HTDark | Underground Hacking Forum and Cybersecurity Community
  • Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.

Reverse Engineering Ghidra: Ghidra 10.0.1

Status
Not open for further replies.
itsMe

itsMe

*KillmeMories*
Staff member
Administrator
Super Moderator
Hacker
Specter
Crawler
Shadow
Joined
Jan 8, 2019
Messages
56,623
Solutions
2
Reputation
32
Reaction score
100,457
Points
2,313
Credits
32,750
‎6 Years of Service‎
 
76%
ghidra_bg.jpg


Introduction

Ghidra is a Software Reverse Engineering (SRE) Framework developed by the National Security Agency Research Directorate for NSA’s cybersecurity mission. It was created with aim to help all pentesters and cybersecurity professionals with reverse engineering, analyzing code for malware and viruses, to understand potential vulnerabilities in systems/networks, etc.

Ghidra 10.0.1 Change History (July 2021)

    New Features

        Decompiler. The Decompiler now supports conversion (hex, dec, bin, oct, char) and equate actions directly on constant tokens in the Decompiler window. To the extent possible, these actions also affect matching scalar operands in the listing. (GP-1053, Issue #21)

    Improvements

        Basic Infrastructure. Ghidra now gracefully fails to launch when its path contains an exclamation point. (GP-1057, Issue #1817)
        FileSystems. Can now handle multi-level Ext4 extent nodes when reading a file. (GP-1070)

    Bugs

        Build. No longer building and distributing the Debugger native test binaries. (GP-1080, Issue #3160, #3177)
        Debugger. Corrected potential deadlock condition within Debugger which could occur under some circumstances during a breakpoint or while stepping. (GP-1072)
        Decompiler. Fixed a bug in the Decompiler causing Overriding symbol with different type size exceptions. (GP-1041)
        Exporter. PE and ELF exporters no longer error out when processing non-file-backed relocations. (GP-1091)
        FileSystems. Corrected problem mounting Ext4 file systems when the container file is larger than the file system. (GP-1067)
        Importer:ELF. Corrected ELF relocation error reporting, including error bookmarks, when relocation handler extension is missing. (GP-1097)
        Jython. Added __file__ attribute support in Jython scripts. (GP-1099, Issue #3181)
        PDB. Fixed bug that prevented constructor signatures from being created properly. (GP-1086)
        PDB. Fixed bug in PDB CLI processing that could kill analysis for binaries imported with older versions of Ghidra. (GP-1104)
        Processors. Added ELF Relocation handler for SuperH processors. Only a few common relocation types have been added. (GP-1090)
        Scripting. Fixed a potential NullPointerException that could occur when trying to run a script that doesn't exist. (GP-1074, Issue #2742)
        Scripting. Improved graphing of class hierarchy in RecoverClassesFromRTTIScript and the GraphClassesScript to handle duplicate class names, class namespace delimiters, and to make better vertex descriptions. (GP-1095)
        Scripting. Fixed a flaw in the RecoverClassesFromRTTIScript that was not using PDB information to create data member names in class data structures. (GP-1101)

To see this hidden content, you must like this content.
 
Status
Not open for further replies.
Back
Top