Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases now! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required
Arrow left icon
All Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletters
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Ghidra Software Reverse Engineering for Beginners

You're reading from   Ghidra Software Reverse Engineering for Beginners Analyze, identify, and avoid malicious code and potential threats in your networks and systems

Arrow left icon
Product type Book
Published in Jan 2021
Publisher Packt
ISBN-13 9781800207974
Pages 322 pages
Edition 1st Edition
Languages
Concepts
Arrow right icon
Author (1):
Arrow left icon
A. P. David A. P. David
Author Profile Icon A. P. David
A. P. David
LinkedIn
A. P. David is a senior malware analyst and reverse engineer. He has more than 7 years of experience in IT, having worked on his own antivirus product, and later as a malware analyst and reverse engineer. He started working for a company mostly reverse engineering banking malware and helping to automate the process. After that, he joined the critical malware department of an antivirus company. He is currently working as a security researcher at the Galician Research and Development Center in Advanced Telecommunications (GRADIANT) while doing a malware-related PhD. Apart from that, he has also hunted vulnerabilities for some relevant companies in his free time, including Microsoft's Windows 10 and National Security Agency's Ghidra project.
Read more
See other products by A. P. David
Arrow right icon
View More author details
Toc

Table of Contents (20) Chapters Close

Preface 1. Section 1: Introduction to Ghidra
2. Chapter 1: Getting Started with Ghidra FREE CHAPTER 3. Chapter 2: Automating RE Tasks with Ghidra Scripts 4. Chapter 3: Ghidra Debug Mode 5. Chapter 4: Using Ghidra Extensions 6. Section 2: Reverse Engineering
7. Chapter 5: Reversing Malware Using Ghidra 8. Chapter 6: Scripting Malware Analysis 9. Chapter 7: Using Ghidra Headless Analyzer 10. Chapter 8: Auditing Program Binaries 11. Chapter 9: Scripting Binary Audits 12. Section 3: Extending Ghidra
13. Chapter 10: Developing Ghidra Plugins 14. Chapter 11: Incorporating New Binary Formats 15. Chapter 12: Analyzing Processor Modules 16. Chapter 13: Contributing to the Ghidra Community 17. Chapter 14: Extending Ghidra for Advanced Reverse Engineering 18. Assessments 19. Other Books You May Enjoy

Ghidra RCE vulnerability

In this section, we will learn how the RCE vulnerability found in Ghidra 9.0 works, how to exploit it, and how to fix it.

Explaining the Ghidra RCE vulnerability

The vulnerability was due to a line located in launch.bat when running Ghidra on Windows platforms and launch.sh when running it on Linux or macOS. The following is the line involved:

-Xrunjdwp:transport=dt_socket,server=y,suspend=${SUSPEND},address=*:${DEBUG_PORT}

The vulnerability was fixed in the second version of Ghidra 9.0.1 by replacing the asterisk (*), which indicates all addresses are allowed to attach the debugger to Ghidra, and limiting it to localhost: 

-Xrunjdwp:transport=dt_socket,server=y,suspend=!SUSPEND!,address=!DEBUG_ADDRESS!

As you can see, the vulnerability is so evident that, paradoxically, it is likely that it went unnoticed for the same reason.

Exploiting the Ghidra RCE vulnerability

To exploit this RCE vulnerability, we set up a vulnerable machine...

lock icon The rest of the chapter is locked
arrow left Previous Section
Section 5 of 8
Next Section arrow right
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at €18.99/month. Cancel anytime

Authors (1)

Profile icon A. P. David
A. P. David
LinkedIn icon Github icon
A. P. David is a senior malware analyst and reverse engineer. He has more than 7 years of experience in IT, having worked on his own antivirus product, and later as a malware analyst and reverse engineer. He started working for a company mostly reverse engineering banking malware and helping to automate the process. After that, he joined the critical malware department of an antivirus company. He is currently working as a security researcher at the Galician Research and Development Center in Advanced Telecommunications (GRADIANT) while doing a malware-related PhD. Apart from that, he has also hunted vulnerabilities for some relevant companies in his free time, including Microsoft's Windows 10 and National Security Agency's Ghidra project.
Read more
See other products by A. P. David

Other recommended products

Related to this chapter
Left arrow icon
Binary Analysis Cookbook
Binary Analysis Cookbook
Read more
Binary Analysis is a complex and constantly evolving topic, crossing into several realms of IT and information security. The recipes in this book will serve as a good reference for you to get a better understanding of various aspects related to analyzing malware, identifying vulnerabilities in code, exploit writing and reverse engineering.
Read more
Sep 2019 13h 12m
Learning Malware Analysis
Learning Malware Analysis
Read more
Malware analysis and memory forensics are powerful analysis and investigation techniques used in reverse engineering, digital forensics, and incident response. This book teaches you the concepts, tools, and techniques to determine the behavior and characteristics of malware using malware analysis and memory forensics.
Read more
Jun 2018 17h 0m
Mastering Malware Analysis
Mastering Malware Analysis
Read more
Malware analysis is a powerful investigation technique widely used in various security areas including digital forensics and incident response processes. Working through practical examples, you'll be able to analyze any type of malware you may encounter within the modern world.
Read more
Jun 2019 18h 44m
Antivirus Bypass Techniques
Antivirus Bypass Techniques
Read more
Antivirus Bypass Techniques follows a unique approach that will help you explore the security landscape, understand the fundamentals of antivirus software, and put antivirus bypass techniques to use. This book will enable you to bypass antivirus software solutions in order to develop efficient antivirus software.
Read more
Jul 2021 8h 4m
Mastering Reverse Engineering
Mastering Reverse Engineering
Read more
Reverse engineering is a tool used for analyzing software, to exploit its weaknesses and strengthen its defenses. Hackers use reverse engineering as a tool to expose security flaws and questionable privacy practices. This book helps you to master the art of using reverse engineering.
Read more
Oct 2018 14h 32m
Malware Analysis Techniques
Malware Analysis Techniques
Read more
Comprehensive threat analysis is important for incident responders as it helps them to ensure that a threat has been entirely eliminated. This book shows you how to quickly triage, identify, attribute, and remediate threats with proper analysis techniques, and guides you in implementing your knowledge to prevent further incidents.
Read more
Jun 2021 9h 24m
Right arrow icon

Personalised recommendations for you

Based on your interests and search pattern
Left arrow icon
Attacking and Exploiting Modern Web Applications
Attacking and Exploiting Modern Web Applications
Read more
Attacking and Exploiting Modern Web Attacks will help you understand how to identify attack surfaces and detect vulnerabilities. This book takes a hands-on approach to implementation and associated methodologies and equips you with the knowledge and skills needed to effectively combat web attacks.
Read more
Aug 2023 11h 16m
Automotive Cybersecurity Engineering Handbook
Automotive Cybersecurity Engineering Handbook
Read more
This Automotive Cybersecurity Engineering Handbook untangles the complexities of building secure automotive products and helps you to comply with cybersecurity standards. It provides practical tools, tips, and techniques coupled with real-world examples to enable you to create cyber-resilient automotive products with ease.
Read more
Oct 2023 13h 4m
Official Google Cloud Certified Professional Cloud Security Engineer Exam Guide
Official Google Cloud Certified Professional Cloud Security Engineer Exam Guide
Read more
This book will help you to design, develop, and operate security controls on Google Cloud as well as discover best practices for relevant security domains, including identity and access management, network, and data.
Read more
Aug 2023 16h 32m
Cloud Penetration Testing for Red Teamers
Cloud Penetration Testing for Red Teamers
Read more
The advent of cloud networks and the AWS, Azure, and GCP platforms has revolutionized how companies of all sizes in all industries do business online. This book will help you meet the emerging demand for pentesting as it guides you through the tools, techniques, and security measures used by pentesters and red teamers in the 2020s and beyond.
Read more
Nov 2023 9h 56m
ISACA Certified in Risk and Information Systems Control (CRISC®) Exam Guide
ISACA Certified in Risk and Information Systems Control (CRISC®) Exam Guide
Read more
ISACA Certified in Risk and Information Systems Control (CRISC®) Certification Guide is an enterprise IT risk management professional's dream. With its in-depth approach and various self-assessment exercises, this book arms you with knowledge of every single aspect of the certification, and is a fantastic career companion after you're certified.
Read more
Sep 2023 10h 32m
Burp Suite Cookbook
Burp Suite Cookbook
Read more
Burp Suite is an immensely powerful and popular tool for web application security testing. This book provides a collection of recipes that address vulnerabilities in web applications and APIs. It offers guidance on how to configure Burp Suite, make the most of its tools, and explore into its extensions.
Read more
Oct 2023 15h 0m
Building and Automating Penetration Testing Labs in the Cloud
Building and Automating Penetration Testing Labs in the Cloud
Read more
This hands-on guide will help you design and build a variety of penetration testing labs that mimic modern cloud environments running on AWS, Azure, and GCP. In addition to these, you will explore a number of practical strategies on how to manage the complexity, cost, and security risks involved when setting up vulnerable cloud lab environments.
Read more
Oct 2023 18h 44m
Ethical Hacking Workshop
Ethical Hacking Workshop
Read more
As cyber-attacks grow and APT groups advance their skillset, you need to be able to protect your enterprise against cyber-attacks. In order to limit your attack surface, you need to ensure that you leverage the same skills and tools that an adversary may use to hack your environment and discover the security gaps. This book will teach you how to think like a hacker, use state-of-the-art hacking tools, and protect yourself and your organizaiton.
Read more
Oct 2023 7h 20m
Windows Forensics Analyst Field Guide
Windows Forensics Analyst Field Guide
Read more
This book contains step-by-step processes to guide you in any investigation related to Windows OS. You’ll find out how to acquire evidence using multiple tools as well as examine and analyze the collected artifacts, while discovering multiple techniques used in real-world forensic incidents.
Read more
Oct 2023 10h 36m
Implementing DevSecOps Practices
Implementing DevSecOps Practices
Read more
This book is a comprehensive, hands-on guide for individuals new to DevSecOps who want to implement DevSecOps practices successfully and efficiently. With its help, you’ll be able to shift security toward the left, enabling you to merge security into coding in no time.
Read more
Dec 2023 8h 36m
Right arrow icon