Anonymous ID: 08b1d4 May 4, 2020, 11:37 p.m. No.9035439   🗄️.is 🔗kun   >>5468

>>9035053

Not necessarily.

Ghidra is designed to produce source code from a compiled executable/binary.

 

How do I explain to those not familiar with programming…?

 

A computer operates based off of instructions and addresses. Think of it like a calculator that loads values from compartments and calculates them before writing to new compartments or overwriting an old value. Some compartments contain instructions. Some addresses to be computed, etc etc.

A compiler takes code written in a language and reduces it down to machine language. The computer has no clue what the value of your character's health in a game is, for example, nor does it understand that the address for this character 'n' is an n. It simply sees values and operates on them.

This means that compiled code is basically impenetrable without a lot of time spent to analyze the binary. Back in the old days, hacking binaries was a combination of skill, persistence, luck, and voodoo. You had to know which direction to dance while sacrificing the chicken to find the right value to monkey with. And inserting new code or otherwise restructuring the binary was next to impossible.

 

Ghidra allows the code to be expanded and mapped. Obviously, it doesn't know if a value is for "health" or not - it simply can tell you what things feed into a value and effectively reconstruct valid source code from a binary - which can then be further analyzed and understood.

 

So you could plug in Facebook's app code and then start to break down what all it does. Completely - as it executes on the machine.

Or Android, itself.

 

A full breakdown of some apps would require further breakdowns of operating system functions and even trying to break down server-side code that is not executed locally.