Ghidra is a Free software for reverse engineering (SRE) framework developed by NSA’s Research Directorate for USA cybersecurity purpose. It helps analyze malicious code and malware like viruses and can give cybersecurity professionals a better understanding of potential vulnerabilities in their online platforms, networks, and systems. NSA makes Ghidra available to the public as an open source release in time for its first public demonstration at the 2019 RSA this week.
Ghidra – Reverse Engineering Tool Released
Ghidra Reverse Engineering Tool
How to install Ghidra software for reverse engineering: Ghidra provides context-sensitive help on menu items, dialogs, buttons and tool windows. To access the help, press F1 or Help on any menu item or dialog. NSA releases Ghidra tool for reverse engineering into the open source Something positive from the NSA this can make a change.
Ghidra Reverse Engineering Software
Ghidra Debug tool
Remote Code Execution
Remote code execution is achievable through the Java Debug Wire Protocol (JDWP) debug port 18001 which is opened to all interfaces when launching Ghidra in debug mode. Ghidra is a software reverse engineering (SRE) suite of tools developed by NSA’s Research Team for Cybersecurity research.
Ghidra opens up JDWP in debug mode listening on port 18001, you can use it to execute code remotely. To fix change line 150 of support/launch.sh from / to 127.0.0.1. Credits to: @hackerfantastic