#GhidraBytes 0x04 - ATmega328P Blink Driver: We continue our journey with #AVR #Assembler with #Ghidra by finding the main function, it also indicates that the return value, if any, will be stored in register R24 per the #AVR calling convention. #Embedded #ReverseEngineering

#GhidraBytes 0x03 - ATmega328P Blink Driver: We continue our journey with #AVR #Assembler with #Ghidra by finding the main function, DAT_mem_0025 is a mem mapped IO reg sets the PB5 for the LED and we can see it in the Assembler and Decomple views. #Embedded #ReverseEngineering

#GhidraBytes 0x02 - ATmega328P Blink Driver: We continue our journey with #AVR #Assembler with #Ghidra by finding the Reset Vector and seeing that the first call is to FUN_code_0040() which is main, we can see it in the Assembler and Decomple views. #Embedded #ReverseEngineering

#GhidraBytes 0x01 - ATmega328P Blink Driver: We begin our journey with #AVR #Assembler with #Ghidra by first loading the program.hex into Ghidra. #Embedded #ReverseEngineering

Next episode of #GhidraBytes we will continue to examine 0x9d; digital_pin_to_bit_mask_PGM that 0x9d is a memory address, we see 0x20 and how that represents 0b00100000 which is our first step to identifying Port B pin 5 using #Ghidra! #ReverseEngineering embedded!

#GhidraBytes 0x04: Blinky - We continue our #CPP blinky program #ReverseEngineering main function. Notice offset 004e corresponds to digital_pin_to_bit_mask_PGM and 0x9d is a mem addr with the value of 0x20! Onboard LED is Port B pin 5 and 0x20 is 0b00100000! #Ghidra in action!

Tomorrow in our next episode of #GhidraBytes, we will dig into DAT_code_0043 and see what value exists at the value going into that function which is 0x9d! We will need to understanding our hex to binary conversion to make sense of how to #ReverseEngineer this in #Ghidra!

#GhidraBytes 0x03: Blinky - We continue our #CPP blinky program #ReverseEngineering main function. Notice offset 004e corresponds to digital_pin_to_bit_mask_PGM and offset 0044 corresponds to digital_pin_to_port_PGM. Pay attention to 0x9d and 0x89 for our next #Ghidra byte!

Tomorrow we embark on #GhidraBytes 0x03! We need to understand ATmega328P internals. Let's review github.com/arduino/Ardu... before the lesson and be all the more prepared for proper #ReverseEngineering #Ghidra so lets go!

#GhidraBytes 0x02: Blinky - We continue our #CPP blinky program where we will be #ReverseEngineering the Reset function when the MCU boots with #Ghidra. Notice that in both the Assembler and Decompile views we end up calling two functions! We will explore more in the next byte!

Tomorrow in #GhidraBytes 0x02, we will open #Ghidra for the first time and see what happens when a microcontroller boots and what the first function it loads! #ReverseEngineering

#GhidraBytes 0x01: Blinky - We begin with the simple #CPP blinky program to which we will #ReverseEngineer each piece step-by-step in #Ghidra! Read the code and get familiar with the basics.

A little sneak peak from my upcoming series #GhidraBytes so lets #Ghidra away! What could this mean? STAY TUNED!