Guide to P-code Injection: Changing the intermediate representation of code on the fly in Ghidra
https://swarm.ptsecurity.com/guide-to-p-code-injection/
#reverse #ghidra #decompiler #pcode #nodejs #v8 #plugin #darw1n
https://swarm.ptsecurity.com/guide-to-p-code-injection/
#reverse #ghidra #decompiler #pcode #nodejs #v8 #plugin #darw1n
PT SWARM
Guide to P-code Injection: Changing the intermediate representation of code on the fly in Ghidra
When we were developing the ghidra nodejs module for Ghidra, we realized that it was not always possible to correctly implement V8 (JavaScript engine that is used by Node.js) opcodes in SLEIGH. In such runtime environments as V8 and JVM, a single opcode might…