CC: Ghidra- Tryhackme Walkthrough

A crash course on the reverse engineering tool Ghidra. You can access the room through this link https://tryhackme.com/room/ccghidra

Hi everyone, I am Mrinal Prakash aka EMPHAY and today I would take you to the walkthrough of the Crash Course for Ghidra on TryHackme. GHIDRA is a tool created by the NSA that allows the user to analyze binaries. It is well known for it’s incredible de compiler which converts the assembly in the binary to C.

The GHIDRA download can be found on this link: https://ghidra-sre.org

Note: Assembly and C knowledge are highly recommended

Note: Ghidra requires an semi-new version of java(11+). If you do not have the jre or the jdk, you can install it with sudo apt install openjdk-13-jre openjdk-13-jdk

TASK 1: Intro

  1. Read the above!
    No Answers needed

TASK 2: Creating A New Project

  1. Read and follow along with the above instructions.
    No Answers needed

TASK 3: Analyzing a Binary

  1. Read and follow along with the above instructions!
    No Answers needed

TASK 4: It’s your turn!

  1. How many user created functions(including main) are there

2

2. What is the first variable set to in the main function?

10

3. What is the first variable set to, in the function “fn1”?

hello

4. If you provide the input “1”, when you run the binary, what would the output be.(Note you can just run the binary to find this out, but that would defeat the whole purpose!).

nice!

TASK 5: Miscellaneous operations

  1. Read and follow along with above!
    No Answers needed

TASK 6: Final Exam

  1. What outputs the good job message?
    goodjob

Hope you all enjoyed going through this walkthrough. If you like my article clap for me and do follow me as well. Till then goodbye and Happy Hacking.

Hacker || Student || CTF Player || Coder || Editor at A&M Publications

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store