How to use the command checksec (with examples)

How to use the command checksec (with examples)

Checksec is a command that allows you to check the security properties of executables, including binary files, directories, processes, and the running kernel. This article will provide examples and explanations for each of these use cases.

Use case 1: List security properties of an executable binary file

Code:

checksec --file=path/to/binary

Motivation: This use case is useful when you want to examine the security properties of a specific binary file. By using the checksec command, you can get information such as ASLR (Address Space Layout Randomization), DEP (Data Execution Prevention), and PIE (Position Independent Executable) for the file.

Explanation:

  • --file=path/to/binary: Specifies the path to the binary file that you want to check.

Example output:

RELRO           STACK CANARY      NX            PIE             RPATH      RUNPATH      Symbols         FORTIFY  Fortified       Fortifiable  FILE
Full RELRO      No canary found   NX enabled    PIE enabled     No RPATH   No RUNPATH   No Symbols       No       0               2             path/to/binary

Use case 2: List security properties recursively of all executable files in a directory

Code:

checksec --dir=path/to/directory

Motivation: This use case is helpful when you want to analyze the security properties of multiple executable files within a specific directory. By using the checksec command with the –dir option, you can retrieve the security information of all the executable files in the directory, including ASLR, DEP, and PIE.

Explanation:

  • --dir=path/to/directory: Specifies the path to the directory where the executable files are located. The checksec command will recursively search for all executable files within the directory.

Example output:

RELRO           STACK CANARY      NX            PIE             RPATH      RUNPATH      Symbols         FORTIFY  Fortified       Fortifiable  FILE
Full RELRO      No canary found   NX enabled    PIE enabled     No RPATH   No RUNPATH   No Symbols       No       0               2             path/to/directory/file1
Partial RELRO   No canary found   NX enabled    No PIE          No RPATH   No RUNPATH   No Symbols       No       0               2             path/to/directory/file2

Use case 3: List security properties of a process

Code:

checksec --proc=pid

Motivation: This use case is beneficial when you want to investigate the security properties of a specific process. By using the checksec command with the –proc option, you can obtain the security information of the process, such as ASLR, DEP, and PIE.

Explanation:

  • --proc=pid: Specifies the process ID (PID) of the process that you want to check.

Example output:

RELRO           STACK CANARY      NX            PIE             RPATH      RUNPATH      Symbols         FORTIFY  Fortified       Fortifiable  PID
Full RELRO      Canary found      NX enabled    PIE enabled     No RPATH   No RUNPATH   No Symbols       No       0               0             1234

Use case 4: List security properties of the running kernel

Code:

checksec --kernel

Motivation: This use case is handy when you want to examine the security properties of the running kernel. By using the checksec command with the –kernel option, you can retrieve information about the kernel’s security features, such as KASLR (Kernel Address Space Layout Randomization) and SMEP (Supervisor Mode Execution Protection).

Explanation:

  • --kernel: Specifies that you want to check the security properties of the running kernel.

Example output:

CONFIG_DEFAULT_MMAP_MIN_ADDR: 65536
CONFIG_HARDENED_USERCOPY: Not found
CONFIG_MEMORY_HOTPLUG: Found
CONFIG_MEMORY_FAILURE: Found
KASLR: Enabled
SMEP: Enabled

Conclusion:

The checksec command is a versatile tool for checking the security properties of various components, including binary files, directories, processes, and the kernel. By utilizing its different options, you can analyze and assess the security features of your system, allowing you to identify potential vulnerabilities and take appropriate actions to mitigate them.

Related Posts

How to use the command asciitopgm (with examples)

How to use the command asciitopgm (with examples)

The asciitopgm command is used to convert ASCII graphics into a PGM file.

Read More
How to use the command 'az sshkey' (with examples)

How to use the command 'az sshkey' (with examples)

The az sshkey command is part of the azure-cli (also known as az) and is used to manage ssh public keys with virtual machines on Azure.

Read More
How to use the command xsv (with examples)

How to use the command xsv (with examples)

xsv is a CSV command-line toolkit written in Rust. It provides various useful commands for manipulating CSV files, such as inspecting headers, counting entries, selecting columns, and more.

Read More