check if PIE is enable in python












0















Here since yesterday I look at how to detect if the protection "PIE" is activated. For that I analyzed the output of the relocation entries to see if _ITM_deregisterTMClone is present or not. Is there a better way to detect PIE without going through a readelf output?



Here is what I currently have :



def display_pie(counter):
if (counter == 1):
print("Pie : Enable")
else:
print("Pie: No PIE")

def check_file_pie(data_file):
data =
data2 =
result =
ctn = 0
check = subprocess.Popen(["readelf", "-r", data_file],
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
result = check.stdout.readlines()
for x in result:
data.append(list(x))
for lines in data:
data2.append("".join(map(chr, lines)))
for new_lines in data2:
if "_ITM_deregisterTMClone" in new_lines:
ctn += 1
display_pie(ctn)


Thank you it's quite technical so if someone can explain me a better way to check the Executable Independent Position, I'm interested!










share|improve this question



























    0















    Here since yesterday I look at how to detect if the protection "PIE" is activated. For that I analyzed the output of the relocation entries to see if _ITM_deregisterTMClone is present or not. Is there a better way to detect PIE without going through a readelf output?



    Here is what I currently have :



    def display_pie(counter):
    if (counter == 1):
    print("Pie : Enable")
    else:
    print("Pie: No PIE")

    def check_file_pie(data_file):
    data =
    data2 =
    result =
    ctn = 0
    check = subprocess.Popen(["readelf", "-r", data_file],
    stdout=subprocess.PIPE,
    stderr=subprocess.PIPE)
    result = check.stdout.readlines()
    for x in result:
    data.append(list(x))
    for lines in data:
    data2.append("".join(map(chr, lines)))
    for new_lines in data2:
    if "_ITM_deregisterTMClone" in new_lines:
    ctn += 1
    display_pie(ctn)


    Thank you it's quite technical so if someone can explain me a better way to check the Executable Independent Position, I'm interested!










    share|improve this question

























      0












      0








      0








      Here since yesterday I look at how to detect if the protection "PIE" is activated. For that I analyzed the output of the relocation entries to see if _ITM_deregisterTMClone is present or not. Is there a better way to detect PIE without going through a readelf output?



      Here is what I currently have :



      def display_pie(counter):
      if (counter == 1):
      print("Pie : Enable")
      else:
      print("Pie: No PIE")

      def check_file_pie(data_file):
      data =
      data2 =
      result =
      ctn = 0
      check = subprocess.Popen(["readelf", "-r", data_file],
      stdout=subprocess.PIPE,
      stderr=subprocess.PIPE)
      result = check.stdout.readlines()
      for x in result:
      data.append(list(x))
      for lines in data:
      data2.append("".join(map(chr, lines)))
      for new_lines in data2:
      if "_ITM_deregisterTMClone" in new_lines:
      ctn += 1
      display_pie(ctn)


      Thank you it's quite technical so if someone can explain me a better way to check the Executable Independent Position, I'm interested!










      share|improve this question














      Here since yesterday I look at how to detect if the protection "PIE" is activated. For that I analyzed the output of the relocation entries to see if _ITM_deregisterTMClone is present or not. Is there a better way to detect PIE without going through a readelf output?



      Here is what I currently have :



      def display_pie(counter):
      if (counter == 1):
      print("Pie : Enable")
      else:
      print("Pie: No PIE")

      def check_file_pie(data_file):
      data =
      data2 =
      result =
      ctn = 0
      check = subprocess.Popen(["readelf", "-r", data_file],
      stdout=subprocess.PIPE,
      stderr=subprocess.PIPE)
      result = check.stdout.readlines()
      for x in result:
      data.append(list(x))
      for lines in data:
      data2.append("".join(map(chr, lines)))
      for new_lines in data2:
      if "_ITM_deregisterTMClone" in new_lines:
      ctn += 1
      display_pie(ctn)


      Thank you it's quite technical so if someone can explain me a better way to check the Executable Independent Position, I'm interested!







      python file elf






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Nov 26 '18 at 15:13









      stack_42stack_42

      31




      31
























          2 Answers
          2






          active

          oldest

          votes


















          0














          You can use pyelftools to check if the ELF is a shared object and if the image base address is zero:



          def is_pie(filename):
          from elftools.elf.elffile import ELFFile
          with open(filename, 'rb') as file:
          elffile = ELFFile(file)
          base_address = next(seg for seg in elffile.iter_segments() if seg['p_type'] == "PT_LOAD")['p_vaddr']
          return elffile.elftype == 'DYN' and base_address == 0





          share|improve this answer


























          • thanks, why look at this basic address? I have this error '' ELFFile 'object has no attribute' segments ''

            – stack_42
            Nov 26 '18 at 16:47











          • I edit the code to work on the latest pyelftools. The check for a non-zero base is because of this: lore.kernel.org/patchwork/patch/426253

            – John
            Nov 26 '18 at 19:37



















          0














          You can use pwntools, which has functionality for manipulating ELF files. Example usage:



          >>> from pwn import *
          >>> e = ELF('your-elf-file')
          >>> e.pie
          True


          If you want to know how it is implemented, you can find the source code here.






          share|improve this answer


























          • yes I know this tools well I can even find it with radare2 if I want but my goal to ask for a better method of implementation of what I did above and explain to me precisely what are things added when this PIE.

            – stack_42
            Nov 26 '18 at 15:56











          Your Answer






          StackExchange.ifUsing("editor", function () {
          StackExchange.using("externalEditor", function () {
          StackExchange.using("snippets", function () {
          StackExchange.snippets.init();
          });
          });
          }, "code-snippets");

          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "1"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53484093%2fcheck-if-pie-is-enable-in-python%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          2 Answers
          2






          active

          oldest

          votes








          2 Answers
          2






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes









          0














          You can use pyelftools to check if the ELF is a shared object and if the image base address is zero:



          def is_pie(filename):
          from elftools.elf.elffile import ELFFile
          with open(filename, 'rb') as file:
          elffile = ELFFile(file)
          base_address = next(seg for seg in elffile.iter_segments() if seg['p_type'] == "PT_LOAD")['p_vaddr']
          return elffile.elftype == 'DYN' and base_address == 0





          share|improve this answer


























          • thanks, why look at this basic address? I have this error '' ELFFile 'object has no attribute' segments ''

            – stack_42
            Nov 26 '18 at 16:47











          • I edit the code to work on the latest pyelftools. The check for a non-zero base is because of this: lore.kernel.org/patchwork/patch/426253

            – John
            Nov 26 '18 at 19:37
















          0














          You can use pyelftools to check if the ELF is a shared object and if the image base address is zero:



          def is_pie(filename):
          from elftools.elf.elffile import ELFFile
          with open(filename, 'rb') as file:
          elffile = ELFFile(file)
          base_address = next(seg for seg in elffile.iter_segments() if seg['p_type'] == "PT_LOAD")['p_vaddr']
          return elffile.elftype == 'DYN' and base_address == 0





          share|improve this answer


























          • thanks, why look at this basic address? I have this error '' ELFFile 'object has no attribute' segments ''

            – stack_42
            Nov 26 '18 at 16:47











          • I edit the code to work on the latest pyelftools. The check for a non-zero base is because of this: lore.kernel.org/patchwork/patch/426253

            – John
            Nov 26 '18 at 19:37














          0












          0








          0







          You can use pyelftools to check if the ELF is a shared object and if the image base address is zero:



          def is_pie(filename):
          from elftools.elf.elffile import ELFFile
          with open(filename, 'rb') as file:
          elffile = ELFFile(file)
          base_address = next(seg for seg in elffile.iter_segments() if seg['p_type'] == "PT_LOAD")['p_vaddr']
          return elffile.elftype == 'DYN' and base_address == 0





          share|improve this answer















          You can use pyelftools to check if the ELF is a shared object and if the image base address is zero:



          def is_pie(filename):
          from elftools.elf.elffile import ELFFile
          with open(filename, 'rb') as file:
          elffile = ELFFile(file)
          base_address = next(seg for seg in elffile.iter_segments() if seg['p_type'] == "PT_LOAD")['p_vaddr']
          return elffile.elftype == 'DYN' and base_address == 0






          share|improve this answer














          share|improve this answer



          share|improve this answer








          edited Nov 26 '18 at 19:59

























          answered Nov 26 '18 at 15:57









          JohnJohn

          673413




          673413













          • thanks, why look at this basic address? I have this error '' ELFFile 'object has no attribute' segments ''

            – stack_42
            Nov 26 '18 at 16:47











          • I edit the code to work on the latest pyelftools. The check for a non-zero base is because of this: lore.kernel.org/patchwork/patch/426253

            – John
            Nov 26 '18 at 19:37



















          • thanks, why look at this basic address? I have this error '' ELFFile 'object has no attribute' segments ''

            – stack_42
            Nov 26 '18 at 16:47











          • I edit the code to work on the latest pyelftools. The check for a non-zero base is because of this: lore.kernel.org/patchwork/patch/426253

            – John
            Nov 26 '18 at 19:37

















          thanks, why look at this basic address? I have this error '' ELFFile 'object has no attribute' segments ''

          – stack_42
          Nov 26 '18 at 16:47





          thanks, why look at this basic address? I have this error '' ELFFile 'object has no attribute' segments ''

          – stack_42
          Nov 26 '18 at 16:47













          I edit the code to work on the latest pyelftools. The check for a non-zero base is because of this: lore.kernel.org/patchwork/patch/426253

          – John
          Nov 26 '18 at 19:37





          I edit the code to work on the latest pyelftools. The check for a non-zero base is because of this: lore.kernel.org/patchwork/patch/426253

          – John
          Nov 26 '18 at 19:37













          0














          You can use pwntools, which has functionality for manipulating ELF files. Example usage:



          >>> from pwn import *
          >>> e = ELF('your-elf-file')
          >>> e.pie
          True


          If you want to know how it is implemented, you can find the source code here.






          share|improve this answer


























          • yes I know this tools well I can even find it with radare2 if I want but my goal to ask for a better method of implementation of what I did above and explain to me precisely what are things added when this PIE.

            – stack_42
            Nov 26 '18 at 15:56
















          0














          You can use pwntools, which has functionality for manipulating ELF files. Example usage:



          >>> from pwn import *
          >>> e = ELF('your-elf-file')
          >>> e.pie
          True


          If you want to know how it is implemented, you can find the source code here.






          share|improve this answer


























          • yes I know this tools well I can even find it with radare2 if I want but my goal to ask for a better method of implementation of what I did above and explain to me precisely what are things added when this PIE.

            – stack_42
            Nov 26 '18 at 15:56














          0












          0








          0







          You can use pwntools, which has functionality for manipulating ELF files. Example usage:



          >>> from pwn import *
          >>> e = ELF('your-elf-file')
          >>> e.pie
          True


          If you want to know how it is implemented, you can find the source code here.






          share|improve this answer















          You can use pwntools, which has functionality for manipulating ELF files. Example usage:



          >>> from pwn import *
          >>> e = ELF('your-elf-file')
          >>> e.pie
          True


          If you want to know how it is implemented, you can find the source code here.







          share|improve this answer














          share|improve this answer



          share|improve this answer








          edited Nov 26 '18 at 15:55

























          answered Nov 26 '18 at 15:48









          BioGeekBioGeek

          12k1861108




          12k1861108













          • yes I know this tools well I can even find it with radare2 if I want but my goal to ask for a better method of implementation of what I did above and explain to me precisely what are things added when this PIE.

            – stack_42
            Nov 26 '18 at 15:56



















          • yes I know this tools well I can even find it with radare2 if I want but my goal to ask for a better method of implementation of what I did above and explain to me precisely what are things added when this PIE.

            – stack_42
            Nov 26 '18 at 15:56

















          yes I know this tools well I can even find it with radare2 if I want but my goal to ask for a better method of implementation of what I did above and explain to me precisely what are things added when this PIE.

          – stack_42
          Nov 26 '18 at 15:56





          yes I know this tools well I can even find it with radare2 if I want but my goal to ask for a better method of implementation of what I did above and explain to me precisely what are things added when this PIE.

          – stack_42
          Nov 26 '18 at 15:56


















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Stack Overflow!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53484093%2fcheck-if-pie-is-enable-in-python%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          Popular posts from this blog

          A CLEAN and SIMPLE way to add appendices to Table of Contents and bookmarks

          Calculate evaluation metrics using cross_val_predict sklearn

          Insert data from modal to MySQL (multiple modal on website)