The NSA releases Ghidra, their reverse engineering tool, for free! – The IDA Pro days may be over and more people will have access to high-end RE tools for finding security holes
If you’ve ever read anything about how the exploits that let us hack our consoles/smart devices work are created, you surely know that a good deal of reverse engineering is required. Up until today, the go-to tool was IDA Pro (which costs an arm and a leg) but now, America’s NSA has released their OWN reverse engineering tool called Ghidra publicly at no cost!
What is Ghidra?
As the title of this article suggests, Ghidra is a reverse-engeering tool that’s developed, maintained and used by the NSA.
A meme by xyz showing the general sentiment of the infosec community towards Ghidra. (Source)
Reverse-engineering tools take code that’s already compiled (i.e executable code) and decompile it in order to allow users to look at how the code actually works and identify potential weaknesses. Then, these weaknesses can be used to come up with bugs which in turn can be used to create exploits when combined with other vulnerabilities in the system.
Ghidra in action by marcan42 (Image Source)
A while ago, they promised they’d be releasing the tool for free at RSA Conference 2019 and now, that conference arrived and the tool, along with its source code, is publicly available for download!
Some hackers, including PSVita hacker Yifan Lu, are taking to the internet and are saying that it’s a significant competitor to IDA Pro since it’s pretty good and also 100% free! Furthermore, it supports a wide range of architectures including ARM64, PowerPC32/64 and obviously x86/64 and also has a barrage of features which will obviously make many consider moving to it from IDA Pro.
How could Ghidra affect the console/smart device hacking scene?
As Ghidra is a powerful security research tool, the implications of it being released for free include:
- Security researchers and/or hackers do not need to spend thousands on obtaining an IDA Pro license along with licenses for the modules to go along with it.
IDA Pro, which is one of the mostly used reverse engeering tools, costs a great deal of money so Ghidra will undoubtedly be popular with those who don’t have money to burn
- This could potentially increase the amount of people poking around console system software in order to find potential entry points in their free time.
- Invidiuals who are still beginners when it comes to hacking will most likely find Ghidra as a godsend since they don’t have to fork out any money to start learning hacking techniques which could later lead to them finding bugs in code.
- Web browsers, other applications and operating systems could potentially become more secure as access to high-end reverse engineering software could be a great help to white hat hackers.
- Obviously, Ghidra isn’t a tool that lets you jailbreak/hack your device! It’s a tool used by security researchers, hackers and anyone interested in infosec to reverse engineer code in order to find bugs to potentially make code more secure and potentially create exploits.
Conclusion
To grab Ghidra for yourself, check out the link below and follow the installation instructions provided there. As it’s written in Java, you need to install JRE so make sure you have a working Java installation before you start blaming the NSA that they released non-working software!
Ghidra currently supports 64-bit versions of Windows, Linux and macOS and its hardware requirements are 4GB RAM and 1GB HDD space so it’ll run on most computers from the past decade.
Ghidra website (download link + links to more information): https://ghidra-sre.org
awesome.
I get the feeling that they don’t need this anymore…because of AI
Uh Oh !, I dont want to be that conspiracy theory GUY ! ,But government giving stuff away for free ,and something that sensitive that condone more piracy/ hacks ??? Huh im not buying it , sounds like the perfect opportunity to spy and monitor to me , thanks buuut no thanks
It is going to be open source, and it stands to reason that most people who would benefit from this have the ability to investigate the source code and see if there is anything malicious in there. Granted, it’s probably a bit large for a single person to look through, but I like to think that there are a lot of good developers out there who will inspect it and find that it is safe to use.
If anything suspicious was found, it would be a BIG deal. The NSA wouldn’t be that stupid to release it as open source like that.
This is a tools to help with the Vault 7 mess being in the wild now, NSA Cleanup
Could this also potentially help develop emulators to run like the original hardware? Or at least understand first party emulators such as pops loader, or the gba emulator for 2/3ds, etc?
lol there is no “the NSA” it’s just NSA. also yeah seems like a pretty awesome little tool but yeah not quite as powerful as ida yet but that’s just a matter of time until more people get there hands on it and wright there own modules and plugins for it.
Learn how to use the word “the”, of course you’d say ‘the’ NSA.