增强现实AR>> py-findcrypt-ghidra>> 返回
项目作者: AllsafeCyberSecurity

项目描述 :
FindCrypt for Ghidra written in Python
高级语言: Python
项目地址: git://github.com/AllsafeCyberSecurity/py-findcrypt-ghidra.git
创建时间: 2020-05-12T17:32:06Z
项目社区:https://github.com/AllsafeCyberSecurity/py-findcrypt-ghidra
开源协议:Apache License 2.0
下载


py-findcrypt-ghidra

FindCrypt for Ghidra written in Python.
All constants are referenced from findcrypt.

Installation

clone this repository and add the cloned path to Script Directories in Script Manager of Ghidra.

Usage

Run findcrypt.py after installation. once successfully done, this script will show the found algorithm name and address, like following.

  1. findcrypt.py> Running...
  2. [*] processing non-sparse consts
  3.  [+] found CRC32_m_tab_le for CRC32 at 4b2992d0
  4.  [+] found SHA256_K for SHA256 at 4b28d9e0
  5. [*] processing sparse consts
  6.  [+] found SHA256_H for SHA256 at 4b2edb20
  7.  [+] found MD5_initstate for MD5 at 4b37a610
  8. [*] processing operand consts
  9. findcrypt.py> Finished!

Known issues

  • can’t find consts in 64bit binary
  • maybe doesn’t work for sparse consts in non-function