This repository contains integration scripts to interop Ghidra and radare2.
It's just an Ghidra plugin that starts an http server to let r2 talk to it.
- Decompile current function
- Load the decompiler output as comments
- List functions found by Ghidra ('afl')
- List symbols 'is' from Ghidra bin parser
- Import comments from Ghidra into r2
- Read/Write ghidra's session remote memory contents
-
Install Ghidra using r2pm
$ r2pm -i ghidra
-
Symlink the R2GhidraServer.java into the ghidra plugins directory
$ make install
-
Start ghidra and doubleclick the script to get the http server
$ r2pm -r ghidraRun
-
Attach r2 to the ghidra session
$ r2 r2web://localhost:8002/cmd
-
Run commands into the ghidra server from r2 or the shell
- :pdd
- !curl http://localhost:8002/cmd/p8%2080
$ r2 r2web://localhost:9191/cmd
[0x00000000]> :?
Usage: [ghidra-r2web-command .. args]
? - show this help message
?V - show Ghidra Version information
?p [vaddr] - get physical address for given virtual address
f [name] - set flag to the current offset inside ghidra (label)
i - show program information (arch/bits/hash..)
/ [string] - search for given string (which may contain \x hex)
s ([addr]) - check or set current seek address
b ([bsize]) - get or set blocksize
CC [comment] - add or replace comment in current offset
Cs - define a string in the current address
Cd - define a dword in the current address
aa - analyze all the program
af - analyze function in current address
afi - get current function information
afl - list all functions analyzed by Ghidra
px - print Hexdump
pdd - print decompilation of current function
pdd* - decompile current function as comments for r2
q - quit the ghidra-r2web script
[0x00000000]> \?V
9.0.4
[0x00000000]>
--pancake