Ghidra quickstart & tutorial: Solving a simple crackme
In this introduction to Ghidra we will solve a simple crackme - without reading any assembly!
Twitter: / ghidraninja
Links from the video:
Crackme: crackmes.one/crackme/5b8a37a4...
Download Ghidra: ghidra-sre.org
Scrolling issue: github.com/NationalSecurityAg...
Пікірлер: 267
Please create a series of Reverse Engineering Basics! Love this!
Its like the perfect purity of a man page was compiled into a perfect video. Instructions so clear I accidentally cracked the travelling knapsack problem.
4:07 "a small popup will show up." popup occupies most of screen.
Crystal-clear, methodical and systematic walkthrough! Thank you!
Excellent explanation. Clear, concise and a great pace, wasn't confusingly fast or laboriously slow. I hope you continue to make videos on Ghidra.
wow this tutorial is just perfect, the pace the explanations, everything ! Thank you
Brilliant "in a nutshell" tutorial of getting to know the program quickly. Could you please do a follow-up of the very same crack me, but with showing how you "crack" the crackme by patching the binary inside Ghidra so that it always jumps to the success condition regardless of the input given?
@gilperon
5 жыл бұрын
Wow is that even possible with ghidra?
@zitronenwasser
5 жыл бұрын
Gil Bytepatching should be simple, worst case you just use like a Hex Editor and jump to the offset and manually patch ig
@hyronharrison8127
4 жыл бұрын
@@gilperon its possible i. Gdb, i would hope so! :)
Beat tutorial I’ve ever seen. Clear, concise and simple.
Jesus you make it look so easy !! Love it ! Keep em coming my friend.
I had a quick look at Ghidra a few weeks ago and it seemed rather complex.... It certainly seems a lot less complex now! Thanks.
"Let's maximize the window" > Actually makes windows smaller
@ytxstream
4 жыл бұрын
And that's Mac OS for you
@Tedd755
4 жыл бұрын
@@ytxstream ⌘ + ⌥ + d is your friend
@The_Ballo
4 жыл бұрын
@@ytxstream *Java's half-assed implementation of
@powershellaxp64
4 жыл бұрын
He actually just moved it to the right.
@soulife8383
3 жыл бұрын
^^ effing owned dude... 😅 By a Polock Frank... sick digs
Fantastic. Hopefully looking forward to more of the same.
Thanks ninja! A very well prepared video. Hopefully more will come :)
I love it , already subscribed !
Thank you Ghidra Ninja. You are a true Ninja!!
wow, nice introduction man. looking forward for more videos from you!
amazing man keep uploading ghidra tutorials
Thank you for a great overview. I'm getting started quite easily because of this 👍
Many thanks for suggesting this software ... I wanted to look into reverse engineering for years, but had not yet come across such an handy tool. AIDA wasn't really affordable for experimenting ... Again thank you very much!
Excelent. We want more!! Really good tutorials
Your videos are awesome! Please keep making content like this!
awesome tutorial - keep them coming man!
Thank you - and pls. continue the work. PS: made me smile.
This helped so much, the main thing I needed was just the fact that you can click on named functions in the decompile window to go to them. Seems obvious but I just didn't know!
Liked your explaination, easy and clear. Keep going please.
Love this. Keep up the great content man
very good video! Im already applying for NSA!
love the “NSA-Mainframe” on your terminal. I let out a good laugh at that!
For future listeners, Ghidra is pronounced, "Gee-druh"; [3] /ˈɡiːdrə/[4]). Source: github.com/NationalSecurityAgency/ghidra/wiki/Frequently-asked-questions#how-do-you-pronounce-ghidra Great video, and well-explained usage. Keep up the great work.
@somedude5414
2 жыл бұрын
(Thank you classic Godzilla movies.)
Great job explaining - thank you!
Good and fast introduction!
very nice and efficient intro into ghidra gui
Extremely informative! Very good video!
Thanks man. I enjoyed you cracking that.
You have 13.2K subscribers and only 3 videos from 8 months ago! This was such a great video, I was disappointed to see you didn't have more content.
@tyrrelldavis9919
4 жыл бұрын
Tech KZreadrs always have their view count scaled way down
awesome video man,keep doing more basic malware analyasis and reversing.Thanks:)
Very cool, I LOVE Ghidra so far
Nice introduction! Had have no idea abut Ghidra ;)
Nice, I was looking for samples with known outcomes so I could follow the technique ! Awesome . (Mickyj Whitehat)
@cvspvr
4 жыл бұрын
you've literally got a black hat on. don't lie
Oh my... this video is amazing! ❤
Thanks for wonderful tutorial. Subscribed.
The video was very helpful, keep it up bro👍👍
Great video. I learned a lot from it.
Thank you for the nice tutorial!
Great video. Keep it up!
That's a great tutorial man ,thx!
Great content, subbed, keep them coming!
Excellent video! Is there a way to isolate and tag raw binary into separate chunks? For example if you read an EEPROM and load it in Ghidra as raw binary can you then split it up into prgrogram, data, etc so that decompiler can make sense of it?
love it bruh... keep it up
Watched first 11 seconds. subscribed. I think I'm only subscribed to a dozen people after over a decade of being on KZread.
"Just hit okay because nobody reads those anyway" Well, I guess I'm a nobody.
@EchoXIIIGO
5 жыл бұрын
You sir are a thought criminal reading those agreements... tut tut..
@MichaelJenkin
5 жыл бұрын
@@EchoXIIIGO I do recall about 10 years ago, a very prominent software vendor had an Easter egg in the terms and conditions. something about giving away your first born and pledging elegance to satan. It took about 5 or more years for someone to finally read it and mention it. (Mickyj Whitehat)
@thatcrockpot1530
4 жыл бұрын
@benzo I highly doubt an opensource project would send data to the NSA, I feel like people are very aware of their role in the world, especially floss peeps.
@hexagonist23
4 жыл бұрын
You must know what you are agreeing to before you agree.
Thank you, very instructive.
Great Job! Keep up please.
Looking forward to more videos like this.
Great job
very thorough. thanks
Great tutorial!
Nice video! Do you plan on making more? Id love to see more videos on Ghidra :)
Very nice. Great tutorial.
Jidra 😞😭 didnt think that video would stress me out this much 🥶🥶🤯
I remember solving that very same Crack me with Hopper. thanks for the video, I have not given GHIDRA a try yet. I'm still learning how to pronounce it correctly :)
@micah9382
5 жыл бұрын
It is pronounced "Gee-druh" (github.com/NationalSecurityAgency/ghidra/wiki/Frequently-asked-questions#how-do-you-pronounce-ghidra), but that's okay. This video was a very nice introduction, by the way!
Very good tutorial
Amazing tutorial
Just curious as I just learned that this tool exists, what is difference using this vs ollydbg for cracking? Other than assembly
great !!! Please, more !!!
Thank you for this video!
Great video! You explain things really simply. One question I have: can you use Ghidra to compare two similar .dll written in C++ files to find the differences between them?
THANK YOU FOR DOING GOD'S WORK!
nice intro! of course, there's any number of possible solutions given that the only criterion is an @ in 5th position
Thanks man for the knowledge you are awsm
Great video. But could you make a video comparing Ghidra to IDA or some other RE tools?
Great, really great !
Waiting for more videos from you.
Thank you so much!!!
my terminal doesnt allow me to open the crack me initially, you said you're using a VM, is that a different terminal than mac's default?
Love it.
Great tutorial, kudos! Can you elaborate why is there an issue requiring the usage of a pointer to a pointer for argv ?
@retrograder3303
6 ай бұрын
did you figure out? I am also curious
are you planning on doing a course series for this? I would buy it
Thank you!
cooooooooooooooooooooooooool Loved it!
Great video! Do you know how to hide the project window? i'd love to hide that window once i ran the code browser
awesome!
Thanks for the video =)
Approved for 100k.
Could you please make a tutorial on how to skirt the Mac OX Catalina 10.15.8 and download Ghidra? I really want to start using Ghidra but my mac will not allow the Javascript updates ...
Kind of a dumb question but how did you get your keystrokes to show up on the screen like that?
How are you able to run the Unix binary file. Im getting: ```zsh: exec format error: ./rev50_linux64-bit```
More tutorials please!!!
Nice video, but I have a question. Is it possible to get the flag without putting the password? Since the flags stored somewhere within the file, right?
Thanks for sharing! What do you use to show your keyboard input?
@stacksmashing
3 жыл бұрын
It's a tool called Keycastr
@DurgaPrasadPandeyBCE
3 жыл бұрын
@@stacksmashing why am i getting this error ? /ghidraprojects/rev50_linux64-bit: cannot execute binary file
What VM were you using during this video?
@stacksmashing
5 жыл бұрын
None, I have a separate computer where I do this kind of stuff.
I hope that you create a beginner series in reverse engineering embedded firmware
awsome tutorial !! only issue why we changed char* argv[] to char **argv ??
@stacksmashing
5 жыл бұрын
Because Ghidra unfortunately does not support [] in the function signature - so instead of saying 'this is a pointer to an array' we say 'this is a pointer to a pointer', which gives us the result we want :) (Simplified: Working with an array in C is basically just pointer-arithmetic in the background)
What VM do you use for running Linux code in OSX?
nice
Is there a way to find what part(s) of the program are referencing a data-text string? I've tried doing a global search of the address, but where can I find the functions that use it? I've looked at the tutorial 'Z0FCourse_ReverseEngineering' from stryker2k2/ wolfshirtzlabs but don't see that covered! Very new to this, would OllyDbg or IdaPro be more beginner friendly?
@tyrrelldavis9919
4 жыл бұрын
I'm a normie, no govlarp here, IDA is the only one I've heard of, Would be interesting to see how file analysis programs are built from scratch, as well as what language they would have to use to build a file analysis tool like ghidra or IDA Ghidra is kind of esoteric, IDA all the normies like me will recognize I know the govlarp people like using python
@SolomonUcko
3 жыл бұрын
There should be a list of "X-REFS" on the far right of the listing (you might need to scroll horizontally). There should also be a right-click option to show/list references.
What VM are you using to get that seamless terminal integration?
@stacksmashing
5 жыл бұрын
It's an SSH session into the VM
Could you do a little tutorial using a MSDOS 16bit binary file? Maybe something that's not packed?
Are you on a Mac or is this a Vbox
This was a great video. Amazing explanation but if you could speak a little louder and also put in some energy into your voice it would be even better