Thursday, 15 August 2013

c - Finding out if a binary file has been compiled with stack smashing protection -


On Linux, there is no way that the state binary file has been compiled from the stack-Spasing ON / OFF command line? Is

I'm pretty sure that I have security, but only for the reason, I would like to write some tests for your Baynerijh, if ever comes a day when everything went wrong and some of the reasons Security closes.

If you have your own executable file format Elf and < / Em> has been compiled such as GCC v4.3 or greater, which only happened -frecord-gcc-switches command line switch, you can do the following:

  $ gcc -frecord-gcc-switches -fno-stack- patrons test.c $ readelf -p .GCC. command.line a.out section '.GCC.command.line' string dump: [0] -imultiarch x86_64-linu-gnu [1d] test.c [24] - Mtune = generic [33] -marc = x86- 64 [41] - Frecord-gcc-switches [57] -fno-stack-protector   

When < strong> GCC and -frecord-gcc-switches has passed switch, it .GCC.comment.line will add section - GCC - Switches sent to binary ELF

You

Unfortunately, this solution is confined to the compiled binary files using - to determine whether stack-smashing turn on / off what binary files To determine, it has been compiled with Fno-stack-protector switch. Frecord-gcc-switches - Which effectively means that it is useless for most situations, although maybe you can get luck in your special case.


It is worth mentioning that buffer overflow vulnerabilities in binary files is an active field of research, for example, here one.

See also



No comments:

Post a Comment