diff options
Diffstat (limited to 'contrib/devtools/security-check.py')
-rwxr-xr-x | contrib/devtools/security-check.py | 17 |
1 files changed, 14 insertions, 3 deletions
diff --git a/contrib/devtools/security-check.py b/contrib/devtools/security-check.py index 137fe377da..9e7059685c 100755 --- a/contrib/devtools/security-check.py +++ b/contrib/devtools/security-check.py @@ -111,6 +111,17 @@ def check_ELF_separate_code(binary): return False return True +def check_ELF_control_flow(binary) -> bool: + ''' + Check for control flow instrumentation + ''' + main = binary.get_function_address('main') + content = binary.get_content_from_virtual_address(main, 4, lief.Binary.VA_TYPES.AUTO) + + if content == [243, 15, 30, 250]: # endbr64 + return True + return False + def check_PE_DYNAMIC_BASE(binary) -> bool: '''PIE: DllCharacteristics bit 0x40 signifies dynamicbase (ASLR)''' return lief.PE.DLL_CHARACTERISTICS.DYNAMIC_BASE in binary.optional_header.dll_characteristics_lists @@ -172,7 +183,7 @@ def check_NX(binary) -> bool: ''' return binary.has_nx -def check_control_flow(binary) -> bool: +def check_MACHO_control_flow(binary) -> bool: ''' Check for control flow instrumentation ''' @@ -205,12 +216,12 @@ BASE_MACHO = [ ('NX', check_NX), ('LAZY_BINDINGS', check_MACHO_LAZY_BINDINGS), ('Canary', check_MACHO_Canary), - ('CONTROL_FLOW', check_control_flow), + ('CONTROL_FLOW', check_MACHO_control_flow), ] CHECKS = { lief.EXE_FORMATS.ELF: { - lief.ARCHITECTURES.X86: BASE_ELF, + lief.ARCHITECTURES.X86: BASE_ELF + [('CONTROL_FLOW', check_ELF_control_flow)], lief.ARCHITECTURES.ARM: BASE_ELF, lief.ARCHITECTURES.ARM64: BASE_ELF, lief.ARCHITECTURES.PPC: BASE_ELF, |