NSA Releases Free "GHIDRA" Reverse Engineering Tool

Discussion in 'HardForum Tech News' started by cageymaru, Mar 5, 2019.

  1. cageymaru

    cageymaru [H]ard as it Gets

    Messages:
    19,564
    Joined:
    Apr 10, 2003
    Today, the NSA released its free "GHIDRA" software reverse engineering tool. It can be used to analyze malicious code and malware like viruses. Cybersecurity professionals can use it to better understand potential vulnerabilities in their networks and systems. NSA will be making Ghidra available to the public as an open source release in time for its first public demonstration at the 2019 RSA Conference this March. For more NSA releases, check out CODE.NSA.GOV for open source, and NSA's Technology Transfer Program for other technology.

    Key features of Ghidra: Includes a suite of software analysis tools for analyzing compiled code on a variety of platforms including Windows, Mac OS, and Linux. Capabilities include disassembly, assembly, decompilation, graphing and scripting, and hundreds of other features. Supports a wide variety of processor instruction sets and executable formats and can be run in both user-interactive and automated modes. Users may develop their own Ghidra plug-in components and/or scripts using the exposed API.
     
  2. DocNo

    DocNo Gawd

    Messages:
    654
    Joined:
    Apr 23, 2012
  3. horrorshow

    horrorshow [H]ardness Supreme

    Messages:
    6,614
    Joined:
    Dec 14, 2007
    Now.... straight up, saying he's defeated a dragon-monster on NUMEROUS occasions??

    1. this is awesome.
    2. are there stories detailing said encounters?!?

    - GHIDRA sounds cool but I'm clueless. (haven't coded practically anything in almost 20 years)
     
  4. Kwaz

    Kwaz Whine & Cheezy

    Messages:
    3,594
    Joined:
    Sep 3, 2014
    Read that as Giardia.
     
    Sulphademus likes this.
  5. Whach

    Whach [H]ard|Gawd

    Messages:
    1,030
    Joined:
    Dec 22, 2011
    Malware. Malware I tell you!
     
  6. clockdogg

    clockdogg Gawd

    Messages:
    852
    Joined:
    Dec 12, 2007
    So... best not to run this against Win10 telemetry executables.
     
    captaindiptoad likes this.
  7. viscountalpha

    viscountalpha 2[H]4U

    Messages:
    2,548
    Joined:
    Oct 16, 2011
    Whats the catch? There's always a catch.
     
  8. inuZ

    inuZ [H]Lite

    Messages:
    111
    Joined:
    Dec 5, 2007
  9. joobjoob

    joobjoob Gawd

    Messages:
    544
    Joined:
    Jun 29, 2004
    King Ghidorah is more badass.

    king_ghidorah_1991_01.jpg

    But really i want a kaiju pet so bad I wouldn't kick any of them off the bed.
     
    Monkey34 likes this.
  10. DogsofJune

    DogsofJune 2[H]4U

    Messages:
    2,344
    Joined:
    Nov 7, 2008
    Uh, no. Nothing Ghidra related can be good. Ask the Japanese. Especially anything free from the NSA. Yikes
     
    viscountalpha and captaindiptoad like this.
  11. SomeoneElse

    SomeoneElse [H]ard|Gawd

    Messages:
    1,738
    Joined:
    Jan 16, 2007
    If they are releasing a tool for free you know it has a backdoor or some exploit baked in for their pleasure......next thing you know the FBI will be knocking at your door 3 weeks from now.
     
    surlyroad, xmadror and captaindiptoad like this.
  12. kju1

    kju1 2[H]4U

    Messages:
    3,031
    Joined:
    Mar 27, 2002
    Funny thing is there is already a "bug" where if you put it in debug mode you can remotely execute code on your machine. Trivial to fix since its a config issue. Looks like it was someone being lazy with their dev rather than malicious...

    Dude its open source...you can quite literally see EVERYTHING it does...Paranoid much?
     
    ZeqOBpf6 likes this.
  13. SomeoneElse

    SomeoneElse [H]ard|Gawd

    Messages:
    1,738
    Joined:
    Jan 16, 2007
    With the NSA? Yes.
     
  14. TorxT3D

    TorxT3D Gawd

    Messages:
    651
    Joined:
    Apr 30, 2006
    possible gov mass intelligence society psycology experiment.
    just to see who and how many people actually download and install this... coming from the NSA that we all hated years ago for spying on us.

    irony at its best. a good way to tell how succumbed and weakened we are as computer literate citizens.
     
  15. ThatITGuy

    ThatITGuy Limp Gawd

    Messages:
    196
    Joined:
    May 5, 2017
    While I would not be in any rush to go download this and try it out, this is open source so there is full visibility to everything it does.
    I honestly trust the general community's ability to read and understand the code more than i trust the NSA to have someone smart enough to slip something in that no one will notice.
     
  16. kju1

    kju1 2[H]4U

    Messages:
    3,031
    Joined:
    Mar 27, 2002
    Since its open source I would say you have issues...
     
    DocNo likes this.
  17. ThatITGuy

    ThatITGuy Limp Gawd

    Messages:
    196
    Joined:
    May 5, 2017
    You may be on to something.....
    I would actually be more worried that they would track exactly whom download this, just to keep tabs on those people as possible threats (i.e. those with computer knowledge), than I would the release of this tool and them using it as a backdoor.


    For the even more far out conspiracy ideas..... Linux drops kernel 5.0 at the same time as this is made available....
    Rope-a-dope confirmed! Linux 5.0 kernel has baked in code that, when Ghidra is also installed on the PC, allows the NSA root access to your machine. The new Windows update with SPECTRE fixes does the same.
     
    Wiffle likes this.
  18. SomeoneElse

    SomeoneElse [H]ard|Gawd

    Messages:
    1,738
    Joined:
    Jan 16, 2007
    It has nothing to do with the Code in the software.....Its about the agency and its dealings....
     
    pendragon1 and captaindiptoad like this.
  19. kju1

    kju1 2[H]4U

    Messages:
    3,031
    Joined:
    Mar 27, 2002
    But youre not trusting the software, which is open source and freely available for you to inspect every line of code, simply because of who wrote the code. Also I would bet good money you dont really have an idea what they do beyond what the media has told you which if you know the law is horribly inaccurate. But lets not hijack the thread with that.
     
    thebufenator, DocNo and Derfnofred like this.
  20. katanaD

    katanaD [H]ard|Gawd

    Messages:
    1,987
    Joined:
    Nov 15, 2016

    a buddy of my mine in NSA headquarters just texted me.. they are laughing at your comment

    :oops:
     
  21. SomeoneElse

    SomeoneElse [H]ard|Gawd

    Messages:
    1,738
    Joined:
    Jan 16, 2007
    So you're telling me I should trust it because it was written by the NSA. Regardless of their reputation of being an agency for surveillance and spying. They have more freedom to spy on citizens than the CIA...."for security reasons".
    So no I won't trust them not sure why you have a problem with this.....you can go about your business and download it if you want, I never said anyone couldn't.
     
    captaindiptoad likes this.
  22. DogsofJune

    DogsofJune 2[H]4U

    Messages:
    2,344
    Joined:
    Nov 7, 2008
    Sarcasm is lost in this thread.....
     
    DocNo and SomeoneElse like this.
  23. kju1

    kju1 2[H]4U

    Messages:
    3,031
    Joined:
    Mar 27, 2002
    No thats not what I said. I said you dont HAVE to trust them. You can actually see the damn code yourself. You can see what it does and decide for yourself if you want to trust the tool. But no you have let your misconceptions about your own government get in the way of logical thinking. You have prejudged and refused to stop and think. It could be a very useful tool...but you will never know because you blind yourself to the possibility.

    FFS you dont even have to get the code from THEM...https://github.com/NationalSecurityAgency/ghidra Unless your saying you cant trust github now because they host NSA projects...

    Your statements are wrong about both agencies btw. But hey I am not going to change your uneducated mind on that topic so I wont even waste the characters.
     
    DocNo likes this.
  24. KrS

    KrS n00b

    Messages:
    42
    Joined:
    Jan 29, 2015
    Everytime I read the work, I say in my head:

    Gojira
     
    captaindiptoad likes this.
  25. kju1

    kju1 2[H]4U

    Messages:
    3,031
    Joined:
    Mar 27, 2002
    Thats Atlassian (jira) ;)
     
  26. Wiffle

    Wiffle Limp Gawd

    Messages:
    293
    Joined:
    Oct 2, 2011
    Or how about this one: The code, while harmless on paper, when executed causes a memory fault that creates a backdoor. By downloading the tool you basically tell them where to look for the newly compromised machine.

    Actually I think the true purpose of this is far more nefarious and far reaching... they are trying to create employees!!!

    By releasing this for "free" they hope that at least a handful of people amongst the brilliant 450 million 'Murican lives will become experts at using these "free" tools and decide to work for the alphabet agencies. Or at the very least familiarize themselves with what they would be working with.
     
    captaindiptoad likes this.
  27. SomeoneElse

    SomeoneElse [H]ard|Gawd

    Messages:
    1,738
    Joined:
    Jan 16, 2007
    Have you ever worked for the government or had dealings with either of these agencies? I know what they do and what their role is. If you don't believe the CIA is a spy agency then, wow.....i guess we don't need to continue because you're just in it for the sake of arguing.
    Why don't you go after the other guys posting the same sentiment on this topic.
    We don't need to talk about this anymore.
     
    captaindiptoad likes this.
  28. kju1

    kju1 2[H]4U

    Messages:
    3,031
    Joined:
    Mar 27, 2002
    Yes I have and I have worked for these agencies. I know far more their role than you apparently do. I never said CIA wasnt a spy agency (stop trying to put words in my mouth), I just said you clearly dont understand their role if you think they are willy nilly spying on citizens.
     
    Last edited: Mar 6, 2019
  29. Darunion

    Darunion 2[H]4U

    Messages:
    3,731
    Joined:
    Oct 6, 2010
    Taking the other approach, isn't there something to be said for wanting to strengthen the overall average of software security of ones home country? Not saying that I know the intent for sure, but maybe there is a less nefarious purpose to this?
     
    DocNo and kju1 like this.
  30. Derfnofred

    Derfnofred Gawd

    Messages:
    571
    Joined:
    Dec 11, 2009
    ^ That was my initial thought as well, Darunion. It would make a *lot* of sense to open up a tool like this for common use software security the world around to tighten up a large number of vulnerabilities that would affect US citizens and her allies.
     
  31. SomeoneElse

    SomeoneElse [H]ard|Gawd

    Messages:
    1,738
    Joined:
    Jan 16, 2007
    Well I guess that's your prerogative. Like I said Your opinion shouldn't be forced onto someone because that's how you fell. I just said I won't trust it, REGARDLESS of what you think. If i don't want to trust them that's on me and you shouldn't really care.

    Also I never said they "willy nilly" spy on citizens that was you assumption. They do still survey the population so yea.....

    I'm done so you can have the last word if you want. This conversation is pointless. Two people with differing opinions on a subject.
     
    Last edited: Mar 6, 2019
    captaindiptoad likes this.
  32. kju1

    kju1 2[H]4U

    Messages:
    3,031
    Joined:
    Mar 27, 2002
    I never forced anything on you. I just called you out for being prejudiced. Then you started putting words in my mouth and making false assumptions.
     
  33. DogsofJune

    DogsofJune 2[H]4U

    Messages:
    2,344
    Joined:
    Nov 7, 2008
    False assumptions? Calling people paranoid for a sarcasm?

    Pot, kettle, black.....
     
  34. Wolf-R1

    Wolf-R1 [H]ard|Gawd

    Messages:
    2,007
    Joined:
    Aug 30, 2004
    Run it in an isolated VM.
     
  35. velusip

    velusip [H]ard|Gawd

    Messages:
    1,578
    Joined:
    Jan 24, 2005
    There are several similar tool sets and I'm not finding what this one brings to the table. I've been using r2 for a while now and it is excellent, but perhaps this one is less lean and more like IDA without the crazy license fee? I suppose that would attract some people.
     
  36. DogsofJune

    DogsofJune 2[H]4U

    Messages:
    2,344
    Joined:
    Nov 7, 2008
    My thoughts on it is that it seems like a useful tool. I have no use for it personally.

    Now, the fact it is named after a sci fi character that was know for violently destroying Japan and required the help of three equally destructive characters, Godzilla, Rodan, Mothra, to help nullify Ghidra, I find humorous.

    Sorry clarification was required. Glad a few at least saw the humor. Any more comment with me about this can be done by PMs. Enough trolling in this thread.

    Back on topic people. Keep the Gubment talk in Soapbox
     
    Last edited: Mar 6, 2019
  37. zkostik

    zkostik Gawd

    Messages:
    931
    Joined:
    Sep 17, 2009
    Probably comes with a free backdoor. Just a little thing from the sponsors ;)
     
    viscountalpha likes this.
  38. ThatITGuy

    ThatITGuy Limp Gawd

    Messages:
    196
    Joined:
    May 5, 2017
    No One is that evil.
     
  39. viscountalpha

    viscountalpha 2[H]4U

    Messages:
    2,548
    Joined:
    Oct 16, 2011
    You have to have a value to be tracked. That sums it up.
     
  40. seanreisk

    seanreisk Gawd

    Messages:
    828
    Joined:
    Aug 29, 2011
    Dude, the NSA and the CIA are evil, and they need to remain evil, because I'm bored of Nazis and zombies. If it turned out that the NSA and the CIA were like the other branches of the government, packed full of middle-aged Mormons in 10-year-old suits, my world view will be shattered.


    P.S. Tinfoil hats are awesome, 'cause you can wear them any size you like, and if you think you're being followed you can just take it off and scrunch it up into a really tiny ball and hide it in someone's fender.

    P.P.S. Sewing yourself into a full body faraday cage made out of screen-door netting is also awesome, 'cause then the NSA can't follow you electronically. Just make sure you take a dump before you go out.