Exetools

Exetools (https://forum.exetools.com/index.php)
-   Community Tools (https://forum.exetools.com/forumdisplay.php?f=47)
-   -   GhidraEmu: plugin to deal with native pcode emulation (https://forum.exetools.com/showthread.php?t=20375)

elephant 12-14-2022 01:40
GhidraEmu: plugin to deal with native pcode emulation
 
This Ghidra plugin allows you to easily deal with native pcode emulation. No scripts anymore, just use it from Ghidra. It can be useful for working with a variety of exotic processors, support for which is not implemented in common emulators.

If the processor/vm supported by Ghidra for reverse engineering — it can be emulated!

What can it do

In fact, the plugin is an extended wrapper around the classes inside the package ghidra.app.emulator. Here is what has been implemented:
  • Works with all architectures that Ghidra supports, so you can add exotic processors and emulate the such programs
  • CPU context, stack, and heap emulation
  • Applying patched bytes through Ghidra GUI to influence the course of emulation
  • Breakpoints to control emulation process
  • Displaying of changed bytes during emulation in Ghidra's ByteViewer
  • Hook some libc functions (but it is still poor)

Installation
  • Download Release version of extension and install it in Ghidra File → Install Extensions...
  • Use gradle to build extension: GHIDRA_INSTALL_DIR=${GHIDRA_HOME} gradle and use Ghidra to install it: File → Install Extensions...
  • In CodeBrowser go to File → Configure → Experimental and select checkbox.


https://github.com/Nalen98/GhidraEmu


All times are GMT +8. The time now is 01:47.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX