ghidraninja / ghidra_scripts Goto Github PK
View Code? Open in Web Editor NEWScripts for the Ghidra software reverse engineering suite.
License: GNU General Public License v3.0
Scripts for the Ghidra software reverse engineering suite.
License: GNU General Public License v3.0
I'm getting this error ๐ข
yara.py> Running...
Failed
[Errno 2] No such file or directory
yara.py> Finished!
Ghidra is capable of demangling the rust format as of 9.2 as the Gnu Demangler Analyzer will allow the specifying of the format option. You would simply specify -s rust
I think.
Originally posted by @astrelsky in #10 (comment)
Traceback (most recent call last):
File "ghidra_scripts/yara.py", line 53, in
add_bookmark_comment(vaddr, current_rule)
File "ghidra_scripts/yara.py", line 30, in add_bookmark_comment
cu.setComment(CodeUnit.EOL_COMMENT, text)
AttributeError: 'NoneType' object has no attribute 'setComment'
Long story short, I'm following your excellent Youtube series on reversing wannacry, and due to headaches with the ooanalyzer plugin, moved from Windows to Linux, and transferred the project from one to the other in order to preserve my work so far.
However, the following line in yara.py:
currentProgram.getDomainFile().getMetadata()["Executable Location"]
Returns the old location on my C: drive, rather than its current location in my Linux machine. I can workaround this by manually specifying the executable location.
This may be a bug with Ghidra rather than your script.
Hi
if I try to run the binwalk or the yara script I receive the following message in the console:
yara.py> Running...
CRC32_poly_Constant /root/winbin/test.exe
Failed
'NoneType' object has no attribute 'setComment'
yara.py> Finished!
It looks like an update for the project that golang_renamer.py
is built on has an update for golang1.16
https://github.com/sibears/IDAGolangHelper/blob/master/GO_Utils/Gopclntab.py
Would it be possible to patch in the newer check_is_gopclntab16
, rename16
functions and lookup16
data?
i have my ios executable loaded in ghidra and the yara script loaded, but i get this.. unsure how to fix..
yara.py> Running...
Traceback (most recent call last):
File "/opt/Mobile-Testing/ghidra_scripts/yara.py", line 46, in
output = subprocess.check_output(["yara", "--print-string-length", rule_location, file_location], stderr=None)
File "/opt/Mobile-Testing/ghidra_10.3.1_PUBLIC/Ghidra/Features/Python/data/jython-2.7.3/Lib/subprocess.py", line 579, in check_output
process = Popen(stdout=PIPE, *popenargs, **kwargs)
File "/opt/Mobile-Testing/ghidra_10.3.1_PUBLIC/Ghidra/Features/Python/data/jython-2.7.3/Lib/subprocess.py", line 892, in init
self._execute_child(args, executable, preexec_fn, close_fds,
File "/opt/Mobile-Testing/ghidra_10.3.1_PUBLIC/Ghidra/Features/Python/data/jython-2.7.3/Lib/subprocess.py", line 1402, in _execute_child
raise OSError(errno.ENOENT, os.strerror(errno.ENOENT))
OSError: [Errno 2] No such file or directory
yara.py> Finished!
Latest (10.1.5) Ghidra. I can post whatever is needed to fix it, just ask.
This is the terminal output:
binwalk.py> Running...
Failed
[Errno 2] No such file or directory
Traceback (most recent call last):
File "C:\Tools\Ghidra\ghidra_10.1.5_PUBLIC\plugins\ghidra_scripts\binwalk.py", line 39, in <module>
os.unlink(result_file)
OSError: unlink(): an unknown error occurred: C:\Users\kyle\AppData\Local\Temp\tmpbvukcw
binwalk.py> Finished!
Ghidra 10.1.5 on Win11
golang_renamer.py> Running...
745490
Traceback (most recent call last):
File "\ghidra_scripts\golang_renamer.py", line 152, in <module>
GoRename()
File "\ghidra_scripts\golang_renamer.py", line 141, in GoRename
process_segment(go_renamer)
File "\ghidra_scripts\golang_renamer.py", line 81, in process_segment
h = handler(addressToInt(position.getStart()), get_bitness())
File "\ghidra_scripts\golang_renamer.py", line 95, in go_renamer
ptr.maker(base+offset)
File "\ghidra_scripts\golang_renamer.py", line 50, in MakeQword
listing.createData(addr, QWORD)
at ghidra.program.database.code.CodeManager.checkValidAddressRange(CodeManager.java:1941)
at ghidra.program.database.code.CodeManager.createCodeUnit(CodeManager.java:2055)
at ghidra.program.database.ListingDB.createData(ListingDB.java:422)
at jdk.internal.reflect.GeneratedMethodAccessor108.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:568)
ghidra.program.model.util.CodeUnitInsertionException: ghidra.program.model.util.CodeUnitInsertionException: Insufficent memory at address 00b3d560 (length: 8 bytes)
golang_renamer.py> Finished!
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.