The purpose of gdbghidra is to provide means during interactive debug sessions in gdb to quickly follow the flow in GHIDRA; similar to our gdbida plugin for IDA Pro. gdbghidra is not meant to be a full debugger. Instead, it merely serves as a small helper tool to assist during interactive debug sessions that make use of a mixture of tools. It provides simple means to quickly follow along a gdb debug session in GHIDRA. Also it does not need any dependencies on the Python side.
gdbghidra consists of the following two parts:
- dist/ghidra_9.0.1_PUBLIC_*_GDBGHIDRA.zip
- data/gdb_ghidra_bridge_client.py : gdb python script
- Sync/colorize cursor inside GHIDRA to PC of GDB session
- Sync stack to GHIDRA on GDB break
- Automatically set register values within GHIDRA for better decompilation
- GHIDRA register window
- Set/Toggle/Delete breakpoints from GHIDRA
- Automatic relocation
Make a change the ~/.gdbinit configuration file to include the plugin:
source ~/gdb_ghidra_bridge_client.py
To install the plugin in GHIDRA follow these steps:
- Open GHIDRA and select
File/Install Extensions. - Press the green
+button and selectdist/ghidra_9.0.1_PUBLIC_*_GDBGHIDRA.zip. - Make sure the Plugin has a tick in the box left.
- Start GHIDRA CodeBrowser.
- Open
File/Configureand press the adapter icon in above left oft 'Ghidra Core'. - Filter for
gdband make sureGDBGhidraPluginis enabled.
Now you should see the GDBGhidraPlugin window. You can now configure the listener port using the configuration button and start the server using the refresh button.
Next, configure the gdb stub to connect to gdbghidras's port (either command line or gdbinit):
ghidrabridge 10.0.10.10:2305
To build this plugin using gradle run the following command inside gdbghidra directory
gradle -PGHIDRA_INSTALL_DIR=<PATH_TO_GHIDRA_FOLDER>This produces a fresh extension zip within the gdbghidra/dist folder.
If you want to build gdbghidra from source using GHIDRA's eclipse environment make sure to add json-simple-1.1.1.jar to the classpath as follows:
- Click the
RunMenu and selectRun Configurations. - Navigate to
Ghidra/GDBGhidraand selectClasspath. - Navigate down the list to
User Entries, selectUser Entriesand click onADD JARS.... - Select
lib/json-simple-1.1.1.jar
Between GHIDRA and GDB a simple JSON message format is spoken which could also be used to connect other tools/debuggers to this GHIDRA plugin.
Please be aware that this is not considered to be finished. Specifically, the following thoughts are on my mind:
- Network listening input masks untested for errors.
- The network connection is not authenticated in any way.
- A lot of potential for additional commands. For now, I kept it super simple.
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent