Application Development

Software tool can deep look into malware and design weakness – Ghidra

Preface: Ghidra is one such well-known software reverse engineering toolkit that the NSA agency has been using for a long time.

Synopsis: He ensured the audience that there’s no backdoor in Ghidra, said Rob Joyce, the cybersecurity adviser to the NSA director.

About installation: Quick and simple way

Prerequisite: Since “Ghidra” relies on JDK 11+ and therefore your Linux OS might require to update. For example: I am using Fedora system. In order to avoid any technical problem occurs during installation. My Fedora upgrade to Fedora 28.

1. Before kick start do the installation, please confirm your current OS whether compatibility with JDK 11+.

2. If you don’t have any technical concerns about item 1, you can download the software by going to the url below.

https://ghidra-sre.org/ghidra_9.0_PUBLIC_20190228.zip

3. Copy file (ghidra_9.0_PUBLIC_20190228.zip) to your decide location (/home/xxxx/ghidra).

Remark: xxxx is your user name in Linux

4. Permission setting

chmod 755 ghidra_9.0_PUBLIC_20190228.zip

5. unzip the download file

unzip ghidra-sre.org/ghidra_9.0_PUBLIC_20190228.zip

Now do the JDK 11+ installation:

6. As said, I am working on Fedora 28.So download the require JDK 11+ source file in the following location:

curl -O https://download.java.net/java/GA/jdk11/13/GPL/openjdk-11.0.1_linux-x64_bin.tar.gz

7. After the download, extract the archive

tar zxvf openjdk-11.0.1_linux-x64_bin.tar.gz

8. Move the resulting folder to /usr/local/

sudo mv jdk-11* /usr/local/

9. Set environment variables (create or edit existing jdk11.sh file)

sudo vi /etc/profile.d/jdk11.sh

Add:

export JAVA_HOME=/usr/local/jdk-11.0.1

export PATH=$PATH:$JAVA_HOME/bin

10. Source your profile file and check java command

$ source /etc/profile.d/jdk11.sh

$ java -version

openjdk version “11.0.1” 2018-10-16

OpenJDK Runtime Environment 18.9 (build 11.0.1+13)

OpenJDK 64-Bit Server VM 18.9 (build 11.0.1+13, mixed mode)

11. $ which java

/usr/local/jdk-11.0.1/bin/java

12. Installation has been done.

13. You can go to Ghidra now. Go the location which Ghidra in place. Then execute ./ghidraRun .

For users instruction, please refer below url:

https://ghidra-sre.org/InstallationGuide.html

End.