search

dod-cyber-crime-center / pyhidra

Pyhidra is a Python library that provides direct access to the Ghidra API within a native CPython interpreter using jpype.
Other
182 stars 16 forks source link

run_script question #39

Closed VPaulV closed 5 months ago

VPaulV commented 6 months ago

Hi Guys, I have a simple script that uses capa with Ghidra. I want to run it using pyhidra run_script:

import capa
import capa.ghidra.helpers

if __name__ == "__main__":
    if sys.version_info < (3, 8):
        from capa.exceptions import UnsupportedRuntimeError

        raise UnsupportedRuntimeError(
            "This version of capa can only be used with Python 3.8+"
        )
    sys.exit(main())

def main():
    try:
        capa.ghidra.helpers.is_supported_ghidra_version()
    except Exception as e:
        print(f"An error occurred: {e}")

When I run it with run_script, I get the following exception:

An error occurred: name 'getGhidraVersion' is not defined

It seems like something is not imported properly. However, when I run the same script with headless Ghidra and -postScript, everything works fine.

Is there any way I can make it work with pyhidra?

dc3-tsd commented 5 months ago

pyhidra injects the functions and variable from FlatProgramAPI and GhidraScript into the current Python script's locals. This matches the behavior of the Python support currently provided by Ghidra with Jython.

A Python script's locals are not accessible outside of that script. In Python, you cannot use a function, type or variable that you have not defined or imported. This is a bug in capa.