-
Notifications
You must be signed in to change notification settings - Fork 10
/
Copy pathREADME.src
40 lines (24 loc) · 2.05 KB
/
README.src
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
# Ghidra Function ID dataset repository
These Function ID datasets were generated via:
- <https://github.com/threatrack/ghidra-fid-generator>
- using a manual selection of interesting libraries
**Feel free to report any issues and suggest libraries (including non Linux ones) for
inclusion in this repository.**
## Usage / Installation
There are currently several ways to use these:
- You can import individual Function ID Databases via `Tools -> FunctionID -> Attach existing FidDB...`.
- You can copy the packed FunctionID Database file (`*.fidb`) to `~/git/ghidra.bin/Ghidra/Features/FunctionID/src/main/fidb` (assuming your ghidra source repository is in `~/git/ghidra`). Now when building Ghidra from source it will pull in the files into your `git/ghidra/build/dist/ghidra_9.2_DEV_20200530_linux64.zip` file.
- Download the [pre-unpacked fidbf files](https://github.com/threatrack/ghidra-fidb-repo/releases/download/20200530/ghidra-fidb-repo_20200530.zip) and copy them to `$GHIDRA_HOME/Ghidra/Features/FunctionID/data/`. (Same as above, but without having to build Ghidra yourself.)
- *Buggy(?) way*: According to [ghidra-data/FID.md](https://github.com/NationalSecurityAgency/ghidra-data/blob/master/FunctionID/FID.md) it should be possible to copy the packed, i.e., `*.fidb` files, to ` , see [this issue](https://github.com/NationalSecurityAgency/ghidra/issues/1007#issuecomment-636321122)
## Libraries
### Sources
- `el{6,7}`: <http://mirror.centos.org/centos/>
- `ubuntu`: <http://de.archive.ubuntu.com/ubuntu/pool/main/>
- `gcc`: from `el{6,7}` and `ubuntu`
- `teskalabs`: <https://teskalabs.com/blog/openssl-binary-distribution-for-developers-static-library>
- `libsodium`: <https://download.libsodium.org/libsodium/releases/>
- `sigmoid`: openssl libraries from <https://www.npcglib.org/~stathis/downloads/>
### Issues
- libsodium: Not all files parsed correctly. So it may miss some functions. But the majority of the functions are included. (Issue: `The AutoImporter could not successfully load...`)
### Content
The following libraries are included in the datasets: