Attached: scrot.png (1432x768, 168K)
Based NSA BTFO's IDA pro
Benjamin Morales
Wyatt Morgan
desu part of why I havent gone into reverse engineering for lack of a good, clean, open source tool but now I just might if it turns out this isnt botnet
Bentley Powell
iDA BTFO
Grayson Ramirez
my mfw when 99.9% of Jow Forums couldn't use either tool to find a static password in a single function binary
Matthew Myers
tfw I'm and expert hacker and use the strings command
Chase Fisher
your yfw when it's a password on the stack and strings can't find it
now 99.99% of Jow Forums can't find it
Josiah Collins
I hope it supports Leenux
Mason Peterson
i highly doubt that there's anything malicious in there. the people that they want to use this shit, are the _exact_ people that would find any kind of backdoor/exfil.
this is ironically probably the most trustworthy release the nsa has done
though i wonder their reasoning, possibly hexrays was fucking them around with licensing; though this does seem to have a much better plugin system, so possibly they're hoping the community will do their development for them
Charles Brooks
it does not as of yet, but it seems to be mostly (all?) java, so when they release source, repackaging for linux will be dead simple. it could probably already be done, if dependencies were worked out and ported/redirected
Jaxon Davis
How about radare2
Hudson Myers
familiarize people with their toolset so they aren't learning from nothing when they join the agency, and nothing in it is sensitive so why not
Juan Hill
if this is what they're giving away for the entire world to see imagine what their current still secret capabilities are. based NSA
Austin White
he said good
Landon Walker
radare2, cutter, hexfiend, and now Ghidra
you're welcome
William Hall
>so possibly they're hoping the community will do their development for them
Probably this, and recruitment.
Matthew Ramirez
this is probably as good a place as any:
how does one go about getting into RE, with the tools now available? what's a good place to start?
Oliver Wilson
start by reverse engineering your own binaries when they don't work good, that's how I started dipping my toes into it
Levi Sullivan
sacrifice your first born to Hexrays and obtain IDAPro, or kys trying to be productive with Radare
Jose Cook
just pirate 7.0 like the rest of the world has already
Isaiah Jones
I hope it's usable and not junky shit like IDA.
Angel Smith
t. Too dumb to use the best product on the market
Samuel Young
I can use it just fine, it's just not a pleasant experience.
Lincoln Evans
Other than adding undo and collaboration what's wrong with it? There's literally nothing else anywhere nearly as powerful
Robert Johnson
Where were you when NSA became the good guys?
Holy shit imagine being a leader in disassembler software while charging literally thousands of dollars for licenses for your software and you get BTFOd by an open source project
Brandon Wood
Zachary Richardson
>are the _exact_ people that would find any kind of backdoor/exfil.
I haven't checked it out yet, but there's apparently over a million lines of code. It's gonna take quite some time for people to pore over the whole project looking for backdoors.
Hudson Clark
can confirm
why the fuck do you have a Jow Forums pass lmao
Carter Garcia
>a million lines
>the open-source basement dweller community
I give it three days, four with bathroom and tendie breaks
Levi Morales
Michael Cooper
>NSA releases software
>Morons run it
>immediately get fucked by the NSA who left a vuln open on purpose, you only have to get fucked once with the kind of shit they have at their disposal
>Will be passed off as a mistake and swept under the rug since it's open source, so it getting fixed means it's super safe!
>A claw is now permanently sunk into any machines that ran it and any on the same network
John Campbell
What's wrong with radare2?
Ethan Diaz
Post the pdf I don't want to be datamined
Gavin Robinson
filtered
Joshua Parker
freecucks btfo
Angel Ramirez
fuck you
Luke Thomas
In case anyone takes you seriously:
* Just because a program listens on all interfaces doesn't mean any traffic is going to reach it. That's what firewalls (and, with IPv4, NAT) are for.
* Debug mode is not default.
Evan Campbell
Lol some pdf's have built in loopholes. Holy shit though they want all your personal shit upfront - they're probably too lazy or legally worried to steal it like everyone else. Search for "Reverse Engineering for Beginners filetype:pdf" in a search engine, preferably not google since they don't give two fucks about your privacy.
Christopher Hall
this is misdirection, do not use this!
Kevin Sanchez
Also I'm pretty sure if the NSA wanted to release backdoored honeypot software to pwn security researchers, I'm pretty sure they wouldn't make it as obvious as a socket listening on a port in debug mode with no anti-detection countermeasure. Let's give the glowies some credit and not assume they're obvious idiots.
Bentley Thompson
It does support linux.
ghidra-sre.org
Also
>NSA Confirmed for using Vim
Adam Reyes
How long did it take to find heartbleed?
Tyler Gray
Do not trust the NSA. Do not collaborate with the NSA. Do not help the NSA.
Ian James
If you can't clobber together something that works together from what already exists, I doubt you're going to enjoy tearing through assembly by hand
Michael Phillips
It was found by fuzzing
Jayden Martinez
kek :
exactly this.
>mhu open source is much more secure, thousends of people can review that code and make sure its not bad
sure they CAN, but they do? or they all assume someone else has already? look at all that malicious packages found on github that where used by a lot of major projects, nobody review open source shit.
Jaxson Davis
does it support a million architectures, bios images, ancient LE programs, etc like IDA?
Nicholas Kelly
based
Joseph Fisher
reverse botnetgeneering inside seemingly applicable software
Juan Morales
The decompiler apparently predates IDA Pro.
This is a state level actor, they have more money to waste on things than any other industry, I imagine they developed the tool so they could add support for unusual classified architectures (think missiles) and to have a standardized tool they didn't have to site license and could hand out to various teams. HexRays is an utter cunt when it comes to selling licenses, they used to grill you and would sometimes decide not to sell a license at all.
This also appears to have collaboration tools, so I imagine that was also part of why they did this in-house.
I also agree with you that this is likely a safe release because there's simply nothing in it for them to take such an incredibly bad PR hit from the very community of people they've been recently struggling to recruit from.
Camden Jones
99% of Jow Forums knows that all you have to do is check what gets pushed into the stack. You're a faggot and you have to go back.
Oliver Diaz
>announcing to everyone that you filtered someone
Juan Peterson
>Implying any of them can use a debugger much less check the stack
Brody Ramirez
will this help WINE in it's development to btfo windows?
Charles Nguyen
The problem with WINE is that it needs to go through the clean room procedure, and that the old Windows APIs are full of side-effects programs depend on.
Xavier Thomas
>caring about shit listening on interfaces
ever heard of blocking all inward traffic on all ports? and using port forwarding?
faggot
Lucas Gonzalez
i can't believe my Jow Forums fell for this, fuck OP and fuck glowies
Justin Clark
>imblying I don't have multiple commits to gef and capstone
Ryan Wright
based and redpilled
Justin Thompson
If your firewall rules aren't strict enough to block that, you're just a retard.
Jordan Ramirez
this was right after release, there's definitely a ton more shit lurking
or did you audit every single line
Brayden Hill
>imo
Dominic Sullivan
>NSA software
>Backdoors
Choose two
Nathaniel Edwards
Good luck, I'm behind NAS.
Mason Kelly
literal brainlets
Hudson Cox
There was a build for Arch released yesterday, a couple hours after Ghidra was released.
Zachary Richardson
>releases opensources
>complains of bugs that can be fixed in open source
What did they mean by this?
Jaxson Martin
>bugs
Glowing much, CIA?
Leo Moore
Tyler Ward
> look mom I'm posting on a technology board, wheeeee
Adrian Collins
What other NSA software do you use/admire Jow Forums?
Brayden Clark
My screen started glowing so hard that I went blind and my MOBO is fried
Juan Cooper
Henry Lewis
for me, its difficult to understand. I would prefer, just repeat some CTF-writeups
Angel Turner
t. buttblasted lolbertarian
Jaxon Bell
illitertard can't read source and needs to be spoonfed and believes Jow Forums comments. You are pathetic
Jason Foster
>vi
what a bunch of pretentious fags. The only thing I use vim for is :q
Jonathan Nelson
;_;
Ian Morgan
Anyone fuzzed vscode yet
Daniel Butler
Systemd
Brayden Bailey
based chinaman
Josiah Robinson
>his university did not make him do the bomb practice lab from the CMU class
Connor Gomez
>he didn't go to CMU
Aiden Cook
emacsfags btfo
Isaac Green
the right tool for that is strings(1)
Aaron Reed
>my my face when no may may face to go with a mfw comment
Samuel Taylor
>just use it goy, its safe
|>
|
|3
|
Ian Lopez
>implying the implication that any Jow Forumsentoomen know what strings is.
Camden Scott
>>A claw is now permanently sunk into any machines that ran it and any on the same network
The World Wide Web already did that.
Logan Peterson
underrated
Daniel Carter
>sure they CAN, but they do? or they all assume someone else has already?
Depends on the target audience. A random mid-popularity Node library, which is what has been an attack vector recently? No. At least not until a few people get fucked over. A pro-level package for reverse engineering? Yes. Definitely.
Oliver Lopez
Why would they give a shit about finding bugs in a program that was strictly used in segmented networks previously
Christian Brooks
It's shit.
Charles Gomez
nice try nsa, we don't know howto computer here
what you want is a place called reddit, those guys are the leet haxors
Hunter Barnes
David Allen
Doesn't answer the question but nevermind.
Brody Robinson
>for example
>confirmed for using Vim
Isaac Anderson
bump
Jaxson Sullivan
>limiting yourself to one tool
nice one retard
Camden Anderson