Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

External Ghidra Server Integration #460

Merged
merged 2 commits into from
May 24, 2024
Merged

External Ghidra Server Integration #460

merged 2 commits into from
May 24, 2024

Conversation

SamL98
Copy link
Collaborator

@SamL98 SamL98 commented Apr 26, 2024
edited by dannyp303

Allows for users to connect to an external ghidra server by changing the host in ofrak_ghidra.conf.yml. Also exposes OFRAK's ghidra server for users to connect an external ghidra instance to.

One sentence summary of this PR (This should go in the CHANGELOG!)

Link to Related Issue(s)

Please describe the changes in your request.

Anyone you think should look at this, specifically?

@SamL98 SamL98 mentioned this pull request Apr 26, 2024
Open
@dannyp303
Copy link
Collaborator

I am testing trying to use exclusively an external ghidra server with OFRAK using the headless analyzer to connect to it.
The CreateRepository.java file creates a new respository for OFRAK, but that command is run in run_ghidra_server.sh, which we shouldn't have to run to allow the client to work with an external server.

running the command ./support/analyzeHeadless . dummy -postScript CreateRepository.java root changeme <myserverhostname> 13100 -scriptPath <path_to>/ofrak_ghidra/ofrak_ghidra/ghidra_scripts/ -deleteProject -noanalysis allows me to connect to the external server and provides it the scripts required to do ofrak analysis.

We need to run that command somewhere, make it more generic and remove it from the shell script that starts the server and instead run it when the client starts. Probably also test the server for the repo ofrak and don't run it if that repo exists.

@dannyp303
Copy link
Collaborator

I am testing trying to use exclusively an external ghidra server with OFRAK using the headless analyzer to connect to it. The CreateRepository.java file creates a new respository for OFRAK, but that command is run in run_ghidra_server.sh, which we shouldn't have to run to allow the client to work with an external server.

running the command ./support/analyzeHeadless . dummy -postScript CreateRepository.java root changeme <myserverhostname> 13100 -scriptPath <path_to>/ofrak_ghidra/ofrak_ghidra/ghidra_scripts/ -deleteProject -noanalysis allows me to connect to the external server and provides it the scripts required to do ofrak analysis.

We need to run that command somewhere, make it more generic and remove it from the shell script that starts the server and instead run it when the client starts. Probably also test the server for the repo ofrak and don't run it if that repo exists.

I think the best way to solve this issue is to create a ofrak server connect command with server options. In doing this i also think we should get rid of the ofrak_ghidra.conf.yml arch for selecting a server and make it arguments to ofrak server start with the defaults as what is currently in the config, using the same arch for the connect command.

@whyitfor thoughts?

@dannyp303 dannyp303 self-requested a review May 24, 2024 17:30
@dannyp303
Copy link
Collaborator

Good as is, will open a new MR with my proposed changes to better connect to external server

@SamL98 SamL98 merged commit f3e583c into redballoonsecurity:master May 24, 2024
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dannyp303 dannyp303 Awaiting requested review from dannyp303

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@SamL98 @dannyp303