In short, this Ghidra extension allows one to reconstruct relocation tables through analysis and then export parts of programs as working object files, effectively reversing the work of a linker. Applications include binary patching, converting between object file formats, making software ports and libraries from a binary artifact without source code, decompilation projects...
I've been tinkering with it for the past 16 months or so and it's the third, hopefully industrial-grade prototype. Right now it can delink 32-bit MIPS and i386 programs from the 1990s or so to ELF object files, as long as it contains basic relocation types.
It's half-baked because while it works, it doesn't support modern instruction sets, advanced relocation types for TLS/PLT/GOT or exporting to other object file formats besides ELF, so it's not that useful on modern artifacts (which is what I assume most reverse-engineers would care about). It's not really ready for prime time because I'm not done writing blog posts that walk through real-world applications and case studies ; there's very little literature out there on this esoteric topic and it can be very confusing. Like "let's take this PlayStation PS-EXE file that was built with a COFF toolchain back in the 90s and make MIPS ELF object files out of it that work with modern Linux toolchains" kind of confusing.
I started this project because I wanted to decompile a PlayStation video game and quickly realized that I'd never get anywhere without a means to divide and conquer it into smaller, more manageable pieces. Ironically the decompilation project itself hasn't advanced much, but I'm having fun so far working on this ; if anything, it shows that ABIs and file formats are but mere conventions that can be arm-twisted into submission given enough leverage.
In short, this Ghidra extension allows one to reconstruct relocation tables through analysis and then export parts of programs as working object files, effectively reversing the work of a linker. Applications include binary patching, converting between object file formats, making software ports and libraries from a binary artifact without source code, decompilation projects...
I've been tinkering with it for the past 16 months or so and it's the third, hopefully industrial-grade prototype. Right now it can delink 32-bit MIPS and i386 programs from the 1990s or so to ELF object files, as long as it contains basic relocation types.
It's half-baked because while it works, it doesn't support modern instruction sets, advanced relocation types for TLS/PLT/GOT or exporting to other object file formats besides ELF, so it's not that useful on modern artifacts (which is what I assume most reverse-engineers would care about). It's not really ready for prime time because I'm not done writing blog posts that walk through real-world applications and case studies ; there's very little literature out there on this esoteric topic and it can be very confusing. Like "let's take this PlayStation PS-EXE file that was built with a COFF toolchain back in the 90s and make MIPS ELF object files out of it that work with modern Linux toolchains" kind of confusing.
I started this project because I wanted to decompile a PlayStation video game and quickly realized that I'd never get anywhere without a means to divide and conquer it into smaller, more manageable pieces. Ironically the decompilation project itself hasn't advanced much, but I'm having fun so far working on this ; if anything, it shows that ABIs and file formats are but mere conventions that can be arm-twisted into submission given enough leverage.