Open in app

Sign in

Write

Sign in

Sleep
2 min readDec 24, 2023

Advanced Ghidra Scripting Cheat Sheet

Script Execution:
analyzeHeadless <project_path> -import <binary_path> -scriptPath <script_directory> -postScript <script_name>
Analyzes the given binary using a specified script.
Script Development and Program Manipulation:
Program Structure:
ProgramDB
Represents the entire program database.
ProgramModule
Represents a module within the program.
ProgramModuleTree
Represents the module tree structure.
Symbol Manipulation:
getSymbolTable()
Retrieves the symbol table.
createLabel(addr, name)
Creates a label at the specified address.
createFunction(start, end)
Creates a function at the specified start and end addresses.
Data Types and Memory:
getDataTypeManager()
Retrieves the data type manager.
createStructure(space, name)
Creates a structure in the specified space.
createData(addr, dt)
Creates data of a specified data type at the specified address.
Memory
Represents memory blocks and manipulation.
Code Analysis and Manipulation:
Instructions and Flow:
getInstructionAt(addr)
Retrieves the instruction at the specified address.
getFlowType()
Retrieves the flow type of an instruction.
setFlowOverride(addr, type)
Overrides the flow type for an instruction at a specified address.
Control Flow Graph (CFG):
getFunctionGraph(function)
Retrieves the control flow graph for a function.
getBasicBlocksAt(addr)
Retrieves the basic blocks at a specified address.
createControlFlowGraph(program, monitor)
Creates a control flow graph for the entire program.
Data Flow and References:
getOperandReferencesFrom(instr, opIndex)
Retrieves operand references from the specified instruction and operand index.
getOperandRefType(ref)
Retrieves the type of operand reference.
getPrimarySymbol(ref)
Retrieves the primary symbol for a reference.
Analysis and Results:
Function Analysis:
Function
Represents a function in the program.
FunctionSignature
Represents the signature of a function.
getFunctionManager()
Retrieves the function manager.
createFunction(namespace, name, entry)
Creates a new function with the specified name and namespace at the given entry point.
Listing and Code Unit Manipulation:
getListing()
Retrieves the listing for the current program.
getCodeUnitAt(addr)
Retrieves the code unit at the specified address.
setComment(codeUnit, comment)
Sets a comment on the specified code unit.
Scripting Control and Output:
Script Control:
runScript(scriptName)
Runs a script with the specified name.
getCurrentTransaction()
Retrieves the current transaction in the script.
startTransaction(transactionName)
Starts a new transaction in the script.
endTransaction(transaction, commit)
Ends the specified transaction, committing changes if commit is true.
Output and Display:
popup(message)
Displays a pop-up message box with the specified message.
println(message)
Prints the specified message to the console.
getHighlightedLines()
Retrieves currently highlighted lines in the listing.

Sleep
Sleep

Written by Sleep

153 Followers
41 Following

https://www.linkedin.com/in/clumsy/ https://sleepthegod.github.io

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams