Fast multi-platform (ELF/PE/MachO) binary checksec written in Rust.
*under active development, cargo crate releases periodically
Uses goblin to for multi-platform binary parsing support and ignore for fast recursive path iteration that respects various filters such as globs, file types and .gitignore files and serde for Serializaiton/Deserialization.
Plenty of prior art exists for this type of tool. Some are standalone command line utilities and some are plugins for frameworks or debuggers, however all are platform specific.
Project | Author | Language | Active --- | --- |--- | --- checksec.sh (original)| Tobias Klein | bash | Jan 28, 2009 - Nov 17, 2011 checksec | Dhiru Kholia | python | Apr 18, 2013 - Mar 19, 2014 checksec.sh | Brian Davis | bash | Feb 14, 2014 - current pwntools - checksec | Gallopsled | python | Nov 8, 2014 - current CheckSec.c| hugsy | c | Dec 7, 2015 - Apr 24, 2018 checksec | klks | c++ | Mar 25, 2017 iOS-checksec.py | ChiChou | python | Apr 6, 2017 checksec-win | Lucas Leong | c++ | Aug 21, 2017 winchecksec | Trail Of Bits | c++ | Aug 17, 2018 - current pemitigationcheck.py | David Cannings | python | Sep 20, 2018
note: not an exhaustive list
sh
git clone https://github.com/etke/checksec.rs && cd checksec.rs
cargo build --release
cargo install --path .
sh
cargo install checksec
For instances where you want to compile for a different target OS or architecture, see rust-cross.
sh
Usage: checksec <-f|-d> <file|directory> [--json]
sh
$ checksec -f test/binaries/true-x86_64
ELF64: | Canary: true CFI: false SafeStack: false Fortify: true Fortified: 2 NX: true PIE: None Relro: Partial RPATH: None RUNPATH: None | File: test/binaries/true-x86_64
json output
sh
$ checksec -f test/binaries/true-x86_64 --json
{"binaries":[{"binarytype":"Elf64","file":"test/binaries/true-x86_64","properties":{"Elf":{"canary":true,"clang_cfi":false,"clang_safestack":false,"fortified":2,"fortify":true,"nx":true,"pie":"None","relro":"Partial","rpath":{"paths":["None"]},"runpath":{"paths":["None"]}}}}]}
Just add the following to any current project with goblin dependencies to enable checksec trait on goblin::Object::{Elf, Mach, PE} objects.
Add checksec crate dependency to your project Cargo.toml.
toml
[dependencies]
checksec = { version = "0.0.4", features = ["elf", "macho", "pe", "color"] }
Now in your project source, specify dependency on the checksec crate and import the *Properties trait(s).
rust
extern crate checksec;
use checksec::elf::ElfProperties;
use checksec::macho::MachOProperties;
use checksec::pe::PEProperties;
You will now have access to all the implemented check functions directly from the goblin::Object.
See examples/ for library usage examples.
@rpath contents into shared::VecRpath similar to DT_RPATH/DT_RUNPATH on ELFsImprovements welcome!
improvementbug tagrustfmt.tomlclippy.toml (when one exists)