Ghidra: Difference between revisions

Line 1:

[https://www.nsa.gov/ghidra Ghidra] is a software reverse engineering (SRE) framework created and maintained by the

American [https://en.wikipedia.org/wiki/National_Security_Agency National Security Agency] (NSA).

[https://~~www~~.~~nsa~~.~~gov~~/ghidra Ghidra] is a ~~software reverse engineering~~ (~~SRE~~) ~~framework created and maintained by~~ the ~~American National Security Agency~~(~~NSA~~).

=== Install Ghidra on NixOS ===

Ghidra can be installed from nixpkgs from source via the <code>ghidra</code> package or as a pre-packaged build using <code>ghidra-bin</code>.

There are a number of [https://github.com/NixOS/nixpkgs/tree/nixos-unstable/pkgs/tools/security/ghidra/extensions extensions] already supported in nixpkgs. If you want to build Ghidra with some extensions included, you can use the

following:

pkgs.ghidra.withExtensions (p: with p; [

ret-sync

]);

</syntaxhighlight>

Note that extensions ''cannot'' be used with the <code>ghidra-bin</code> package.

=== Ghidra Overlays ===

Updating the <code>ghidra</code> package using an overlay is not as easy as most common packages in nixpkgs, due to it's

use of [https://gradle.org/ gradle] and how gradle-based packages are built on nix.

First you will need to generate a new gradle dependency (<code>deps.json</code>) file. which will

be be used to override the file specified in the <code>mitmCache</code> part of the <code>ghidra</code>

derivation.

In order to generate <code>deps.json</code>, you will need to git clone a copy of [https://github.com/NixOS/nixpkgs/ Nixpkgs] if you don't already have one. Inside of the clone you need modify the <code>rev</code> field of the attribute set passed to <code>mkDerivation</code> in [https://github.com/NixOS/nixpkgs/blob/nixos-unstable/pkgs/tools/security/ghidra/build.nix <code>pkgs/tools/security/ghidra/build.nix</code>] file, which used for building <code>ghidra</code>. The <code>rev</code> field should be set to whatever git commit you want to install.

Then from the root of your Nixpkgs folder run the command <code>$(nix-build -A

ghidra.mitmCache.updateScript)</code>. This command execute an update script to fetch the gradle

dependencies, and then stores the relevant information into <code>pkgs/tools/security/ghidra/deps.json</code>. Copy the

generated file over to your nix configuration and reference it in your overlays. In the example overlay

below, the <code>deps.json</code> file has been renamed to <code>ghidra-deps.json</code>.

=== ~~Install Ghidra on NixOS ===~~

~~Ghidra can be installed from nixpkgs~~ (~~ghidra,~~ ghidra-~~bin). There are some extension packages available too~~.

(final: prev: {

ghidra = prev.ghidra.overrideAttrs (oldAttrs: {

mitmCache = prev.gradle.fetchDeps {

inherit (oldAttrs) pname;

data = ./ghidra-deps.json;

};

src = prev.fetchFromGitHub {

owner = "NationalSecurityAgency";

repo = "Ghidra";

rev = "7d5a514f25fe5bea52a0465c26ae5663855f79c9";

hash = "sha256-PN5J2Wrr8RUF1UljG57bfw2lhlEqnmWwtZy5xQcrNsE=";

# populate values that require us to use git. By doing this in postFetch we

# can delete .git afterwards and maintain better reproducibility of the src.

leaveDotGit = true;

postFetch = ''

cd "$out"

git rev-parse HEAD > $out/COMMIT

# 1970-Jan-01

date -u -d "@$(git log -1 --pretty=%ct)" "+%Y-%b-%d" > $out/SOURCE_DATE_EPOCH

# 19700101

date -u -d "@$(git log -1 --pretty=%ct)" "+%Y%m%d" > $out/SOURCE_DATE_EPOCH_SHORT

find "$out" -name .git -print0 | xargs -0 rm -rf

'';

};

</syntaxhighlight>

=== Building Ghidra on NixOS ===

Building Ghidra on NixOS can be a bit ~~more finnicky than usual~~ because of the gradle setup. This is an example shell.nix file.

Building Ghidra on NixOS can be a bit finicky because of the gradle setup. This is an example <code>shell.nix</code>

file to setup a development shell:

with import <nixpkgs> {};

Line 14:

Line 71:

pkgs.mkShell {

buildInputs = [

pkgs.~~jdk11~~

pkgs.jdk21

pkgs.gradle

pkgs.gcc

Line 24:

Line 81:

shellHook = ''

rm -rf /tmp/gradle &> /dev/null

mkdir /tmp/gradle

export GRADLE_USER_HOME="/tmp/gradle"

echo "org.gradle.java.home=${pkgs.~~jdk11~~}/lib/openjdk" > /tmp/gradle/gradle.properties

echo "org.gradle.java.home=${pkgs.jdk21}/lib/openjdk" > /tmp/gradle/gradle.properties

'';

}

</syntaxhighlight>

~~[[Category:Applications]]~~

@@ Line 1: / Line 1: @@
+[https://www.nsa.gov/ghidra Ghidra] is a software reverse engineering (SRE) framework created and maintained by the
+American [https://en.wikipedia.org/wiki/National_Security_Agency National Security Agency] (NSA).
-[https://www.nsa.gov/ghidra Ghidra] is a software reverse engineering (SRE) framework created and maintained by the American National Security Agency(NSA).
+=== Install Ghidra on NixOS ===
+Ghidra can be installed from nixpkgs from source via the <code>ghidra</code> package or as a pre-packaged build using <code>ghidra-bin</code>.
+There are a number of [https://github.com/NixOS/nixpkgs/tree/nixos-unstable/pkgs/tools/security/ghidra/extensions extensions] already supported in nixpkgs. If you want to build Ghidra with some extensions included, you can use the
+following:
+<syntaxhighlight lang="nix">
+      pkgs.ghidra.withExtensions (p: with p; [
+        ret-sync
+      ]);
+</syntaxhighlight>
+Note that extensions ''cannot'' be used with the <code>ghidra-bin</code> package.
+=== Ghidra Overlays ===
+Updating the <code>ghidra</code> package using an overlay is not as easy as most common packages in nixpkgs, due to it's
+use of [https://gradle.org/ gradle] and how gradle-based packages are built on nix.
+First you will need to generate a new gradle dependency (<code>deps.json</code>) file. which will
+be be used to override the file specified in the <code>mitmCache</code> part of the <code>ghidra</code>
+derivation.
+In order to generate <code>deps.json</code>, you will need to git clone a copy of [https://github.com/NixOS/nixpkgs/ Nixpkgs] if you don't already have one. Inside of the clone you need modify the <code>rev</code> field of the attribute set passed to <code>mkDerivation</code> in [https://github.com/NixOS/nixpkgs/blob/nixos-unstable/pkgs/tools/security/ghidra/build.nix <code>pkgs/tools/security/ghidra/build.nix</code>] file, which used for building <code>ghidra</code>. The <code>rev</code> field should be set to whatever git commit you want to install.
+Then from the root of your Nixpkgs folder run the command <code>$(nix-build -A
+ghidra.mitmCache.updateScript)</code>. This command execute an update script to fetch the gradle
+dependencies, and then stores the relevant information into <code>pkgs/tools/security/ghidra/deps.json</code>. Copy the
+generated file over to your nix configuration and reference it in your overlays. In the example overlay
+below, the <code>deps.json</code> file has been renamed to <code>ghidra-deps.json</code>.
-=== Install Ghidra on NixOS ===
+<syntaxhighlight lang="nix">
-Ghidra can be installed from nixpkgs (ghidra, ghidra-bin). There are some extension packages available too.
+        (final: prev: {
+          ghidra = prev.ghidra.overrideAttrs (oldAttrs: {
+            mitmCache = prev.gradle.fetchDeps {
+              inherit (oldAttrs) pname;
+              data = ./ghidra-deps.json;
+            };
+            src = prev.fetchFromGitHub {
+              owner = "NationalSecurityAgency";
+              repo = "Ghidra";
+              rev = "7d5a514f25fe5bea52a0465c26ae5663855f79c9";
+              hash = "sha256-PN5J2Wrr8RUF1UljG57bfw2lhlEqnmWwtZy5xQcrNsE=";
+              # populate values that require us to use git. By doing this in postFetch we
+              # can delete .git afterwards and maintain better reproducibility of the src.
+              leaveDotGit = true;
+              postFetch = ''
+                cd "$out"
+                git rev-parse HEAD > $out/COMMIT
+                # 1970-Jan-01
+                date -u -d "@$(git log -1 --pretty=%ct)" "+%Y-%b-%d" > $out/SOURCE_DATE_EPOCH
+                # 19700101
+                date -u -d "@$(git log -1 --pretty=%ct)" "+%Y%m%d" > $out/SOURCE_DATE_EPOCH_SHORT
+                find "$out" -name .git -print0 | xargs -0 rm -rf
+              '';
+            };
+</syntaxhighlight>
 === Building Ghidra on NixOS ===
-Building Ghidra on NixOS can be a bit more finnicky than usual because of the gradle setup. This is an example shell.nix file.
+Building Ghidra on NixOS can be a bit finicky because of the gradle setup. This is an example <code>shell.nix</code>
+file to setup a development shell:
 <syntaxhighlight lang="nix">
 with import <nixpkgs> {};
@@ Line 14: / Line 71: @@
 pkgs.mkShell {
    buildInputs = [
-     pkgs.jdk11
+     pkgs.jdk21
      pkgs.gradle
      pkgs.gcc
@@ Line 24: / Line 81: @@
    shellHook = ''
      rm -rf /tmp/gradle &> /dev/null
      mkdir /tmp/gradle
      export GRADLE_USER_HOME="/tmp/gradle"
-     echo "org.gradle.java.home=${pkgs.jdk11}/lib/openjdk" > /tmp/gradle/gradle.properties
+     echo "org.gradle.java.home=${pkgs.jdk21}/lib/openjdk" > /tmp/gradle/gradle.properties
    '';
 }
 </syntaxhighlight>
-[[Category:Applications]]