C Structures in Ghidra: How to Reverse Engineer Faster

Показать описание

Learn how C structures can improve your reverse engineering workflow.

0:00 How I failed
0:38 How developers use C structures in their programs
3:13 Reverse Engineering C structures in Ghidra
6:10 Using structures vs no structures

~~~ 🐵 Social ~~~

Path Cybersec [Slava Moskvin]

Рекомендации по теме

Комментарии

@Path Cybersec [Slava Moskvin] ahh, yea. It saves me a lot of time when REing a structure in a function, but it's also not amazing or perfect, so you do have to do some stuff manually!

A suggestion for your next tutorial on the subject could be how to get the size of the individual fields from the asm, as I don't think Ghidra automaticlly does that when you rename a field.

Btw, you can type the size in directly at the bottom of the structure editor, and it will create the correct amount of bytes!

Glad to see people are making RE tutorials! Hope you keep making them!

nordgaren

Sir, can you explain how to reverse engineering quickbooks with advance inventory

TheSimpleLife

Love your videos,
Although I still struggle with reverse engineering.

eyalv

Have you used the auto fill struct function to make structure dissection even faster?

nordgaren

unrealted question can you link the music used?

vedaryan

is reverse engineering and exploit development processor specific?INTEL/AMD ...can i do reversing and develop exploit with amd pc same as computers with intel processor ???? and does reversing tools like ghidra work on amd ??

anonsurf

Ну да у нас же у всех есть размер и названия полей...
Попробуй разобрать структуру о которой ты вообще ничего не знаешь и инициализируется она в стеке (без malloc).
И еще, ghidra и ida выдают разный код. Вот например в csgo есть структура netadr_t, гидра пишет что движок игры обращается к оффсету 0x28 или типа того, что вообще за пределами структуры. А IDA пишет что обращается по оффсету 5, что является вторым байтом ip адреса. А по факту они оба обращались к первому полю структуры, где хранится тип адреса (netadrtype_t) и как с этим работать? Если бы у меня не было исходников движка игры, то я бы никогда в жизни не догадался где что там. Вот например есть кс 2, там исходников уже нет и как разбираться в нем я вообще без понятия.

MrLuckyTomas

C Structures in Ghidra: How to Reverse Engineer Faster

C Structures in Ghidra: How to Reverse Engineer Faster

Reversing Structures - Ghidra Reversing Tutorials

Software Reverse Engineering with Ghidra -- Creating Structures

Intro to Reverse Engineering with GHIDRA - Lesson 5 Structures Exploit Educations Phoenix heap one

Reversing Looping Control Structures - Ghidra Reversing Tutorials

Ghidra, how to make a struct

Starting Project in Ghidra | Reverse Engineering

Part 5: Reverse Engineering: Converting assembly code to C code Ghidra Decompiler #shorts #short

Reversing Array Data Structures - Ghidra Reversing Tutorials

everything is open source if you can reverse engineer (try it RIGHT NOW!)

Getting Started Reversing C++ Objects with Ghidra - Ghidra Reversing Tutorials

An introduction to hacking video games with Ghidra

Ghidra Automotive ECU hacking class (Bosch MED17, Infineon Tricore)

Understanding Calling Conventions - Ghidra Reversing Tutorials

REVERSE ENGINEERING C++PROGRAMS USING NSA GHIDRA AND PYTHON IN 2023

Software Reverse Engineering with Ghidra -- Creating Arrays and Changing Function Signatures

Part 3: Reverse Engineering : Understanding Ghidra User Interface - Sections & Import Table

Reverse Engineering - Computerphile

You Can Learn Assembly in 60 Seconds (its easy) #shorts

GHIDRA for Reverse Engineering (PicoCTF 2022 #42 'bbbloat')

Decompiling ARM raw binary with Ghidra

Come Get Your Free NSA Reverse Engineering Tool!

Pull apart an EXE file with Ghidra (NSA Tool) (Reverse Engineering)

Beginner Reverse Engineering | Part 2: Compiling and Decompiling (Ghidra + IDA)