Examining Binaries
Last updated
Last updated
run the file
command!
Check what kind of security features are enabled
Check the properties of a binary with Checksec.
Output example from their repo:
Check binaries for security hardening features. I find it less reliable when it comes to RELRO.
Included in the devscripts package on debian-based distros.
gef has a pretty neat checksec
command.
strings <FILE>
- look for any readable clue.
objdump -x <FILE> | less
- Information about the file, headers, sections and more. pipe for easy reading.
strace <FILE>
- examine syscalls in the binary.
ltrace <FILE>
- examine library calls in the binary.