GhidraChatGPT: Bringing ChatGPT's Power to Ghidra
GhidraChatGPT is a groundbreaking plugin designed to integrate the conversational capabilities of ChatGPT with Ghidra, a renowned software reverse engineering tool. This plugin enhances the functionality of Ghidra by assisting users in identifying functions, discovering vulnerabilities, and beautifying code with the help of AI, making it a valuable addition for software analysts and reverse engineering experts.
Installation
GhidraChatGPT offers two primary installation methods: using a pre-built release or building it from source.
Using the Release
- Download: Get the latest release version that matches your Ghidra version from the project's repository.
- Set up: Move the downloaded archive into the
GHIDRA_INSTALL_DIR/Extensions/Ghidradirectory. - Activate: Within Ghidra's Project window, go to
File > Install Extension, then enable the GhidraChatGPT extension. - Restart Ghidra: This ensures that the plugin is fully integrated.
- Final Setup: In the CodeBrowser window, navigate to
File > Configure, click the Plugin icon on the top right, and enable the GhidraChatGPT plugin.
Building Locally
For those wishing to customize or contribute to the project, GhidraChatGPT can also be manually built.
- Clone the Repository: Start by cloning the project on your machine.
- Build with or without Docker:
- With Docker: Run
./build.sh -p YOUR_GHIDRA_INSTALL_DIR -d. - Without Docker: Run
./build.sh -p YOUR_GHIDRA_INSTALL_DIR, ensuring all dependencies (like Gradle and Java) are resolved.
- With Docker: Run
- Install and Activate: Follow similar steps to those explained for the release version to install and activate the plugin.
Usage
The plugin's extensive features can be accessed through the Tools menu in Ghidra's CodeBrowser window.
Features
-
Identify Function:
- Location:
Tools > GhidraChatGPT > Identify Function - Functionality: Assists in determining the purpose of the current function and finds potential open-source references. ChatGPT’s analysis is added as a comment above the function.
- Location:
-
Find Vulnerabilities:
- Location:
Tools > GhidraChatGPT > Find Vulnerabilities - Functionality: Aims to uncover potential vulnerabilities in the current function using ChatGPT's insights, with results appended as comments.
- Location:
-
Beautify Function:
- Location:
Tools > GhidraChatGPT > Beautify Function - Functionality: Transforms the current function by proposing more intuitive variable and function names, making the code cleaner and more comprehensible.
- Location:
Configuration Options
-
OpenAI Token:
- Set via environment variables or directly through the
Toolsmenu. For example, executeexport OPENAI_TOKEN=YOUR_OPENAI_TOKEN.
- Set via environment variables or directly through the
-
OpenAI Model Update:
- Accessible through
Tools > GhidraChatGPT > Model, allowing users to change the model used for ChatGPT queries.
- Accessible through
Credits
The development of GhidraChatGPT was inspired by multiple existing ChatGPT projects, aiming to blend AI-driven insights with traditional reverse engineering practices.
By harnessing the AI capabilities of ChatGPT within Ghidra, this plugin seeks to revolutionize how software analysis is conducted, making processes more efficient and insightful.