Ghidra Wasm plugin with disassembly and decompilation support

Related tags

ghidra-wasm-plugin
Overview

Module to load WebAssembly files into Ghidra, supporting disassembly and decompilation.

This plugin borrows loader functionality from this repo: https://github.com/andr3colonel/ghidra_wasm

Currently able to disassemble and decompile simple modules, still needs some debugging and feature work to be production-ready.

image

TODO:

  • Debug intraprocedural control flow
  • Parse type section
  • Convert type definitions to Ghidra function signatures (skipped, might be better to just let the decompiler infer)
  • Handle function call sites
  • Table/ref instructions
  • br_table disassembly + decompilation
Issues
  • Unable to import wasm file (language not found)

    Unable to import wasm file (language not found)

    Hey,

    First of all, thanks for this plugin. I managed to build it with ghidra 10, but when I try to import a wasm file, I get

    "Can't get the language for Wasm:LE:32:default:default"

    Do you know where it could come from ? :(

    pic_1 pic_2

    opened by jambon69 1
  • Fix call stack pops and push

    Fix call stack pops and push

    There was an issue in the injected pcode for calls: SP was save before parameter pops and restored before pushing the result value. Parameters where never "consumed" from the stack which was simply growing with each return.

    I moved the SP backup to after parameter pops to correct this behavior. This fixed the stack alignment issue and in_SPstatements in the decompilation.

    opened by cmorin6 1
  • br_table support

    br_table support

    I think the pcode stack is getting misaligned with the semantics at some point leading to some very verbose in_SP statements being generated. Needs some debugging before this can be merged

    opened by garrettgu10 1
  • Fix Leb128 parsing of WasmLoader.

    Fix Leb128 parsing of WasmLoader.

    I encountered some wasm files that weren't loading properly due to Leb128 parsing. The current implementation tries parsing the vale from an array of 5 bytes then compute and consume the expected byte size from the reader. The issue came from Leb128 values that where padded with null bytes (probably as some anti-reversing technique) causing the parsing size and consumed size to differ, leading to a misaligned parsing of the following structures and a failure to load the wasm file.

    Example: e2 81 80 80 00 and e2 01 are both "valid" representation of the value 226 in LEB128

    I opted to reuse the LEB128 utility already present in Ghidra for the Dwarf parsing that didn't suffer from this issue.

    opened by cmorin6 0
  • Load data segments

    Load data segments

    This enables proper analysis of memory references, etc. The code for loading the offset expression is hacky, and in a future commit I'll refactor it to use a reusable expression parser (so we can eventually handle globals, element tables, and other features).

    opened by nneonneo 0
Releases(0.02)
Owner
Garrett Gu
Garrett Gu
:package: Gradle/Maven plugin to package Java applications as native Windows, Mac OS X, or GNU/Linux executables and create installers for them.

JavaPackager JavaPackager is a hybrid plugin for Maven and Gradle which provides an easy way to package Java applications in native Windows, Mac OS X

Francisco Vargas Ruiz 376 Sep 7, 2021
Publish Jenkins performances metrics to an OpenTelemetry endpoint, including distributed traces of job executions and health metrics of the controller.

OpenTelemetry Introduction Architecture Features Getting Started Examples Configuration as Code Contributing Introduction Collect Jenkins monitoring d

Jenkins 38 Sep 16, 2021
AspectJ Maven Plugin

AspectJ Maven Plugin Overview This plugin weaves AspectJ aspects into your classes using the AspectJ compiler ajc. Typically, aspects are used in one

null 11 Aug 27, 2021
A BurpSuite plugin for BBRF

bbrf-burp-plugin What's BBRF? The Bug Bounty Reconnaissance Framework (BBRF) is intended to facilitate the workflows of security researchers across mu

Pieter 18 Jun 20, 2021
Maven plugin to help creating CHANGELOG by keeping one format and solving merge request conflicts problem by extraction of new CHANGELOG entries to seperate files.

keep-changelog-maven-plugin CHANGELOG.md is one of the most important files in a repository. It allows others to find out about the most important cha

Piotr Zmilczak 21 Jun 14, 2021
maven plugin for making chmod +x jar files

To use it, add a plugin to your pom like <!-- You need to build an exectuable uberjar, I like Shade for that --> <plugin> <groupId>org.apache.mave

Brian McCallister 99 Sep 14, 2021
Prosta wtyczka na serwery Minecraft mająca za zadanie karać graczy za wyjście z gry podczas walki.

Czym jest combat-plugin? combat-plugin jest wtyczką na serwery Minecraft który ma za zadanie karać graczy którzy wyjdą z serwera podczas walki. Wtyczk

Mikolaj 13 Sep 5, 2021
Flutter plugin to listen to the process text intent stream.

Flutter Process Text Plugin Compatibility ✅ Android ❌ iOS (active issue: iOS support) Show some ❤️ and ⭐ the repo Why use Flutter Process Text? Flutte

Devs On Flutter 11 Jul 5, 2021
Flutter plugin to listen to the process text intent stream.

Flutter Process Text Plugin Show some ❤️ and ⭐ the repo Why use Flutter Process Text? Flutter Process Text Plugin is known for : Flutter Process Text

Divyanshu Shekhar 11 Jul 5, 2021
This simple Android Studio plugin includes keyboard shortcuts for many common actions.

Hotkeys This simple Android Studio plugin includes keyboard shortcuts for many common actions. Features • Build process • Contribute • License Feature

SACHIN KASARADDI 12 Jul 6, 2021
The best plugin to protect anarchy servers and mc servers in general against op attacks.

AdminSecure The best plugin to protect anarchy servers and mc servers in general against op attacks How does it work? When the server detects a player

PK2_Stimpy 3 Sep 2, 2021
HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite

HopLa ?? All the power of PayloadsAllTheThings, without the overhead. This extension adds autocompletion support and useful payloads in Burp Suite to

Synacktiv 382 Sep 9, 2021
IzPack - Source Code

IzPack IzPack is a widely used tool for packaging applications on the Java platform as cross-platform installers. License IzPack is published under th

IzPack 270 Sep 4, 2021
A simple but helpful fight plugin with rank support

RankFight A simple but helpful fight plugin with rank support HighLights PlceholderAPI Support %rankfight_rank% %rankfight_credit% %rankfight_shopCred

贺兰星辰 5 Aug 8, 2021
JitPack is a novel package repository for JVM and Android projects.

JitPack is a novel package repository for JVM and Android projects. It builds Git projects on demand and provides you with ready-to-use artifacts (jar, aar).

JitPack 2.1k Sep 17, 2021
程序员常用的工具集Idea插件,帮助开发人员提升效率

Programmer toolkit Github地址: https://github.com/silently9527/ToolsetIdeaPlugin Gitee地址: https://gitee.com/silently9527/ToolsetIdeaPlugin 觉得好用的小伙伴记得小手一

Silently9527 305 Sep 6, 2021
Spring Native provides beta support for compiling Spring applications to native executables using GraalVM native-image compiler.

Spring Native provides beta support for compiling Spring applications to native executables using GraalVM native-image compiler.

Spring Projects Experimental 2.2k Sep 18, 2021
Ask and replay plugin for Mirai-Console

EntryLib EntryLib 是一个基于 Mirai-Console 的插件,用于实现群词条、自定义回复或更多功能。 目录 声明 使用方法 基本指令列表 额外说明 配置项 控制台 数据库结构 To-Do List 插件依赖 声明 本插件仅作为学习交流等使用,请勿用于盈利,否则法律后果自负。 欢

Bill Yang 18 Sep 8, 2021
🔥🔥🔥 Flutter 广告插件 -- 腾讯广告、广点通、优量汇 (支持开屏、插屏、激励视频、Banner)

一款优质的 Flutter 广告插件(腾讯广告、广点通、优量汇) 插件特点 ?? 接入简单快速(封装原生端配置,仅需引入即可开始) ?? 事件统一返回(将原生端各种重要回调事件统一返回,方便业务处理和埋点统计等需求) ?? 注重优化体验(无闪烁 Logo 开屏、权限申请、隐私跟踪申请等) ?? 极客

null 17 Sep 12, 2021