Hi!
I'm looking for a new, long-term project to keep me occupied for a while, and I think that decompilation may just be the right mixture of repetition and skill to satisfy my desires. One problem though: I have no real idea how to start learning how to do this. I have a solid grasp on programming in general, and assembly in particular (although most of my knowledge is ARM), but as far as learning how to use Ghidra, how to get off the ground with a project, or how to even set everything up, I'm clueless. Is there any guide anywhere I can use, or any tips that anyone may have on how to kick this off?
Learn how to decompile?
-
- Posts: 9
- Joined: Sat Jul 29, 2023 12:09 am
Re: Learn how to decompile?
I might not be the right person for this, but since you don't have any answers yet, I'll bite.
There's not really any big steps you can do, other than just start decompiling. I'd say to start decompiling stuff that you build/work on, since at least you have the source code to compare it with. Then you can try decompiling open source software. Just use Ghidra and get a feel on how it works. It takes a lot of time to get used to, but you'll inevitably get it.
As a final tip, don't rely on the pseudo-code too much, since it can/will get things wrong. I know reading assembly code seems scary, but it's not that bad once you get used to it. I get that assembly might look unreadable, but trust me it's 100% supposed to be readable. You can use the pseudo-code as a guide, but not as the decompiled code.
Ghidra also has an official cheat sheet, which contains all the keybinds you might want to know. Here's the link: https://ghidra-sre.org/CheatSheet.html
There's not really any big steps you can do, other than just start decompiling. I'd say to start decompiling stuff that you build/work on, since at least you have the source code to compare it with. Then you can try decompiling open source software. Just use Ghidra and get a feel on how it works. It takes a lot of time to get used to, but you'll inevitably get it.
As a final tip, don't rely on the pseudo-code too much, since it can/will get things wrong. I know reading assembly code seems scary, but it's not that bad once you get used to it. I get that assembly might look unreadable, but trust me it's 100% supposed to be readable. You can use the pseudo-code as a guide, but not as the decompiled code.
Ghidra also has an official cheat sheet, which contains all the keybinds you might want to know. Here's the link: https://ghidra-sre.org/CheatSheet.html