NSA's Ghidra - C++ reversing revisited

At the time of this writing, the NSA has just released a tool that seems like an open-source IDA Pro to me. Very impressively, it claims to contain a decompiler, similar to the HexRays product for IDA Pro. I thought it would be nice to give it a spin, and specifically wanted to know how the decompiler fares with C++ code.

Lets revisit the beginning of the program as shown by the disassembler edb:

You won't find the solution to the challenge here. That is against root-me.org rules. We are simply looking at the C++ aspects of the executable.

and now let's see what the Ghidra decompiler presents us:


It does an excellent job!

Next, lets investigate the plouf function, which is where all the important work happens in this particular program. First, revisit what edb give us:


Next, compare to the Ghidra decompiler:


This is just fantastic. HexRays just got some real competition!

Finally, lets compare the function graph functionality to edb:


I think it does a little better job in representing the control flow, even going as far as labelling the loop type:

Another powerful (and free!) tool in the box....