MCP/mcghidra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Add reverse_engineer_binary prompt for comprehensive binary analysis

Browse Source
This commit is contained in:
Teal Bauer 2025-04-15 10:29:23 +02:00
parent 0f9aa2bb47
commit 8313b2bd7b
1 changed files with 89 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

89
bridge_mcp_hydra.py
View File

@ -868,6 +868,95 @@ def identify_vulnerabilities_prompt(name: str = None, address: str = None, port:
}
}
@mcp.prompt("reverse_engineer_binary")
def reverse_engineer_binary_prompt(port: int = None):
"""A comprehensive prompt to guide the process of reverse engineering an entire binary
Args:
port: Specific Ghidra instance port (optional)
"""
port = _get_instance_port(port)
# Get program info for context
program_info = ghidra_instance(port=port)
# Create a comprehensive reverse engineering guide
return {
"prompt": f"""
# Comprehensive Binary Reverse Engineering Plan
Begin reverse engineering the binary {program_info.get('program_name', 'unknown')} using a methodical approach.
## Phase 1: Initial Reconnaissance
1. Analyze entry points and the main function
2. Identify and catalog key functions and libraries
3. Map the overall program structure
4. Identify important data structures
## Phase 2: Functional Analysis
1. Start with main() or entry point functions and trace the control flow
2. Find and rename all unnamed functions (FUN_*) called from main
3. For each function:
- Decompile and analyze its purpose
- Rename with descriptive names following consistent patterns
- Add comments for complex logic
- Identify parameters and return values
4. Follow cross-references (xrefs) to understand context of function usage
5. Pay special attention to:
- File I/O operations
- Network communication
- Memory allocation/deallocation
- Authentication/encryption routines
- Data processing algorithms
## Phase 3: Data Flow Mapping
1. Identify key data structures and rename them meaningfully
2. Track global variables and their usage across functions
3. Map data transformations through the program
4. Identify sensitive data handling (keys, credentials, etc.)
## Phase 4: Deep Analysis
1. For complex functions, perform deeper analysis using:
- Data flow analysis
- Call graph analysis
- Security vulnerability scanning
2. Look for interesting patterns:
- Command processing routines
- State machines
- Protocol implementations
- Cryptographic operations
## Implementation Strategy
1. Start with functions called from main
2. Search for unnamed functions with pattern "FUN_*"
3. Decompile each function and analyze its purpose
4. Look at its call graph and cross-references to understand context
5. Rename the function based on its behavior
6. Document key insights
7. Continue iteratively until the entire program flow is mapped
## Function Prioritization
1. Start with entry points and initialization functions
2. Focus on functions with high centrality in the call graph
3. Pay special attention to functions with:
- Command processing logic
- Error handling
- Security checks
- Data transformation
Remember to use the available GhydraMCP tools:
- Use functions_list to find functions matching patterns
- Use xrefs_list to find cross-references
- Use functions_decompile for C-like representations
- Use functions_disassemble for lower-level analysis
- Use functions_rename to apply meaningful names
- Use data_* tools to work with program data
""",
"context": {
"program_info": program_info
}
}
# ================= MCP Tools =================
# Since we can't use tool groups, we'll use namespaces in the function names