Saturday, February 28, 2009

checksec

In my last blog post I described a script called "checkrelro.sh" that can be used to check if ELF executables or processes support the RELRO mitigation technique. I extended that script to also support other memory corruption mitigation techniques. The extended version is now called "checksec.sh" and is able to check Linux ELF executables and running processes if they support the following mitigation techniques: RELRO, Stack Canaries, NX, PIE and ASLR (for more information see Ubuntu, SUSE/Novell, Red Hat).

Example 1 - Check a single executable (Ubuntu 8.10):



Example 2 - Check all executables in a directory (Ubuntu 8.10):



Example 3 - Check a single process by name (Ubuntu 8.10):



Example 4 - Check all running processes (Ubuntu 8.10):



I successfully tested checksec under Ubuntu 8.10 and openSUSE 11.1.

Get checksec.sh here.   UPDATE (27.12.2009): A newer version of checksec.sh is available here. See also this link.