checksec.py icon indicating copy to clipboard operation
checksec.py copied to clipboard
verified publisher icon Wenzel

[ELF/PE/Mach-O] Brainstorming: Add checks for unstripped symbols/debug sections/profiling sections/embedded bitcode/...

Open SektorROM opened this issue 5 years ago • 0 comments

Hi,

as suggested by @Wenzel , here a brainstorming post regarding a potentially interesting new feature:

Adding checks to detect: -unstripped symbols -unremoved debug information -unremoved profiling instrumentation -unremoved coverage instrumentation -unremoved embedded LLVM bitcode ...

Rationale: Besides checking for compiler hardening flags, it could be useful for developers to check for above points, before releasing a binary as to not disclose sensitive information. On the other hand, this can be also useful for reverse engineering, as those points may give further inside into the code.

Implementation: Check for presence of corresponding section/segment names "debug_", "_llvm_prf", ... or certain symbols "_llvm_profile*", ...

Agree/Disagree/Discussion or concrete ideas for checks?

SektorROM avatar Feb 01 '21 17:02 SektorROM