kali安装Ghidra插件FindCrypto

Word count: 757   |   Reading time≈ 3 min

kali安装Ghidra插件FindCrypto

安装地址

https://github.com/d3v1l401/FindCrypt-Ghidra

输入命令

1
2
3
cd FindCrypt

GHIDRA_INSTALL_DIR=/home/kali/ghidra_first/ghidra_10.3.1_PUBLIC  gradle

报错处理

但是gradle版本过低出现报错
What went wrong:
A problem occurred evaluating script.
Requires at least Gradle 7.3, but was run with 4.4.1
不要直接sudo apt install gradle,这样永远都是下载4.4.1版本的,于是要下载高版本的gradle
https://services.gradle.org/distributions/
不能这样替换,会报错,不要这么干,这是某个csdn上的,自己尝试是不行的

1
2
3
4
sudo cp -r /usr/share/gradle /usr/share/gradle_bak
sudo cp -r ./gradle-6.9/* /usr/share/gradle 
#复制完成后执行下面一条命令,确认版本是否替换: 
gradle -v

我的正确做法

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
解压下载好的zip文件,然后开始配置环境变量
在 /etc/profile.d下创建 gradle.sh文件
export GRADLE_HOME=/home/kali/file/gradle-7.3
export PATH=$PATH:$GRADLE_HOME/bin
export GRADLE_USER_HOME=/home/kali/file/gradle-7.3/bin/.gradle

/etc/profile也需要加入内容
#gradle
export PATH=$PATH:/soft/gradle-6.5.1/bin

修改配置后,立即生效,执行
source /etc/profile
[为什么每次进入命令都要重新source /etc/profile 才能生效?[https://blog.csdn.net/lwplvx/article/details/79192182](https://blog.csdn.net/lwplvx/article/details/79192182)]

[source /etc/profile作用](https://blog.csdn.net/llzhang_fly/article/details/104980029)
查看gradle的版本信息 
gradle -version

gradle安好了,再次重复:一定不能用sudo的方法
Snipaste_2023-08-16_20-38-45

继续

但是findcrypt依然不能build
Snipaste_2023-08-16_20-58-39

仔细看了一下报错信息,把help文件夹给删掉了,然后就好了,好像也不影响后面的插件导入

1
2
3
4
5
6
7
8
9
10
$ GHIDRA_INSTALL_DIR=/home/kali/ghidra_first/ghidra_10.3.1_PUBLIC  gradle
Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true

> Task :buildExtension

Created task ':buildExtension' property 'archiveBaseName'.task ':buildExtension' property 'archiveExtension' in task ':buildExtension' property 'destinationDirectory'

BUILD SUCCESSFUL in 560ms
5 actionable tasks: 3 executed, 2 up-to-date

Snipaste_2023-08-16_21-13-45

下一步,打开ghidra把他装进去
事先把这个zip文件放到/home/kali/ghidra_first/ghidra_10.3.1_PUBLIC/Ghidra/Extensions/文件夹下面
file ->install extentions ->点击加号,重启即可

结束

参考

https://blog.csdn.net/llzhang_fly/article/details/104980029 source /etc/profile 文件的作用:linux下使用source /etc/profile保存配置后,新的环境变量只能在一个终端里面有效。但是,当时想的是反正只用一次,所以我就没管了

附上固件下载地址来源:smile-e3/FirmwaresAddress: IOT设备固件下载地址 (github.com)

通用固件下载地址,不仅包含路由器和摄像头。https://drivers.softpedia.com/manufacturers/

D-Link固件地址 https://tsd.dlink.com.tw/

海康威视固件地址 https://www.hikvisioneurope.com/eu/

LILIN 摄像头固件下载地址 https://www.meritlilin.com/en/support/file/type/Firmware

TP-Link固件下载地址 https://www.tp-link.com/us/choose-your-location/

ipTIME固件下载地址 http://iptime.com/iptime/?page_id=126

下载英特尔® 驱动程序和软件 (intel.cn) https://www.intel.cn/content/www/cn/zh/download-center/home.html

目前找到的密码学库的说明文档

Mbed TLS API documentation — Mbed TLS Versioned documentation (mbed-tls.readthedocs.io)

/index.html (openssl.org)

OpenBSD

同类型的脚本

AllsafeCyberSecurity/py-findcrypt-ghidra: FindCrypt for Ghidra written in Python (github.com)

  • Copyright: Copyright is owned by the author. For commercial reprints, please contact the author for authorization. For non-commercial reprints, please indicate the source.
  • Copyrights © 2023 SunnyYang
  • Visitors: | Views:

请我喝杯咖啡吧~

支付宝
微信