1 |
Hello, |
2 |
|
3 |
On Sun, 03 Dec 2017, ckard wrote: |
4 |
>On Sun, Dec 3, 2017 at 8:06 PM, <tuxic@××××××.de> wrote: |
5 |
>> is there any way to check, whether a compilated binary is using |
6 |
>> the position-independant-code feature or is still build according |
7 |
>> to old standards? |
8 |
> |
9 |
>You can use app-admin/checksec to see if different security features are |
10 |
>enabled or not. |
11 |
|
12 |
Nice. For this special use-case (what has been rebuilt with PIE and |
13 |
what not), I've extracted a (faster) variant from checksec, though |
14 |
it's unclear to me how to discern libs built with PIE and without[1]. |
15 |
I guess the linker'll tell me. |
16 |
|
17 |
==== ~/bin/check-pie ==== |
18 |
#!/bin/bash |
19 |
for arg; do |
20 |
re=$(readelf -h "$arg" 2>/dev/null) |
21 |
if printf '%s' -- "$re" | grep -q 'Type:[[:space:]]*EXEC'; then |
22 |
pie="no pie" |
23 |
elif printf '%s' -- "$re" | grep -q 'Type:[[:space:]]*DYN'; then |
24 |
pie=$(readelf -d "$arg" | awk -F':' ' |
25 |
$1 ~ /\(FLAGS.*Flags$/ && $2 ~ / PIE/ { print "PIE"; } |
26 |
$1 ~ /\(SONAME/ { print "DSO"; }') |
27 |
else |
28 |
printf "Not an executable: %s\n" "$arg" >&2 |
29 |
continue; |
30 |
fi |
31 |
printf "%s\t%s\n" "$arg" "$pie" |
32 |
done |
33 |
==== |
34 |
|
35 |
USAGE is check-pie FILE[S...] |
36 |
|
37 |
e.g.: |
38 |
|
39 |
# check-pie /usr/bin/* 2>/dev/null | \ |
40 |
awk '/PIE/{PIE++;} |
41 |
/no pie/{nopie++}; |
42 |
END{ printf("PIE: %i, no PIE:%i\n", PIE, nopie); }' |
43 |
|
44 |
HTH, |
45 |
-dnh |
46 |
|
47 |
[1] I've built a lib of my own both with -fpie/-fno-pie and compared |
48 |
readelf -a outputs, and there's not difference besides offsets. |
49 |
|
50 |
-- |
51 |
Any sufficiently advanced technology is indistinguishable from magic. |
52 |
-- Arthur C. Clarke |