This is not an officially supported Google product.
This extension supports Nullsoft Scriptable Install System (NSIS) binaries built using the NSIS builder available from https://nsis.sourceforge.io/
- Download the built extension from GitHub
- Visit the Releases page, normally use the latest release
- Download the built extension zip file, the name will be similar to:
ghidra_10.1.2_PUBLIC_YYYYMMDD_nsis.zip
- If you don't already have Ghdira, download and install Ghidra from https://ghidra-sre.org/
- Install the extension into Ghidra
- Start Ghidra
- Open
File->Install Extensions... - Press the
+icon found in the top right of theInstall Extensionswindow - Navigate to the file location where you downloaded the extension zip file above and select it
- Press
OK - You will be prompted to restart Ghidra for the changes to take effect
- Install Java
- Tested verison:
jdk-11.0.2
- Tested verison:
- Install eclipse from eclipse.org
- Tested version:
2020-12
- Tested version:
- Install Ghidra
- Tested version:
ghidra_10.1.2_PUBLIC - Ghidra must be started atleast once.
- Tested version:
- Install Ghidra Eclipse extension, follow instructions here
- Checkout git project
ghidra-nsis-extensionto local directory - In eclipse's
Filemenu, selectNew->Java Project - Un-select
Use default locationand navigate to thensisfolder in the git checkout locationghidra-nsis-extension/nsis
- Press
Next - Un-select
Create module-info.java file - Press
Finish- There will be build errors
- In the
GhidraDevmenu of Eclipse, use theLink Ghidra...and enter the path to the Ghidra binary install location- Select the Java project
nsisjust created - If there is Java conflict probably best to keep the current Java by pressing
Cancel - Build errors should be resolved
- Select the Java project
- Add the nsis/src/nsis/lib/xz.jar file to the build path in Eclipse to import those dependencies
- You can test that everything is working in your project by selecting the
Runmenu, thenRun AsandGhidra. - A new instance of Ghidra should be loaded, if you import an NSIS executable file, should see the 'Nsis' Format suggestion in the first entry of the import dialog.
- If a change is made to Nsis.slaspec, it needs to be reprocessed by the sleight utility. Example command:
<ghidra installer folder>/support/sleigh data/languages/Nsis.slaspec
- Install gradle
- Tested version:
7.3
- Tested version:
- Execute the command from nsis folder
$ gradle -PGHIDRA_INSTALL_DIR=<path_to_ghidra>
- Zip file will be created in the
distfolder
- https://ghidra.re/courses/languages/html/sleigh.html
- https://www.reddit.com/r/ReverseEngineering/comments/bupmxu/implementing_a_new_cpu_architecture_for_ghidra/
- https://github.com/VGKintsugi/Ghidra-SegaSaturn-Processor
- https://www.reddit.com/r/ghidra/comments/bhhrt0/quick_guide_to_creating_a_processor_in_ghidra/
- https://wrongbaud.github.io/writing-a-ghidra-loader/
- NSIS home: https://nsis.sourceforge.io/
- Data structures for NSIS file format: https://sourceforge.net/p/nsis/code/HEAD/tree/NSIS/trunk/Source/exehead/fileform.h
- IDA plugin for NSIS files: https://github.com/isra17/nrs