checksec in the debugger about ideas HOT 18 OPEN

We already have some informations in i, like PIE, RELRO, canary, …

from ideas.

Yes. But you have to go lib by lib in hand to automatize this and extract the info from all the libs loaded in memory. So this can be done with a script using #!pipe (choose python or js) its an easy task, probably suitable for rsoc

On 21 Mar 2015, at 15:33, jvoisin [email protected] wrote:

We already have some informations in i, like ASLR, RELRO, canary, …

—
Reply to this email directly or view it on GitHub.

from ideas.

R2-pipe python must implement an open in debugging mode before doing this

from ideas.

Wat?

On 22 Mar 2015, at 14:31, Maijin [email protected] wrote:

R2-pipe python must implement an open in debugging mode before doing this

—
Reply to this email directly or view it on GitHub.

from ideas.

What makes you think this is not already done?

On 22 Mar 2015, at 14:31, Maijin [email protected] wrote:

R2-pipe python must implement an open in debugging mode before doing this

—
Reply to this email directly or view it on GitHub.

from ideas.

The code ? https://github.com/radare/radare2-bindings/tree/master/r2pipe/python

from ideas.

#!pipe python foo.py

In foo.py just do:

R= r2pipe.open('#!pipe')
DbgMaps = R.cmdj("dmj")

On 22 Mar 2015, at 18:28, Maijin [email protected] wrote:

? https://github.com/radare/radare2-bindings/tree/master/r2pipe/python

—
Reply to this email directly or view it on GitHub.

from ideas.

well you can't spawn a debugger session with r2pipe directly now, do you
want to propose a new .debug() method instead of the .open() one? bear
in mind that we can also statically debug with ESIL.

On 03/22/2015 06:28 PM, Maijin wrote:

? https://github.com/radare/radare2-bindings/tree/master/r2pipe/python

---

Reply to this email directly or view it on GitHub:
https://github.com/radare/radare2/issues/2218#issuecomment-84660058

from ideas.

Will be good if we can use option in rabin2 for print only security info like in checksec:

$ checksec.sh --file /bin/ls
RELRO           STACK CANARY      NX            PIE             RPATH      RUNPATH      FILE
Partial RELRO   Canary found      NX enabled    No PIE          No RPATH   No RUNPATH   /bin/ls

And if we use own names for this options than add old (from checksec) names near in () symbols

from ideas.

Which one do u propose? Isnt that already in -I?

On 09 Feb 2016, at 09:05, Boris Ryutin [email protected] wrote:

Will be good if we can use option in rabin2 for print only security info like in checksec:

$ checksec.sh --file /bin/ls
RELRO STACK CANARY NX PIE RPATH RUNPATH FILE
Partial RELRO Canary found NX enabled No PIE No RPATH No RUNPATH /bin/ls
And if we use own names for this options than add old (from checksec) names near in () symbols

—
Reply to this email directly or view it on GitHub.

from ideas.

output for RELRO like in checksec, for example, and may be change sort order - this options will be place first

from ideas.

@monosource in his blog post used filter with ~

[0x7f5082528cc0]> i~pic,canary,nx,crypto,stripped,static,relocs
pic      false
canary   true
nx       true
crypto   false
stripped true
static   false
relocs   false

It's a same thing that I propose above, so maybe add option (new symbol) for i command

from ideas.

Need a letter ?

from ideas.

Need a command like checksec :)

from ideas.

Why?

On 6 Nov 2016, at 12:52, Boris Ryutin [email protected] wrote:

Need a command like checksec :)

—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub, or mute the thread.

from ideas.

Don't forget ik~relro that is saved in sdb. The info is already there i don't see the need of a new command for that either create a macro or r2pipe to get info with the desired format.

from ideas.

This is also related to rbin support for loading binary headers from memory

from ideas.

This issue has been moved from radareorg/radare2 to radareorg/ideas as we are trying to clean our backlog and this issue has probably been created a long while ago. This is an effort to help contributors understand what are the actionable items they can work on, prioritize issues better and help users find active/duplicated issues more easily. If this is not an enhancement/improvement/general idea but a bug, feel free to ask for re-transfer to main repo. Thanks for your understanding and contribution with this issue.

from ideas.