Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/nstarke/baseaddressdiscoverererer

A python3 script for generating a list of possible base addresses given a raw binary program
https://github.com/nstarke/baseaddressdiscoverererer

Last synced: 8 days ago
JSON representation

A python3 script for generating a list of possible base addresses given a raw binary program

Host: GitHub
URL: https://github.com/nstarke/baseaddressdiscoverererer
Owner: nstarke
License: mit
Created: 2023-03-05T15:24:58.000Z (over 1 year ago)
Default Branch: main
Last Pushed: 2024-06-14T15:19:46.000Z (5 months ago)
Last Synced: 2024-10-07T21:23:02.831Z (29 days ago)
Language: Python
Size: 35.2 KB
Stars: 10
Watchers: 3
Forks: 1
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# BaseAddressDiscoverererer

This is a set of python3 scripts for bruteforcing the load address of a raw binary program. The scripts use ghidra to analyze raw binary data using a series of load addresses and then checking how many internal strings were resolved in the analysis for each base address attempt.

This is a useful toolset when you have a raw binary image with no ELF, PE32, Mach-O, or COFF header, as we sometimes see in low-level boot images for embedded devices (think `U-boot`, etc).
## Requirements

These scripts require Ghidra `11.0.3` to be installed at `/opt/ghidra-11.0.3` and the `CountReferencedStrings.java` to be in one of the ghidra script locations, preferably `~/ghidra_scripts`. If `CountReferencedStrings.java` is left in the root directory, the scripts will fail to work properly; I recommend you `mv` the `CountReferencedStrings.java` file to a ghidra script directory. Make sure it is not in the repository directory you are running the scripts from.