Ghidra Wasm plugin with disassembly and decompilation support

Overview

Module to load WebAssembly files into Ghidra, supporting disassembly and decompilation.

This plugin borrows loader functionality from this repo: https://github.com/andr3colonel/ghidra_wasm

Currently able to disassemble and decompile simple modules, still needs some debugging and feature work to be production-ready.

image

TODO:

  • Debug intraprocedural control flow
  • Parse type section
  • Convert type definitions to Ghidra function signatures (skipped, might be better to just let the decompiler infer)
  • Handle function call sites
  • Table/ref instructions
  • br_table disassembly + decompilation
Comments
  • Fix call stack pops and push

    Fix call stack pops and push

    There was an issue in the injected pcode for calls: SP was save before parameter pops and restored before pushing the result value. Parameters where never "consumed" from the stack which was simply growing with each return.

    I moved the SP backup to after parameter pops to correct this behavior. This fixed the stack alignment issue and in_SPstatements in the decompilation.

    opened by cmorin6 1
  • Unable to import wasm file (language not found)

    Unable to import wasm file (language not found)

    Hey,

    First of all, thanks for this plugin. I managed to build it with ghidra 10, but when I try to import a wasm file, I get

    "Can't get the language for Wasm:LE:32:default:default"

    Do you know where it could come from ? :(

    pic_1 pic_2

    opened by jambon69 1
  • Load data segments

    Load data segments

    This enables proper analysis of memory references, etc. The code for loading the offset expression is hacky, and in a future commit I'll refactor it to use a reusable expression parser (so we can eventually handle globals, element tables, and other features).

    opened by nneonneo 0
  • doesn't work for ghidra 10.0.1+

    doesn't work for ghidra 10.0.1+

    I've changed version of the plugin manually and installed it in my 10.0.1 Ghidra as extension. However, when I do open a .wasm binary, nothing happens after the Autoanalysis, and Ghidra UI remains blank. image

    opened by ogre2007 0
  • br_table support

    br_table support

    I think the pcode stack is getting misaligned with the semantics at some point leading to some very verbose in_SP statements being generated. Needs some debugging before this can be merged

    opened by garrettgu10 1
  • Fix Leb128 parsing of WasmLoader.

    Fix Leb128 parsing of WasmLoader.

    I encountered some wasm files that weren't loading properly due to Leb128 parsing. The current implementation tries parsing the vale from an array of 5 bytes then compute and consume the expected byte size from the reader. The issue came from Leb128 values that where padded with null bytes (probably as some anti-reversing technique) causing the parsing size and consumed size to differ, leading to a misaligned parsing of the following structures and a failure to load the wasm file.

    Example: e2 81 80 80 00 and e2 01 are both "valid" representation of the value 226 in LEB128

    I opted to reuse the LEB128 utility already present in Ghidra for the Dwarf parsing that didn't suffer from this issue.

    opened by cmorin6 0
Releases(0.02)
Owner
Garrett Gu
Garrett Gu
Ghidra Plugin for Fujitsu FR60 Processors. Focused on DVRP's MB91302A in the Sony PSX.

Fujitsu FR60 Ghidra Plugin This repository contains a plugin for Ghidra that enables decompilation support for FR60 processors from Fujitsu. In partic

null 13 Jan 3, 2023
Ghidra plugin for querying the Symgrate databases.

Howdy y'all, This repo contains client scripts for accessing the Symgrate databases from Ghidra to recover symbol names, part number and I/O addresses

null 8 Jul 15, 2022
Ghidra plugin for HashDB

hashdb-ghidra This is a Ghidra plugin for HashDB. It allows you to compile a list of API hashes and then to query the HashDB web service for possible

OALabs 9 Apr 7, 2022
Hexagon decompiler for Ghidra

Ghidra hexagon plugin WIP Hexagon decompiler plugin for ghidra Pcode is more or less autogenerated, essentially copying and adapting from binja-hexago

Toshi Piazza 17 Dec 15, 2022
HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite

HopLa ?? All the power of PayloadsAllTheThings, without the overhead. This extension adds autocompletion support and useful payloads in Burp Suite to

Synacktiv 522 Dec 24, 2022
A simple but helpful fight plugin with rank support

RankFight A simple but helpful fight plugin with rank support HighLights PlceholderAPI Support %rankfight_rank% %rankfight_credit% %rankfight_shopCred

贺兰星辰 5 Nov 20, 2021
Plugin-fineagent - A plugin for the ja-netfilter, it allows you to use fineagent in ja-netfilter.

plugin-fineagent A plugin for the ja-netfilter, it allows you to use fineagent in ja-netfilter. Use the mvn clean package command to compile and use F

null 19 Jun 25, 2022
Spring Native provides beta support for compiling Spring applications to native executables using GraalVM native-image compiler.

Spring Native provides beta support for compiling Spring applications to native executables using GraalVM native-image compiler.

Spring Projects Experimental 2.8k Jan 6, 2023
:package: Gradle/Maven plugin to package Java applications as native Windows, Mac OS X, or GNU/Linux executables and create installers for them.

JavaPackager JavaPackager is a hybrid plugin for Maven and Gradle which provides an easy way to package Java applications in native Windows, Mac OS X

Francisco Vargas Ruiz 665 Jan 8, 2023
Maven plugin to help creating CHANGELOG by keeping one format and solving merge request conflicts problem by extraction of new CHANGELOG entries to seperate files.

keep-changelog-maven-plugin CHANGELOG.md is one of the most important files in a repository. It allows others to find out about the most important cha

Piotr Zmilczak 22 Aug 28, 2022
Ask and replay plugin for Mirai-Console

EntryLib EntryLib 是一个基于 Mirai-Console 的插件,用于实现群词条、自定义回复或更多功能。 目录 声明 使用方法 基本指令列表 额外说明 配置项 控制台 数据库结构 To-Do List 插件依赖 声明 本插件仅作为学习交流等使用,请勿用于盈利,否则法律后果自负。 欢

Bill Yang 33 Oct 25, 2022
The best plugin to protect anarchy servers and mc servers in general against op attacks.

AdminSecure The best plugin to protect anarchy servers and mc servers in general against op attacks How does it work? When the server detects a player

PK2_Stimpy 3 Sep 2, 2021
maven plugin for making chmod +x jar files

To use it, add a plugin to your pom like <!-- You need to build an exectuable uberjar, I like Shade for that --> <plugin> <groupId>org.apache.mave

Brian McCallister 113 Dec 8, 2022
Launch4j Maven Plugin

Launch4j Maven Plugin

Lukasz Lenart 301 Dec 29, 2022
A BurpSuite plugin for BBRF

bbrf-burp-plugin What's BBRF? The Bug Bounty Reconnaissance Framework (BBRF) is intended to facilitate the workflows of security researchers across mu

Pieter 19 Jun 22, 2022
Flutter plugin to listen to the process text intent stream.

Flutter Process Text Plugin Show some ❤️ and ⭐ the repo Why use Flutter Process Text? Flutter Process Text Plugin is known for : Flutter Process Text

Divyanshu Shekhar 14 Jul 1, 2022
AspectJ Maven Plugin

AspectJ Maven Plugin Overview This plugin weaves AspectJ aspects into your classes using the AspectJ compiler ajc. Typically, aspects are used in one

null 19 Dec 9, 2022
Flutter plugin to listen to the process text intent stream.

Flutter Process Text Plugin Compatibility ✅ Android ❌ iOS (active issue: iOS support) Show some ❤️ and ⭐ the repo Why use Flutter Process Text? Flutte

Devs On Flutter 14 Jul 1, 2022
This simple Android Studio plugin includes keyboard shortcuts for many common actions.

Hotkeys This simple Android Studio plugin includes keyboard shortcuts for many common actions. Features • Build process • Contribute • License Feature

SACHIN KASARADDI 14 Apr 26, 2022