check if PIE is enable in python
Here since yesterday I look at how to detect if the protection "PIE" is activated. For that I analyzed the output of the relocation entries to see if _ITM_deregisterTMClone is present or not. Is there a better way to detect PIE without going through a readelf output?
Here is what I currently have :
def display_pie(counter):
if (counter == 1):
print("Pie : Enable")
else:
print("Pie: No PIE")
def check_file_pie(data_file):
data =
data2 =
result =
ctn = 0
check = subprocess.Popen(["readelf", "-r", data_file],
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
result = check.stdout.readlines()
for x in result:
data.append(list(x))
for lines in data:
data2.append("".join(map(chr, lines)))
for new_lines in data2:
if "_ITM_deregisterTMClone" in new_lines:
ctn += 1
display_pie(ctn)
Thank you it's quite technical so if someone can explain me a better way to check the Executable Independent Position, I'm interested!
python file elf
add a comment |
Here since yesterday I look at how to detect if the protection "PIE" is activated. For that I analyzed the output of the relocation entries to see if _ITM_deregisterTMClone is present or not. Is there a better way to detect PIE without going through a readelf output?
Here is what I currently have :
def display_pie(counter):
if (counter == 1):
print("Pie : Enable")
else:
print("Pie: No PIE")
def check_file_pie(data_file):
data =
data2 =
result =
ctn = 0
check = subprocess.Popen(["readelf", "-r", data_file],
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
result = check.stdout.readlines()
for x in result:
data.append(list(x))
for lines in data:
data2.append("".join(map(chr, lines)))
for new_lines in data2:
if "_ITM_deregisterTMClone" in new_lines:
ctn += 1
display_pie(ctn)
Thank you it's quite technical so if someone can explain me a better way to check the Executable Independent Position, I'm interested!
python file elf
add a comment |
Here since yesterday I look at how to detect if the protection "PIE" is activated. For that I analyzed the output of the relocation entries to see if _ITM_deregisterTMClone is present or not. Is there a better way to detect PIE without going through a readelf output?
Here is what I currently have :
def display_pie(counter):
if (counter == 1):
print("Pie : Enable")
else:
print("Pie: No PIE")
def check_file_pie(data_file):
data =
data2 =
result =
ctn = 0
check = subprocess.Popen(["readelf", "-r", data_file],
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
result = check.stdout.readlines()
for x in result:
data.append(list(x))
for lines in data:
data2.append("".join(map(chr, lines)))
for new_lines in data2:
if "_ITM_deregisterTMClone" in new_lines:
ctn += 1
display_pie(ctn)
Thank you it's quite technical so if someone can explain me a better way to check the Executable Independent Position, I'm interested!
python file elf
Here since yesterday I look at how to detect if the protection "PIE" is activated. For that I analyzed the output of the relocation entries to see if _ITM_deregisterTMClone is present or not. Is there a better way to detect PIE without going through a readelf output?
Here is what I currently have :
def display_pie(counter):
if (counter == 1):
print("Pie : Enable")
else:
print("Pie: No PIE")
def check_file_pie(data_file):
data =
data2 =
result =
ctn = 0
check = subprocess.Popen(["readelf", "-r", data_file],
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
result = check.stdout.readlines()
for x in result:
data.append(list(x))
for lines in data:
data2.append("".join(map(chr, lines)))
for new_lines in data2:
if "_ITM_deregisterTMClone" in new_lines:
ctn += 1
display_pie(ctn)
Thank you it's quite technical so if someone can explain me a better way to check the Executable Independent Position, I'm interested!
python file elf
python file elf
asked Nov 26 '18 at 15:13
stack_42stack_42
31
31
add a comment |
add a comment |
2 Answers
2
active
oldest
votes
You can use pyelftools to check if the ELF is a shared object and if the image base address is zero:
def is_pie(filename):
from elftools.elf.elffile import ELFFile
with open(filename, 'rb') as file:
elffile = ELFFile(file)
base_address = next(seg for seg in elffile.iter_segments() if seg['p_type'] == "PT_LOAD")['p_vaddr']
return elffile.elftype == 'DYN' and base_address == 0
thanks, why look at this basic address? I have this error '' ELFFile 'object has no attribute' segments ''
– stack_42
Nov 26 '18 at 16:47
I edit the code to work on the latestpyelftools
. The check for a non-zero base is because of this: lore.kernel.org/patchwork/patch/426253
– John
Nov 26 '18 at 19:37
add a comment |
You can use pwntools, which has functionality for manipulating ELF files. Example usage:
>>> from pwn import *
>>> e = ELF('your-elf-file')
>>> e.pie
True
If you want to know how it is implemented, you can find the source code here.
yes I know this tools well I can even find it with radare2 if I want but my goal to ask for a better method of implementation of what I did above and explain to me precisely what are things added when this PIE.
– stack_42
Nov 26 '18 at 15:56
add a comment |
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53484093%2fcheck-if-pie-is-enable-in-python%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
You can use pyelftools to check if the ELF is a shared object and if the image base address is zero:
def is_pie(filename):
from elftools.elf.elffile import ELFFile
with open(filename, 'rb') as file:
elffile = ELFFile(file)
base_address = next(seg for seg in elffile.iter_segments() if seg['p_type'] == "PT_LOAD")['p_vaddr']
return elffile.elftype == 'DYN' and base_address == 0
thanks, why look at this basic address? I have this error '' ELFFile 'object has no attribute' segments ''
– stack_42
Nov 26 '18 at 16:47
I edit the code to work on the latestpyelftools
. The check for a non-zero base is because of this: lore.kernel.org/patchwork/patch/426253
– John
Nov 26 '18 at 19:37
add a comment |
You can use pyelftools to check if the ELF is a shared object and if the image base address is zero:
def is_pie(filename):
from elftools.elf.elffile import ELFFile
with open(filename, 'rb') as file:
elffile = ELFFile(file)
base_address = next(seg for seg in elffile.iter_segments() if seg['p_type'] == "PT_LOAD")['p_vaddr']
return elffile.elftype == 'DYN' and base_address == 0
thanks, why look at this basic address? I have this error '' ELFFile 'object has no attribute' segments ''
– stack_42
Nov 26 '18 at 16:47
I edit the code to work on the latestpyelftools
. The check for a non-zero base is because of this: lore.kernel.org/patchwork/patch/426253
– John
Nov 26 '18 at 19:37
add a comment |
You can use pyelftools to check if the ELF is a shared object and if the image base address is zero:
def is_pie(filename):
from elftools.elf.elffile import ELFFile
with open(filename, 'rb') as file:
elffile = ELFFile(file)
base_address = next(seg for seg in elffile.iter_segments() if seg['p_type'] == "PT_LOAD")['p_vaddr']
return elffile.elftype == 'DYN' and base_address == 0
You can use pyelftools to check if the ELF is a shared object and if the image base address is zero:
def is_pie(filename):
from elftools.elf.elffile import ELFFile
with open(filename, 'rb') as file:
elffile = ELFFile(file)
base_address = next(seg for seg in elffile.iter_segments() if seg['p_type'] == "PT_LOAD")['p_vaddr']
return elffile.elftype == 'DYN' and base_address == 0
edited Nov 26 '18 at 19:59
answered Nov 26 '18 at 15:57
JohnJohn
673413
673413
thanks, why look at this basic address? I have this error '' ELFFile 'object has no attribute' segments ''
– stack_42
Nov 26 '18 at 16:47
I edit the code to work on the latestpyelftools
. The check for a non-zero base is because of this: lore.kernel.org/patchwork/patch/426253
– John
Nov 26 '18 at 19:37
add a comment |
thanks, why look at this basic address? I have this error '' ELFFile 'object has no attribute' segments ''
– stack_42
Nov 26 '18 at 16:47
I edit the code to work on the latestpyelftools
. The check for a non-zero base is because of this: lore.kernel.org/patchwork/patch/426253
– John
Nov 26 '18 at 19:37
thanks, why look at this basic address? I have this error '' ELFFile 'object has no attribute' segments ''
– stack_42
Nov 26 '18 at 16:47
thanks, why look at this basic address? I have this error '' ELFFile 'object has no attribute' segments ''
– stack_42
Nov 26 '18 at 16:47
I edit the code to work on the latest
pyelftools
. The check for a non-zero base is because of this: lore.kernel.org/patchwork/patch/426253– John
Nov 26 '18 at 19:37
I edit the code to work on the latest
pyelftools
. The check for a non-zero base is because of this: lore.kernel.org/patchwork/patch/426253– John
Nov 26 '18 at 19:37
add a comment |
You can use pwntools, which has functionality for manipulating ELF files. Example usage:
>>> from pwn import *
>>> e = ELF('your-elf-file')
>>> e.pie
True
If you want to know how it is implemented, you can find the source code here.
yes I know this tools well I can even find it with radare2 if I want but my goal to ask for a better method of implementation of what I did above and explain to me precisely what are things added when this PIE.
– stack_42
Nov 26 '18 at 15:56
add a comment |
You can use pwntools, which has functionality for manipulating ELF files. Example usage:
>>> from pwn import *
>>> e = ELF('your-elf-file')
>>> e.pie
True
If you want to know how it is implemented, you can find the source code here.
yes I know this tools well I can even find it with radare2 if I want but my goal to ask for a better method of implementation of what I did above and explain to me precisely what are things added when this PIE.
– stack_42
Nov 26 '18 at 15:56
add a comment |
You can use pwntools, which has functionality for manipulating ELF files. Example usage:
>>> from pwn import *
>>> e = ELF('your-elf-file')
>>> e.pie
True
If you want to know how it is implemented, you can find the source code here.
You can use pwntools, which has functionality for manipulating ELF files. Example usage:
>>> from pwn import *
>>> e = ELF('your-elf-file')
>>> e.pie
True
If you want to know how it is implemented, you can find the source code here.
edited Nov 26 '18 at 15:55
answered Nov 26 '18 at 15:48
BioGeekBioGeek
12k1861108
12k1861108
yes I know this tools well I can even find it with radare2 if I want but my goal to ask for a better method of implementation of what I did above and explain to me precisely what are things added when this PIE.
– stack_42
Nov 26 '18 at 15:56
add a comment |
yes I know this tools well I can even find it with radare2 if I want but my goal to ask for a better method of implementation of what I did above and explain to me precisely what are things added when this PIE.
– stack_42
Nov 26 '18 at 15:56
yes I know this tools well I can even find it with radare2 if I want but my goal to ask for a better method of implementation of what I did above and explain to me precisely what are things added when this PIE.
– stack_42
Nov 26 '18 at 15:56
yes I know this tools well I can even find it with radare2 if I want but my goal to ask for a better method of implementation of what I did above and explain to me precisely what are things added when this PIE.
– stack_42
Nov 26 '18 at 15:56
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53484093%2fcheck-if-pie-is-enable-in-python%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown