by the NSA, to do some of that kind of work, which I found a little amusing. Source: about 1 year ago

• I found an old floppy disk, what does this mean/what should I do?

  It's likely a binary file that's improperly being interpreted as Unicode by the text editor. If it's an executable file, you can use Ghidra to disassemble and analyze it. There may also be some interesting ASCII strings that would reveal its purpose. My guess is that it's a Windows version of Unix "tee" program which will write stdin to a file and stdout simultaneously. Source: about 1 year ago

• Free Hex Editor

  On the other hand, this slick "Ghidra" webpage looks suspicious. It's probably written in Typescript on Electron! Source: about 1 year ago

• 72 hour charge indication?

  It shouldn’t be dying early. A GT that isn’t charge-limited should be plugged in to charge until it turns off. If one has done that and is still experiencing power-related Captain Morgan events, FM has provided us a single option: pack the GT into an 18-wheeler for however long it takes to reach FM via America’s Interstate Highway System. Fortunately, the same government that built that highway system also built... Source: about 1 year ago

• Disabling a pointless hardware check in an old DOS EXE

  A free, open source alternative: https://ghidra-sre.org. Source: about 1 year ago

• Disabling a pointless hardware check in an old DOS EXE

  In case you decide to reverse engineer the .exe you might want to check out Ghidra. It runs on both Windows and Linux and is similar to IDA. Source: about 1 year ago

• Show HN: Spaghettify – A VSCode Extension to make your code worse with AI

  When you introduce a bug, is it a dumb random bug, or an intelligent AI bug? In other words, would the bug work for me or the user? When I say work for me, what I mean is, considering decompiler tools like https://ghidra-sre.org/ can shine light where once there wasn't, would the bug generates lots of unnecessary work for me, or could I use the bug as a stealth form of copy protection, where those with illegal... - Source: Hacker News / about 1 year ago

• Assembly for Reverse Engineering

  Have not delved into this area too deeply but in the past I determined the path that I would go down if I chose to go down a path would be Ghidra. Source: about 1 year ago

• Any way to pull apart an app after compilation? Tik Tok for example?

  Here's a tool: https://ghidra-sre.org. It was originally developed by the US NSA. I knew some of the people that worked on it. Source: about 1 year ago

• Engage absolutely uses Fates RN; a technical analysis

  By using IL2CppDumper along with the game's global-metadata.dat file, we can generate headers and structs that we can use with Ghidra, a tool for disassembling code. Once we load Engage and these headers and structs into Ghidra, we can look for a particular function called App.BattleMath$$_IsProbabilityHit. This function is provided a displayed hit (or, as Intelligent Systems calls it, ratio) and is responsible... Source: over 1 year ago

• 621 thousand lines of code

  First oval, this is binary (machine code that's compiled so your computer can run it), if you want to find out what's inside, you would need to revwrse engineer it. Some great tools for that: 1. Strings - you can install it from windows package manager like chocolatey 2. Ghidra - great reverse engineering and decompiling tool from nsa here. Source: over 1 year ago

• GDScript Export Mode usage for commercial or online games

  Or take any C or C++ software, and run it through Ghidra. Not quite as impressive as with C#, because those are actually compiled languages, but still pretty readable. Source: over 1 year ago

• NSA Privacy Policy: 404 Not Found

  Follow the link to NSA's Privacy Policy on https://ghidra-sre.org/ and you get a "404 Not Found." Guess it serves as a final proof nobody reads privacy policies that it hasn't been spotted for months: http://web.archive.org/web/20220000000000*/https://www.nsa.gov/terms-of-use. - Source: Hacker News / over 1 year ago

• Is there a tool that can show you an EIP trace of a game?

  People these days use tools like https://ghidra-sre.org to do static analysis, not simple disasm listing. Ghidra/etc should be able to find the entry point of the program you give it by itself. Source: over 1 year ago

• The Legend of Dragoon Is Being Decompiled, Disc 1 Fully Playable On PC

  I think r/REGames is probably the place to start, AFAIK game decompilation really started to pick up when the NSA made GHIDRA public, which is what they use to decompile other software, mostly meant to be for security purposes but way too powerful to limit it to just that and before that only really, really dedicated fanbases even attempted at decompiling games. Source: over 1 year ago

• Edit executable?

  And of you need it heres Ghidra's website: https://ghidra-sre.org/. Source: over 1 year ago

• Another Windows Reverse Engineering thread

  Ghidra is currently popular, and free. Source: over 1 year ago