checksec: check the properties of executables

by ddos ·

checksec

Checksec is a bash script to check the properties of executables (like PIE, RELRO, PaX, Canaries, ASLR, Fortify Source). It was originally written by Tobias Klein.

 

The checksec tool can be used against cross-compiled target file systems offline. Key limitations to note:

  • Kernel tests – require you to execute the script on the running system you’d like to check as they directly access kernel resources to identify system configuration/state. You can specify the config file for the kernel after the -k option.
  • File check – the offline testing works for all the checks but the Fortify feature. Fortify, uses the running system’s libraries vs those in the offline file-system. There are ways to work around this (chroot) but at the moment, the ideal configuration would have this script executing on the running system when checking the files.

The checksec tool’s normal use case is for runtime checking of the configuration of the system. If the system is an embedded target, the native binutils tools like readelf may not be present. This would restrict which parts of the script will work.

Even with those limitations, the amount of valuable information this script provides, still makes it a valuable tool for checking offline file systems.

Download

git clone https://github.com/slimm609/checksec.sh.git

Use

Copyright (c) 2014-2015, Brian Davis
Copyright (c) 2013, Robin David
Copyright (c) 2009-2011, Tobias Klein
All rights reserved.

Tags: bash script