GHIDRA plugin to parse, disassemble and decompile NodeJS Bytenode (JSC) binaries

Related tags

Testing nodejs javascript jsc ghidra
Overview

ghidra_nodejs

Description

GHIDRA plugin to parse, disassemble and decompile NodeJS Bytenode (JSC) binaries.

Supported NodeJS versions:

  • v8.16.0 (x64) (V8 version: 6.2.414.77)
  • v8.16.0 (x86) (V8 version: 6.2.414.77)

Build instructions

  1. Clone the repo
  2. Import the repo into Eclipse with GhidraDev plugin installed
  3. Link Ghidra to your Ghidra's installation (option in the project's context menu)
  4. Export & build plugin using the project's context menu. Eclipse will generate a resulting .zip archive with the plugin.
  5. In Ghidra: File->Install Extensions...->Press green (Plus/+) button, then select previously generated .zip archive to install it. Press OK, then Restart Ghidra.
  6. Drag-n-drop jsc files.
Comments
  • Why is bytecode different in x86 and x64 architectures

    Why is bytecode different in x86 and x64 architectures

    Bytecode should be platform-independent. Do you know why bytecode generation is different in different architectures? (This problem has nothing to do with this repo, it's just a technical consultation):)

    opened by Zhxhh 3
  • Other node versions support

    Other node versions support

    First of all, amazing work on this add-on.

    This is more a question then a issue, i wanted to know if you guys are planning on adding other versions of node JS and i was curious on how similar is the V8 bytecode from on version of node to the other.

    I tried other versions of node that are not supported and as expected it did not work.

    Thanks

    opened by louistb 3
  • Language

    Language

    When I try to dragndrop the file into ghidra I must specify a language, but what language do I need to provide? You maybe got a way to get in contact with you?

    opened by fumixia 3
  • Error fetching constant poolrecord

    Error fetching constant poolrecord

    Hi! I get this error when decompiling. I installed the extension from the Releases tab. Maybe my v8 version is incompatible?

    Low-level Error: Error fetching constant poolrecord: 
Cannot invoke "ghidra.program.model.util.ObjectPropertyMap.getObject(ghidra.program.model.address.Address)" 
because "map" is null
    opened by 55nknown 2
  • V8 Snapshot Data Blobs

    V8 Snapshot Data Blobs

    i tried to open v8::ScriptCompiler or V8 Snapshot Data Blobs using this ghidra node js plugin but failed. Do you know how to debug this v8 snapshot data?

    opened by araneta 0
  • Incompatible extension version

    Incompatible extension version

    I've encountered an error that say 'extension version is incompatible with ghidra', is this due to me going wrong with the installation somewhere or what? I'd appreciate any assistance!

    opened by haxmith 1
  • How can I debug in eclipse with this plugin?

    How can I debug in eclipse with this plugin?

    I have done as follows:

    1. Clone the repo
    2. Import the repo into Eclipse with GhidraDev plugin installed
    3. Link Ghidra to your Ghidra's installation (option in the project's context menu) Then I click "Run" in eclipse. Ghidra started then I drag "samples/ndoejs_x86/raw_x86.jsc" in it. However, it can't automatically distinguish language so I select v8 bytecode_x32, then console's output is
    ERROR Language V8:LE:32:default does not specify a valid pcodeInjectLibraryClass (BasicCompilerSpec)  
ERROR Error Importing File: Error importing file: raw_x86.jsc (ImporterUtilities) java.lang.RuntimeException: Failed to instantiate v8_bytecode.V8_PcodeInjectLibrary for language V8:LE:32:default
    opened by Zhxhh 0
Releases(v1.0)
Owner
Positive Technologies
PT open source projects.
Positive Technologies
GitHub
Burpsuite plugin for Interact.sh

Interactsh Collaborator This is a Burpsuite plugin for Interact.sh This plugin implements the client side logic from interactsh-client. It will allow

Wyatt Dahlenburg 151 Nov 30, 2022
A plugin for the ja-netfilter, it can block dns resolution.

A plugin for the ja-netfilter, it can block dns resolution.

null 17 May 12, 2022
A small Private Messaging Minecraft Plugin

Project PM is a Private Messaging system Mini-Plugin Description ?? This is a test plugin, meaning I didn't really intend it for the public use, the "

ren 1 Sep 15, 2022
FreedomChat is a very simple plugin that makes player chat unreportable.

FreedomChat is a very simple plugin that makes player chat unreportable. FreedomChat completely disables chat reporting for 1.19+ without other negative consequences and maximum compatibility.

null 127 Jan 7, 2023
JVM version of Pact. Enables consumer driven contract testing, providing a mock service and DSL for the consumer project, and interaction playback and verification for the service provider project.

pact-jvm JVM implementation of the consumer driven contract library pact. From the Ruby Pact website: Define a pact between service consumers and prov

Pact Foundation 962 Dec 31, 2022
Published on Maven Central and jCenter Java Library that compares 2 images with the same sizes and shows the differences visually by drawing rectangles. Some parts of the image can be excluded from the comparison. Can be used for automation qa tests.

About Configurations Release Notes Usage Demo License Contributing Code of Conduct Other Projects About Published on Maven Central and jCenter Java Li

Roman Beskrovnyi 248 Dec 21, 2022
IntelliJ IDEA and JUnit: Writing, Finding, and Running Tests

IntelliJ IDEA and JUnit: Writing, Finding, and Running Tests ?? Webinar https://blog.jetbrains.com/idea/2021/11/live-stream-recording-intellij-idea-an

Christian Stein 11 Jul 23, 2022
Toolkit for testing multi-threaded and asynchronous applications

ConcurrentUnit A simple, zero-dependency toolkit for testing multi-threaded code. Supports Java 1.6+. Introduction ConcurrentUnit was created to help

Jonathan Halterman 406 Dec 30, 2022
Library that allows tests written in Java to follow the BDD style introduced by RSpec and Jasmine.

J8Spec J8Spec is a library that allows tests written in Java to follow the BDD style introduced by RSpec and Jasmine. More details here: j8spec.github

J8Spec 45 Feb 17, 2022
A modern testing and behavioural specification framework for Java 8

Introduction If you're a Java developer and you've seen the fluent, modern specification frameworks available in other programming languages such as s

Richard Warburton 250 Sep 12, 2022
Serenity BDD is a test automation library designed to make writing automated acceptance tests easier, and more fun.

That feeling you get when you know you can trust your tests Serenity BDD is a library designed to make writing automated acceptance tests easier, and

Serenity BDD 654 Dec 28, 2022
A Java architecture test library, to specify and assert architecture rules in plain Java

ArchUnit is a free, simple and extensible library for checking the architecture of your Java code. That is, ArchUnit can check dependencies between pa

TNG Technology Consulting GmbH 2.5k Jan 2, 2023
Fluent assertions for Java and Android

What is Truth? Truth makes your test assertions and failure messages more readable. Similar to AssertJ, it natively supports many JDK and Guava types,

Google 2.6k Jan 5, 2023
A browser automation framework and ecosystem.

Selenium Selenium is an umbrella project encapsulating a variety of tools and libraries enabling web browser automation. Selenium specifically provide

Selenium 25.5k Jan 7, 2023
The Enterprise-ready testing and specification framework.

Spock Framework Spock is a BDD-style developer testing and specification framework for Java and Groovy applications. To learn more about Spock, visit

Spock Framework 3.3k Jan 5, 2023
Java (and original) version of Hamcrest

Java Hamcrest Licensed under BSD License. What is Hamcrest? Hamcrest is a library of matchers, which can be combined in to create flexible expressions

Hamcrest 2k Jan 5, 2023
Layout and functional testing framework for websites

Galen Framework master: Galen is an open-source tool for testing layout and responsive design of web applications. It is also a powerfull functional t

Galen Framework 1.4k Dec 10, 2022
Threat Emulation and Red Teaming Framework.

The Remote Hacker Probe is a Remote Access and Post Exploitation Framework coded in C++/Java. Installation & Usage Download Java 11+. Most preferrably

QuantumCored 179 Jan 5, 2023
Playwright is a Java library to automate Chromium, Firefox and WebKit with a single API.

Playwright is a Java library to automate Chromium, Firefox and WebKit with a single API. Playwright is built to enable cross-browser web automation that is ever-green, capable, reliable and fast.

Microsoft 634 Jan 8, 2023