ghidra¶
The Ghidra reverse engineering tool.
Ghidra: https://github.com/NationalSecurityAgency/ghidra.
Functions
|
Build the Control Flow Graph starting at the given entrypoint. |
Classes
|
Disassembles the given code with Ghidra. |
- undertale.datasets.pipeline.disassemblers.ghidra.build_control_flow_graph(api, entry, ipcfg=False)¶
Build the Control Flow Graph starting at the given entrypoint.
Start at the specified entrypoint and slice forward to build the graph.
- Parameters:
api – The Ghidra FlatAPI.
entry – The entry address from which to start building the graph
ipcfg – If True, generate an interprocedural CFG (i.e., allow the traversal to exit the current function and ignore function boundaries).
- Returns:
A graph of the (IP)CFG starting at the specified entry point, a string containing the disassembled basic blocks from the CFG in address order, and a string containing the decompiled function(s) in address order.
- class undertale.datasets.pipeline.disassemblers.ghidra.GhidraDisassembler(*args, **kwargs)¶
Bases:
PipelineStepDisassembles the given code with Ghidra.
- Parameters:
language – A Ghidra language identifier. If not provided, Ghidra will attempt to auto-detect the input language - if this fails, an exception will be raised.
entry – A function to determine the entry address. If not provided, Ghidra will attempt to auto-detect the entrypoint - if this fails, an exception will be raised.
- Input:
Raw shellcode (or compiled, individual functions).
- Output:
Adds the fields disassembly, decompilation, and cfg to the document metadata, produced by Ghidra. Does not modify the text field.