Brilliant "in a nutshell" tutorial of getting to know the program quickly. Could you please do a follow-up of the very same crack me, but with showing how you "crack" the crackme by patching the binary inside Ghidra so that it always jumps to the success condition regardless of the input given?
Its like the perfect purity of a man page was compiled into a perfect video. Instructions so clear I accidentally cracked the travelling knapsack problem.
@@EchoXIIIGO I do recall about 10 years ago, a very prominent software vendor had an Easter egg in the terms and conditions. something about giving away your first born and pledging elegance to satan. It took about 5 or more years for someone to finally read it and mention it. (Mickyj Whitehat)
@benzo I highly doubt an opensource project would send data to the NSA, I feel like people are very aware of their role in the world, especially floss peeps.
wow your using this sucesfully and i fail at a baby shark singing program (basically a less trivial kinda hello world) lol. actually ghidra seems to hate the function definitions of visual studios stdlib...
For future listeners, Ghidra is pronounced, "Gee-druh"; [3] /ˈɡiːdrə/[4]). Source: github.com/NationalSecurityAgency/ghidra/wiki/Frequently-asked-questions#how-do-you-pronounce-ghidra Great video, and well-explained usage. Keep up the great work.
Great video! You explain things really simply. One question I have: can you use Ghidra to compare two similar .dll written in C++ files to find the differences between them?
@@letsplayer9558 the LARP groups are showing people how to use this shit lmao, hire me LARP people, I don't second guess stuff when I know what the shot is
Many thanks for suggesting this software ... I wanted to look into reverse engineering for years, but had not yet come across such an handy tool. AIDA wasn't really affordable for experimenting ... Again thank you very much!
Hey when trying to search for main it doesnt show any results and the main function i guess in some format like FUN_11001 some numbers can you tell me some settings to resolve this?
@killmoo, true, but I believe there were several vulnerabilities found and fixed in Ghidra upon its release. Now seeing as it was an in-house tool for the NSA, then they should have been able to patch these up (or at least some of them, and acknowledge that these vulnerabilities exist). I find it hard to believe that those vulnerabilities are not, in fact, deliberately placed backdoors. I really want to get into reverse engineering, and I only use free software, so I guess I'll have to use radare2 for the time being. (I'm not saying radare2 is bad, it's just notoriously difficult to learn and virtually impossible to master, from what I've heard and read at this point in time.) PS of course vulnerabilities exist in virtually every program, and it is entirely possible that these vulnerabilities slipped through, but seeing as we are talking about the NSA and their infamous reputation, I can't help but be dubious and sceptical. (Edit: content.)
The crackme was a stupid crack me totally unrealistic no body codes that way in real life ........just saying it would take me no less than 30 seconds to NOP the jumps NO KEY NEEDED .
I come here only to see what the heck ghidra is. I know nothing about reversing, executables and stuff, and I never use Mac in my lifetime, so please forgive me if my question is so stupid. 0:26 Can you really run linux elf binary on Mac?? Or have you done some "hack" before to make it possible?
It's Ghidra!!! It's not a J. It's a soft G as in gear (not G as in generous or gentle or genius). Then it's followed by hard E, as in easy and finally dra (soft), as in dram.
Nice video, but I have a question. Is it possible to get the flag without putting the password? Since the flags stored somewhere within the file, right?
Could you please make a tutorial on how to skirt the Mac OX Catalina 10.15.8 and download Ghidra? I really want to start using Ghidra but my mac will not allow the Javascript updates ...
Because Ghidra unfortunately does not support [] in the function signature - so instead of saying 'this is a pointer to an array' we say 'this is a pointer to a pointer', which gives us the result we want :) (Simplified: Working with an array in C is basically just pointer-arithmetic in the background)
I remember solving that very same Crack me with Hopper. thanks for the video, I have not given GHIDRA a try yet. I'm still learning how to pronounce it correctly :)
It is pronounced "Gee-druh" (github.com/NationalSecurityAgency/ghidra/wiki/Frequently-asked-questions#how-do-you-pronounce-ghidra), but that's okay. This video was a very nice introduction, by the way!