NixOS · emilytrau · Aug 9, 2024 · Aug 6, 2024 · May 29, 2024 · Jul 26, 2024
diff --git a/pkgs/tools/security/ghidra/build-extension.nix b/pkgs/tools/security/ghidra/build-extension.nix
@@ -1,72 +1,98 @@
-{ lib
-, stdenv
-, unzip
-, jdk
-, gradle
-, ghidra
+{
+  lib,
+  stdenv,
+  unzip,
+  jdk,
+  gradle,
+  ghidra,
 }:
 
 let
-  metaCommon = oldMeta:
-    oldMeta // (with lib; {
-      maintainers = (oldMeta.maintainers or []) ++ (with maintainers; [ vringar ]);
+  metaCommon =
+    oldMeta:
+    oldMeta
+    // (with lib; {
+      maintainers = (oldMeta.maintainers or [ ]) ++ (with maintainers; [ vringar ]);
       platforms = oldMeta.platforms or ghidra.meta.platforms;
     });
 
-  buildGhidraExtension = {
-    pname, nativeBuildInputs ? [], meta ? { }, ...
-  }@args:
-    stdenv.mkDerivation (args // {
-      nativeBuildInputs = nativeBuildInputs ++ [
-        unzip
-        jdk
-        gradle
-      ];
+  buildGhidraExtension =
+    {
+      pname,
+      nativeBuildInputs ? [ ],
+      meta ? { },
+      ...
+    }@args:
+    stdenv.mkDerivation (
+      args
+      // {
+        nativeBuildInputs = nativeBuildInputs ++ [
+          unzip
+          jdk
+          gradle
+        ];
 
-      preBuild = ''
-        # Set project name, otherwise defaults to directory name
-        echo -e '\nrootProject.name = "${pname}"' >> settings.gradle
-        ${args.preBuild or ""}
-      '';
+        preBuild = ''
+          # Set project name, otherwise defaults to directory name
+          echo -e '\nrootProject.name = "${pname}"' >> settings.gradle
+          # A config directory needs to exist when ghidra's GHelpBuilder is run
+          export XDG_CONFIG_HOME="''${XDG_CONFIG_HOME:-$(mktemp -d)}"
+          ${args.preBuild or ""}
+        '';
 
-      gradleBuildTask = args.gradleBuildTask or "buildExtension";
-      gradleFlags = args.gradleFlags or [] ++ [ "-PGHIDRA_INSTALL_DIR=${ghidra}/lib/ghidra" ];
+        # Needed to run gradle on darwin
+        __darwinAllowLocalNetworking = true;
 
-      installPhase = args.installPhase or ''
-        runHook preInstall
+        gradleBuildTask = args.gradleBuildTask or "buildExtension";
+        gradleFlags = args.gradleFlags or [ ] ++ [ "-PGHIDRA_INSTALL_DIR=${ghidra}/lib/ghidra" ];
 
-        mkdir -p $out/lib/ghidra/Ghidra/Extensions
-        unzip -d $out/lib/ghidra/Ghidra/Extensions dist/*.zip
+        installPhase =
+          args.installPhase or ''
+            runHook preInstall
 
-        runHook postInstall
-      '';
+            mkdir -p $out/lib/ghidra/Ghidra/Extensions
+            unzip -d $out/lib/ghidra/Ghidra/Extensions dist/*.zip
 
-      meta = metaCommon meta;
-    });
+            runHook postInstall
+          '';
 
-  buildGhidraScripts = { pname, meta ? { }, ... }@args:
-    stdenv.mkDerivation (args // {
-      installPhase = ''
-        runHook preInstall
+        meta = metaCommon meta;
+      }
+    );
 
-        GHIDRA_HOME=$out/lib/ghidra/Ghidra/Extensions/${pname}
-        mkdir -p $GHIDRA_HOME
-        cp -r . $GHIDRA_HOME/ghidra_scripts
+  buildGhidraScripts =
+    {
+      pname,
+      meta ? { },
+      ...
+    }@args:
+    stdenv.mkDerivation (
+      args
+      // {
+        installPhase = ''
+          runHook preInstall
 
-        touch $GHIDRA_HOME/Module.manifest
-        cat <<'EOF' > extension.properties
-        name=${pname}
-        description=${meta.description or ""}
-        author=
-        createdOn=
-        version=${lib.getVersion ghidra}
+          GHIDRA_HOME=$out/lib/ghidra/Ghidra/Extensions/${pname}
+          mkdir -p $GHIDRA_HOME
+          cp -r . $GHIDRA_HOME/ghidra_scripts
 
-        EOF
+          touch $GHIDRA_HOME/Module.manifest
+          cat <<'EOF' > extension.properties
+          name=${pname}
+          description=${meta.description or ""}
+          author=
+          createdOn=
+          version=${lib.getVersion ghidra}
 
-        runHook postInstall
-      '';
+          EOF
 
-      meta = metaCommon meta;
-    });
+          runHook postInstall
+        '';
+
+        meta = metaCommon meta;
+      }
+    );
 in
-  { inherit buildGhidraExtension buildGhidraScripts; }
+{
+  inherit buildGhidraExtension buildGhidraScripts;
+}
diff --git a/pkgs/tools/security/ghidra/default.nix b/pkgs/tools/security/ghidra/default.nix
@@ -1,12 +1,13 @@
-{ stdenv
-, fetchzip
-, lib
-, makeWrapper
-, autoPatchelfHook
-, openjdk17
-, pam
-, makeDesktopItem
-, icoutils
+{
+  stdenv,
+  fetchzip,
+  lib,
+  makeWrapper,
+  autoPatchelfHook,
+  openjdk17,
+  pam,
+  makeDesktopItem,
+  icoutils,
 }:
 
 let
@@ -24,7 +25,8 @@ let
     startupWMClass = "ghidra-Ghidra";
   };
 
-in stdenv.mkDerivation rec {
+in
+stdenv.mkDerivation rec {
   pname = "ghidra";
   version = "10.4";
   versiondate = "20230928";
@@ -37,8 +39,7 @@ in stdenv.mkDerivation rec {
   nativeBuildInputs = [
     makeWrapper
     icoutils
-  ]
-  ++ lib.optionals stdenv.isLinux [ autoPatchelfHook ];
+  ] ++ lib.optionals stdenv.isLinux [ autoPatchelfHook ];
 
   buildInputs = [
     stdenv.cc.cc.lib
@@ -74,10 +75,17 @@ in stdenv.mkDerivation rec {
     description = "Software reverse engineering (SRE) suite of tools developed by NSA's Research Directorate in support of the Cybersecurity mission";
     mainProgram = "ghidra";
     homepage = "https://github.com/NationalSecurityAgency/ghidra";
-    platforms = [ "x86_64-linux" "x86_64-darwin" ];
+    platforms = [
+      "x86_64-linux"
+      "x86_64-darwin"
+    ];
     sourceProvenance = with sourceTypes; [ binaryBytecode ];
     license = licenses.asl20;
-    maintainers = with maintainers; [ ck3d govanify mic92 ];
+    maintainers = with maintainers; [
+      ck3d
+      govanify
+      mic92
+    ];
   };
 
 }
diff --git a/pkgs/tools/security/ghidra/extensions.nix b/pkgs/tools/security/ghidra/extensions.nix
@@ -1,14 +1,26 @@
-{ lib, newScope, callPackage, ghidra }:
+{
+  lib,
+  newScope,
+  callPackage,
+  ghidra,
+}:
 
 lib.makeScope newScope (self: {
-  inherit (callPackage ./build-extension.nix { inherit ghidra; }) buildGhidraExtension buildGhidraScripts;
+  inherit (callPackage ./build-extension.nix { inherit ghidra; })
+    buildGhidraExtension
+    buildGhidraScripts
+    ;
 
   ghidraninja-ghidra-scripts = self.callPackage ./extensions/ghidraninja-ghidra-scripts { };
 
   gnudisassembler = self.callPackage ./extensions/gnudisassembler { inherit ghidra; };
 
+  lightkeeper = self.callPackage ./extensions/lightkeeper { };
+
   machinelearning = self.callPackage ./extensions/machinelearning { inherit ghidra; };
 
+  ret-sync = self.callPackage ./extensions/ret-sync { };
+
   sleighdevtools = self.callPackage ./extensions/sleighdevtools { inherit ghidra; };
 
 })
diff --git a/pkgs/tools/security/ghidra/extensions/ghidraninja-ghidra-scripts/default.nix b/pkgs/tools/security/ghidra/extensions/ghidraninja-ghidra-scripts/default.nix
@@ -1,9 +1,10 @@
-{ lib
-, fetchFromGitHub
-, buildGhidraScripts
-, binwalk
-, swift
-, yara
+{
+  lib,
+  fetchFromGitHub,
+  buildGhidraScripts,
+  binwalk,
+  swift,
+  yara,
 }:
 
 buildGhidraScripts {

diff --git a/pkgs/tools/security/ghidra/extensions/gnudisassembler/default.nix b/pkgs/tools/security/ghidra/extensions/gnudisassembler/default.nix
@@ -1,14 +1,15 @@
-{ lib
-, stdenv
-, fetchurl
-, buildGhidraExtension
-, ghidra
-, flex
-, bison
-, texinfo
-, perl
-, zlib
-, xcbuild
+{
+  lib,
+  stdenv,
+  fetchurl,
+  buildGhidraExtension,
+  ghidra,
+  flex,
+  bison,
+  texinfo,
+  perl,
+  zlib,
+  xcbuild,
 }:
 
 let
@@ -41,13 +42,9 @@ buildGhidraExtension {
     bison
     texinfo
     perl
-  ] ++ lib.optionals stdenv.hostPlatform.isDarwin [
-    xcbuild
-  ];
+  ] ++ lib.optionals stdenv.hostPlatform.isDarwin [ xcbuild ];
 
-  buildInputs = [
-    zlib
-  ];
+  buildInputs = [ zlib ];
   gradleBuildTask = "assemble";
 
   installPhase = ''

diff --git a/pkgs/tools/security/ghidra/extensions/lightkeeper/default.nix b/pkgs/tools/security/ghidra/extensions/lightkeeper/default.nix
@@ -0,0 +1,24 @@
+{
+  lib,
+  fetchFromGitHub,
+  buildGhidraExtension,
+}:
+buildGhidraExtension rec {
+  pname = "lightkeeper";
+  version = "1.1.0";
+
+  src = fetchFromGitHub {
+    owner = "WorksButNotTested";
+    repo = "lightkeeper";
+    rev = version;
+    hash = "sha256-S8yNn56A2CvrIBsq0RoBx0qOjrYDZSv1IVTxGmlL4Js=";
+  };
+  preConfigure = ''
+    cd lightkeeper
+  '';
+  meta = {
+    description = "A port of the Lighthouse plugin to GHIDRA.";
+    homepage = "https://github.com/WorksButNotTested/lightkeeper";
+    license = lib.licenses.asl20;
+  };
+}
diff --git a/pkgs/tools/security/ghidra/extensions/machinelearning/default.nix b/pkgs/tools/security/ghidra/extensions/machinelearning/default.nix
@@ -1,6 +1,7 @@
-{ lib
-, buildGhidraExtension
-, ghidra
+{
+  lib,
+  buildGhidraExtension,
+  ghidra,
 }:
 
 buildGhidraExtension {
@@ -28,7 +29,7 @@ buildGhidraExtension {
     downloadPage = "https://github.com/NationalSecurityAgency/ghidra/tree/master/Ghidra/Extensions/MachineLearning";
     sourceProvenance = with sourceTypes; [
       fromSource
-      binaryBytecode  # deps
+      binaryBytecode # deps
     ];
   };
 }
diff --git a/pkgs/tools/security/ghidra/extensions/ret-sync/default.nix b/pkgs/tools/security/ghidra/extensions/ret-sync/default.nix
@@ -0,0 +1,32 @@
+{
+  lib,
+  fetchFromGitHub,
+  buildGhidraExtension,
+  ghidra,
+}:
+buildGhidraExtension {
+  pname = "ret-sync-ghidra";
+  version = "0-unstable-2024-05-29";
+
+  src = fetchFromGitHub {
+    owner = "bootleg";
+    repo = "ret-sync";
+    rev = "0617c75746ddde7fe2bdbbf880175af8ad27553e";
+    hash = "sha256-+G5ccdHnFL0sHpueuIYwLRU9FhzN658CYqQCHCBwxV4=";
+  };
+
+  preConfigure = ''
+    cd ext_ghidra
+  '';
+  preInstall = ''
+    correct_version=$(ls dist | grep ${ghidra.version})
+    mv dist/$correct_version dist/safe.zip
+    rm dist/ghidra*
+    mv dist/safe.zip dist/$correct_version
+  '';
+  meta = with lib; {
+    description = "Reverse-Engineering Tools SYNChronization. Allows syncing between a debugging session and Ghidra";
+    homepage = "https://github.com/bootleg/ret-sync";
+    license = licenses.gpl3Only;
+  };
+}