Ghidra is an advanced reverse engineering tool that can be installed and used for free and available to everyone. Ghidra is a versatile tool where many reverse engineering operations can be conducted. One of its most important features is the decompile feature. Ghidra has a user friendly graphical user interface (GUI) and can run on both Windows and Linux.
You can access the Ghidra tool at the following link:
Ghidra: https://ghidra-sre.org/
The installation of the Ghidra tool is simply as follows:
JDK 17 is required for the Ghidra tool to work, so JDK 17 must be downloaded and installed first:
JDK 17 (64-Bit): https://adoptium.net/temurin/releases/
Note: Ghidra and JDK files are included in the Linux system, which is covered later in the training.
As seen in the image above, the 64-bit version of JDK 17 for Linux is downloaded. The downloaded compressed file with the extension "tar.gz" is extracted under any directory:
As you can see in the image above, the JDK file has been successfully extracted. After this process, "bin" directory that is in the JDK directory should be added to the path for ghidra to work. For this, a line must be added to the ".bashrc" file. For this, a line must be added to the ".bashrc" file.
Let's open this file under the home directory with the nano editor:
sudo nano ~/.bashrc
The red section in the image above shows the added line. The purple area in this section shows the bin directory location in the JDK.
export PATH=/home/letsdefend/reverse/jdk-17.0.5+8/bin:$PATH
Note: The path part of the JDK file should be arranged in such a way that the full path should be the exact location of the JDK file.
We have installed the JDK successfully. The zip file of the Ghidra tool is downloaded and opened.
unzip ghidra_10.2.2_PUBLIC_20221115.zip
After extracting the Ghidra zip file, the installation is completed. Running the underlined file in the image above will be enough to open the Ghidra tool.
| |||||||||||||||
In this part of the training, we have covered topics like the C programming language, the compile process, how the C source code is compiled, examples of stack and heap fields on the C source code, the Ghidra tool, and the installation of the Ghidra tool.
.png)