This tool provides a command-line interface (CLI) to automatically decompile binaries using Ghidra.
- Ghidra (Version 10.3.2 or newer recommended)
- Python 3.x
-
Ensure Ghidra is installed on your system.
-
Update the
GHIDRA_PATHvariable in thedecompile_cli.pyscript to point to your Ghidra installation directory. -
Clone this repository or download the necessary scripts (
decompile_cli.pyandExportDecompiledCode.java). -
Optionally, run the
install_tools.shscript to copy the necessary files to the correct location (if provided):chmod +x install_tools.sh ./install_tools.sh
Once installed, you can use the decompile_cli.py script to decompile binaries:
python3 /usr/local/bin/decompile_tools/decompile_cli.py -b <path_to_binary> -o <output_directory>Arguments:
-bor--binary: The path to the binary you want to decompile.-oor--output: The directory where you want to save the decompiled code.
- Automated decompilation without having to manually open Ghidra.
- Outputs Ghidra's stdout and stderr for debugging purposes.
- Saves decompiled code to the specified directory.
- Currently, the tool supports ELF binaries for 64-bit Linux systems. Support for other binary formats and platforms may be added in future versions.
- The tool assumes Ghidra's
analyzeHeadlessscript is accessible through the specifiedGHIDRA_PATH. - The
ExportDecompiledCode.javascript should be located at../java/ExportDecompiledCode.javarelative to thedecompile_cli.pyscript, or its path should be updated in the script.
Contributions are welcome! Please submit a pull request or open an issue to discuss proposed changes or report bugs.
This tool is released under the MIT License. See LICENSE for more details.