Mitigations detection

Since the Smashing The Stack For Fun And Profit article from Aleph1, a lot has been done on mitigation side: canaries, DEP/W^X, PIC (to allow ASLR), RELRO, SafeSEH, … Because radare2 is also designed to be a present in the exploit writer arsenal, jvoisin implemented detection for some of those mitigations. GNU/Linux GCC’s canary implementation can be detected by the presence of the __stack_chk_fail function. It is used to terminate a function, in case of stack overflow.
Uncategorized