When decompiling, function calls may not be immediately obvious due to compilers doing optimizations like built-in functions and unrolling loops. E.g. a strcpy() for a fixed string may become a series of x86 "mov" instructions to avoid function call and loop overhead.
See also: https://gcc.gnu.org/onlinedocs/gcc/Built-in-Functions.html
[New Blog Post] "Verified" "Compilation" of "Python" with Knuckledragger, GCC, and Ghidra #compiler #formalmethods #ghidra https://www.philipzucker.com/knuckle_C_pcode/
Fun fact: you can attach to the gdbserver exposed by #rr and do #TimeTravelDebugging from #Ghidra :)
UX is similar to ret-sync.
Well, since I was last working on my Time Machine #Pinball reverse engineering project, #Ghidra updates have blown away whatever I did to install mc6800 processor support, and of course I didn't document what I did. Time to pick up the pieces so I can actually get into the meat of the project.
Ideally this time I'll set it up so it isn't overridden when the #flatpak is updated.
New Open-Source Tool Spotlight 
GhidraMCP is an Model Context Protocol server for allowing LLMs to autonomously reverse engineer applications. It exposes numerous tools from core Ghidra functionality to MCP clients.
Project link on #GitHub 
https://lnkd.in/gRUrYpMx
#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity
— 
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 
Does anybody know how can I get the offset in an executable file from an address in #Ghidra (with Python or Java)?
Maybe @buherator ?
#ghidraMCP is an Model Context Protocol server for allowing #LLM to autonomously reverse engineer applications. It exposes numerous tools from core #Ghidra functionality to #MCP clients https://github.com/LaurieWired/GhidraMCP
Introducing yet another #GitHub repository that promises to revolutionize your life but will probably just take up space on your computer. 
With the "MCP server for #Ghidra," you can automate, search, and sort your digital clutter even faster! 
Because who doesn't want to spend their day managing code changes and pretending to collaborate outside of code? 
https://github.com/LaurieWired/GhidraMCP #MCPserver #automation #digitalclutter #codecollaboration #techhumor #HackerNews #ngated
MCP server for Ghidra
https://github.com/LaurieWired/GhidraMCP
#HackerNews #MCP #Ghidra #GhidraMCP #cybersecurity #open-source #reverse-engineering
This merge conflict was resolved yesterday.
True story: I used #Ghidra to help determine what was going on.
Live now investigating malware targeting VTubers!
#ghidra ’s decompiler needs a plugin like gofmt or prettier-js
Still no progress on the decoder but I have managed to somewhat reverse my first two functions in #ghidra:
One function that draws an empty textbox on the screen and another that is used by that function to draw one horizontal line of tiles.
Not really what I was looking for, but interesting regardless.
My fear that I would just look at the pseudo C was unfounded, I'm still reading plenty of assembly. In parts, it's easier to understand that whatever the C code is trying to do.
Always fun to run into a function that #ghidra can’t handle 
(I bumped the max node limit in the settings and it rendered the graph at last, though the decompiler still dies when trying to cope with it. Ah well.)
Quick fix for Ghidra's rust detection, if you are analyzing rust and your strings are not extracted correctly please try my patch!
https://github.com/NationalSecurityAgency/ghidra/pull/7885/files
Live now improving Ghidra's RustLang support and maybe working on a AssemblyLine4 plugin! 
"Running #Ghidra on the same platform as the binaries you’re analyzing isn’t just convenient — it’s strategic."
https://medium.com/@clearbluejar/everyday-ghidra-how-platform-choice-influences-ghidras-binary-analysis-76c40db0e407
Anybody knows how to demangle a string, not a symbol, in #Ghidra using Python?
![[Lonely Pablo meme, Pablo staring into the distance]
MASTERED GHIDRA, cannot reverse vibes.](https://files.mastodon.social/media_attachments/files/114/224/927/327/703/677/original/6e4c353d1fc9bd78.jpg "[Lonely Pablo meme, Pablo staring into the distance]
MASTERED GHIDRA, cannot reverse vibes.")
