patryk025/Aidem-Media-DLL-Analysis
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

worker: pin Jython-era Ghidra (11.2.1) for headless .py post-script

Browse Source 
Ghidra 11.4+/12.x dropped the bundled Jython, so the .py extractor fails headless
with "Ghidra was not started with PyGhidra. Python is not available" — analysis
succeeds but the post-script never runs, so no snapshot is produced. Default
GHIDRA_URL now points at 11.2.1 (Jython); README documents the constraint and the
PyGhidra path for staying on 12.x. Keeps the local Dockerfile fixes (pip upgrade,
non-editable install).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
Patryk Gensch
2026-05-31 17:57:17 +02:00
parent b77419f4d2
commit aa65beb7c1
3 changed files with 23 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
docker/worker.Dockerfile
View File

@@ -3,9 +3,16 @@
#
# Override the Ghidra build without editing this file:
# docker build --build-arg GHIDRA_URL=https://github.com/.../ghidra_X_PUBLIC_DATE.zip ...
#
# IMPORTANT: the extractor is a Python (.py) headless post-script, which Ghidra runs via its
# bundled **Jython**. Ghidra 11.4+ / 12.x REMOVED Jython - there `.py` headless needs PyGhidra
# (CPython), which this image doesn't initialise, and you'll get:
# "Ghidra was not started with PyGhidra. Python is not available"
# So pin a Jython-era release (<= 11.3.x). If this URL 404s, copy the exact filename from
# https://github.com/NationalSecurityAgency/ghidra/releases (form: ghidra_<ver>_PUBLIC_<date>.zip).
FROM eclipse-temurin:21-jdk-jammy
ARG GHIDRA_URL=https://github.com/NationalSecurityAgency/ghidra/releases/download/Ghidra_11.3_build/ghidra_11.3_PUBLIC_20250205.zip
ARG GHIDRA_URL=https://github.com/NationalSecurityAgency/ghidra/releases/download/Ghidra_11.2.1_build/ghidra_11.2.1_PUBLIC_20241105.zip
# Runtime deps: python (the package), unzip/wget (fetch Ghidra), libarchive-tools (bsdtar:
# unpacks ISO9660 + ZIP game archives).
@@ -19,6 +26,8 @@ RUN wget -q "$GHIDRA_URL" -O /tmp/ghidra.zip \
&& mv /opt/ghidra_* /opt/ghidra \
&& rm /tmp/ghidra.zip
RUN pip3 install --no-cache-dir --upgrade pip setuptools wheel
ENV GHIDRA_HOME=/opt/ghidra
ENV AMS_GHIDRA_SCRIPTS=/app/ghidra_scripts
ENV AMS_UPLOAD_DIR=/data/uploads
@@ -29,7 +38,7 @@ COPY ams ./ams
COPY ghidra_scripts ./ghidra_scripts
COPY snapshots ./snapshots
RUN pip3 install --no-cache-dir -e ".[api,acquire,worker]"
RUN pip3 install --no-cache-dir ".[api,acquire,worker]"
# Drain the 'acquire' queue. Shell form so $REDIS_URL expands at runtime.
CMD rq worker --url "${REDIS_URL:-redis://redis:6379/0}" acquire