diff options
author | Cyrille Bagard <nocbos@gmail.com> | 2018-12-27 22:35:39 (GMT) |
---|---|---|
committer | Cyrille Bagard <nocbos@gmail.com> | 2018-12-27 22:35:39 (GMT) |
commit | 865f6d87f3bce7f569343382c3dfd1bc68dcacee (patch) | |
tree | 64869be2c5e7ad9285829b48ba7f7b446d73e3ec /plugins/python/checksec/plugin.py | |
parent | d33e8935c5186ab2459dfa6c9340396377524fb1 (diff) |
Displayed mitigations for Elf files using a new Python plugin.
Diffstat (limited to 'plugins/python/checksec/plugin.py')
-rw-r--r-- | plugins/python/checksec/plugin.py | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/plugins/python/checksec/plugin.py b/plugins/python/checksec/plugin.py new file mode 100644 index 0000000..6efb9b5 --- /dev/null +++ b/plugins/python/checksec/plugin.py @@ -0,0 +1,39 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +from .mitigations import ElfMitigations +from pychrysalide import PluginModule +from pychrysalide.core import log_message, LMT_INFO +from pychrysalide.format.elf import ElfFormat + + +class CheckSec(PluginModule): + """Check for Elf mititgations.""" + + def get_interface(self): + """Provide the full plugin description.""" + + desc = { + + 'name' : 'CheckSec', + 'desc' : 'Output the exploit mitigations compiled with a loaded binary', + 'version' : '0.1', + + 'actions' : [ PluginModule.PGA_FORMAT_POST_ANALYSIS_ENDED ] + + } + + return desc + + + def handle_format_analysis(self, action, format, gid, status): + """Get notified at the end of format analysis.""" + + if type(format) == ElfFormat: + + m = ElfMitigations(format) + + msg = 'Elf mitigations: NX: <b>%s</b> PIE: <b>%s</b> RelRO: <b>%s</b> Canary: <b>%s</b>' \ + % (m._nx, m._pie, m._relro, m._canary) + + self.log_message(LMT_INFO, msg) |