Based NSA BTFO's IDA pro

familiarize people with their toolset so they aren't learning from nothing when they join the agency, and nothing in it is sensitive so why not

if this is what they're giving away for the entire world to see imagine what their current still secret capabilities are. based NSA

he said good

radare2, cutter, hexfiend, and now Ghidra

you're welcome

>so possibly they're hoping the community will do their development for them
Probably this, and recruitment.

this is probably as good a place as any:

how does one go about getting into RE, with the tools now available? what's a good place to start?

start by reverse engineering your own binaries when they don't work good, that's how I started dipping my toes into it

sacrifice your first born to Hexrays and obtain IDAPro, or kys trying to be productive with Radare

just pirate 7.0 like the rest of the world has already

I hope it's usable and not junky shit like IDA.

t. Too dumb to use the best product on the market

I can use it just fine, it's just not a pleasant experience.

Other than adding undo and collaboration what's wrong with it? There's literally nothing else anywhere nearly as powerful

Where were you when NSA became the good guys?
Holy shit imagine being a leader in disassembler software while charging literally thousands of dollars for licenses for your software and you get BTFOd by an open source project

beginners.re/

>are the _exact_ people that would find any kind of backdoor/exfil.
I haven't checked it out yet, but there's apparently over a million lines of code. It's gonna take quite some time for people to pore over the whole project looking for backdoors.

can confirm
why the fuck do you have a Jow Forums pass lmao

>a million lines
>the open-source basement dweller community
I give it three days, four with bathroom and tendie breaks

Attached: ohsaycanyousee.png (631x935, 106K)

>NSA releases software
>Morons run it
>immediately get fucked by the NSA who left a vuln open on purpose, you only have to get fucked once with the kind of shit they have at their disposal
>Will be passed off as a mistake and swept under the rug since it's open source, so it getting fixed means it's super safe!
>A claw is now permanently sunk into any machines that ran it and any on the same network

What's wrong with radare2?

Post the pdf I don't want to be datamined

filtered

Attached: 1549522630929.png (1024x768, 280K)

freecucks btfo

fuck you

In case anyone takes you seriously:
* Just because a program listens on all interfaces doesn't mean any traffic is going to reach it. That's what firewalls (and, with IPv4, NAT) are for.
* Debug mode is not default.

Lol some pdf's have built in loopholes. Holy shit though they want all your personal shit upfront - they're probably too lazy or legally worried to steal it like everyone else. Search for "Reverse Engineering for Beginners filetype:pdf" in a search engine, preferably not google since they don't give two fucks about your privacy.

this is misdirection, do not use this!

Also I'm pretty sure if the NSA wanted to release backdoored honeypot software to pwn security researchers, I'm pretty sure they wouldn't make it as obvious as a socket listening on a port in debug mode with no anti-detection countermeasure. Let's give the glowies some credit and not assume they're obvious idiots.

It does support linux.
ghidra-sre.org/InstallationGuide.html

Also
>NSA Confirmed for using Vim

Attached: Untitled.png (544x94, 3K)

How long did it take to find heartbleed?

Do not trust the NSA. Do not collaborate with the NSA. Do not help the NSA.

If you can't clobber together something that works together from what already exists, I doubt you're going to enjoy tearing through assembly by hand

It was found by fuzzing

kek :
exactly this.
>mhu open source is much more secure, thousends of people can review that code and make sure its not bad
sure they CAN, but they do? or they all assume someone else has already? look at all that malicious packages found on github that where used by a lot of major projects, nobody review open source shit.

does it support a million architectures, bios images, ancient LE programs, etc like IDA?

based

reverse botnetgeneering inside seemingly applicable software

The decompiler apparently predates IDA Pro.

This is a state level actor, they have more money to waste on things than any other industry, I imagine they developed the tool so they could add support for unusual classified architectures (think missiles) and to have a standardized tool they didn't have to site license and could hand out to various teams. HexRays is an utter cunt when it comes to selling licenses, they used to grill you and would sometimes decide not to sell a license at all.

This also appears to have collaboration tools, so I imagine that was also part of why they did this in-house.

I also agree with you that this is likely a safe release because there's simply nothing in it for them to take such an incredibly bad PR hit from the very community of people they've been recently struggling to recruit from.

99% of Jow Forums knows that all you have to do is check what gets pushed into the stack. You're a faggot and you have to go back.

Attached: 1551805988215.gif (250x188, 1.63M)

>announcing to everyone that you filtered someone

Attached: 1551601715792.jpg (600x560, 68K)

>Implying any of them can use a debugger much less check the stack

will this help WINE in it's development to btfo windows?

The problem with WINE is that it needs to go through the clean room procedure, and that the old Windows APIs are full of side-effects programs depend on.

>caring about shit listening on interfaces
ever heard of blocking all inward traffic on all ports? and using port forwarding?
faggot

i can't believe my Jow Forums fell for this, fuck OP and fuck glowies

Attached: file.png (631x935, 114K)

>imblying I don't have multiple commits to gef and capstone

based and redpilled

If your firewall rules aren't strict enough to block that, you're just a retard.

this was right after release, there's definitely a ton more shit lurking
or did you audit every single line

>imo

>NSA software
>Backdoors
Choose two

Good luck, I'm behind NAS.

literal brainlets

There was a build for Arch released yesterday, a couple hours after Ghidra was released.

>releases opensources
>complains of bugs that can be fixed in open source
What did they mean by this?

>bugs
Glowing much, CIA?

merriam-webster.com/dictionary/glower
dictionary.com/browse/glower
en.oxforddictionaries.com/definition/glower
I don't get it.

> look mom I'm posting on a technology board, wheeeee

What other NSA software do you use/admire Jow Forums?

My screen started glowing so hard that I went blind and my MOBO is fried

github.com/NationalSecurityAgency/lemongraph

for me, its difficult to understand. I would prefer, just repeat some CTF-writeups

t. buttblasted lolbertarian

illitertard can't read source and needs to be spoonfed and believes Jow Forums comments. You are pathetic

>vi
what a bunch of pretentious fags. The only thing I use vim for is :q

;_;

Anyone fuzzed vscode yet

Systemd

based chinaman

>his university did not make him do the bomb practice lab from the CMU class

>he didn't go to CMU

emacsfags btfo

the right tool for that is strings(1)

>my my face when no may may face to go with a mfw comment

Attached: dog.jpg (318x159, 8K)

>just use it goy, its safe
|>
|
|3
|

Attached: DJ0qk7UMAAu7za.jpg (1336x1200, 505K)

>implying the implication that any Jow Forumsentoomen know what strings is.

>>A claw is now permanently sunk into any machines that ran it and any on the same network

The World Wide Web already did that.

Attached: First browser WWW released Xmas Day 1990 CERN.jpg (1332x711, 574K)

underrated

>sure they CAN, but they do? or they all assume someone else has already?
Depends on the target audience. A random mid-popularity Node library, which is what has been an attack vector recently? No. At least not until a few people get fucked over. A pro-level package for reverse engineering? Yes. Definitely.

Why would they give a shit about finding bugs in a program that was strictly used in segmented networks previously

It's shit.

nice try nsa, we don't know howto computer here
what you want is a place called reddit, those guys are the leet haxors

Reddit

Doesn't answer the question but nevermind.

>for example
>confirmed for using Vim

bump

>limiting yourself to one tool
nice one retard

youtube.com/watch?v=AbG6u86t4bA