(I initially created the SH4 plugin for hopper 3 and never actually finished porting it to version 4. I see some of the processor extensions actually do include source code, but I don't want to be the one who does it. I wonder how long before people start making processor extensions for it. Having a psuedocode decompiler is a huge time saver for me, and I think I'm from now on I'm going to swap between Ghidra and Hopper based on whichever does a better job for what I'm looking at. Could be my fault for not completely understanding things, but all I did was right click on one of the variables it generated and tried to give it a name.Īs a free tool, it's extremely good. In the same scenario, Hopper instead does pointer operations against an offset of the starting address which is easier to read than figuring out all mapping between variables and indexes.(And when I tried to rename one of the variables Ghidra generated, suddenly a bunch of code disappeared from the function. In a method that declares an array of 16 floats to do some matrix multiplication, Ghidra decides to declare 16 separate variables in backwards order for indexes in the array. In general it's more advanced than Hopper's, especially with support for function argument detection, but at the same time there are things that it does worse. The decompiler is a mixed bag compared to the one in Hopper. My reference for comparison is against Hopper Disassembler on macOS, which I bought years ago because it was so much more affordable than IDA was and it included a decompiler at no extra cost unlike IDA.Ĭompared to that, obviously the UI is worse but that's the first thing everyone will notice anyway since Ghidra is a java app. I really hope people pick this up and work on it, know.Ĭlick to expand.I was playing with it earlier this week and say it's pretty good. It certainly does feel like much that you can do in IDA Pro you can do in Ghidra as well, if you can only figure out how to do it. I haven't depended on the auto analysis yet, so I'm not sure how completely dependable it is. It's surprising how much this can do despite being free. I kinda like it more than graphing to be honest. Ghidra has an undo button And it works (IDA doesn't and it's super annoying) As of version 7.3 IDA has an undo feature. Seeing everything be represented in pseudo-c does help a bit. Ghidra has collaborative disassembly/decompiler projects built in by design, whereas IDA requires plugins to do collaboration and the IDA database files are not designed to be shared. Disassembling Mega Drive games with it yields some interesting results: I don't think systems that use bank switching are natively supported (?). Unfortunately there aren't any loaders for disassembling ROMs from various systems, but it's trivial to set the project up. It even supports generating program differences, something I haven't tried yet. You can create a project and set it up as a server to do collaboration with multiple users. It supports MIPS, PPC, ARM, x86/圆4, and even a few legacy cpus as well. It supports many architectures, including a few of their variants (the 68000 and z80 is among the ones that are supported). It can turn pretty much any architecture it supports into pseudo-c. So the NSA recently released Ghidra, their open/multiplatform disassembler for free.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |