CheckSec Enabled VS Disabled
Sangharsha2 min read
| ๐ Protection | Enabled โ | Disabled โ | Impact for Hackers/RE |
| RELRO | Full RELRO โ GOT is read-only after startup. No GOT overwrite. Partial RELRO โ GOT is writable until after relocations. | No RELRO โ GOT stays writable. You can overwrite GOT entries for function hijacking (like puts โ system). | Enabled: GOT overwrite โ Blocked. Disabled: GOT overwrite โ Open Season. |
| Stack Canary | Found โ Canary placed before RBP. Stack-smash detected before RET. | No Canary โ Stack buffer overflows โ Wide Open. | Enabled: Overflows crash before control hijack.Disabled: Direct RIP overwrite โ Shell or crash. |
| NX (DEP) | NX Enabled โ Stack/heap/code pages Non-Executable. No shellcode injection. | NX Disabled โ Stack/heap can contain executable code. | Enabled: Use ROP, ret2libc. No shellcode on stack.Disabled: Drop shellcode anywhere (stack/heap) โ Profit. |
| PIE (ASLR for .text) | PIE Enabled โ Binary loads at random base each run. .text/.data randomized. | PIE Disabled โ Binary loads at fixed address every time. | Enabled: Must leak/predict PIE base for ROP, patching, dynamic reversing.Disabled: Hardcoded addresses = Easy game. |
| SHSTK (Shadow Stack) | Enabled โ Hardware enforces a protected stack of return addresses. Stops RET overwrite. | Disabled โ No protection on return addresses. | Enabled: Return Address โ Guarded. Can't smash RET.Disabled: Classic ROP โ Open. |
| IBT (Indirect Branch Tracking) | Enabled โ Hardware blocks JMP/CALL to invalid locations (mitigates JOP/ROP). | Disabled โ No protection on indirect jumps/calls. | Enabled: Must use valid indirect call targets.Disabled: Unrestricted JOP/ROP gadgets. |
| Stripped | Yes โ No function names, no symbols. All functions = sub_xxxxx | No โ Symbols like main, memcmp, etc. present. | Stripped: Reverse blind, heavy guessing.Not Stripped: Easy AF to navigate and understand. |
0
Subscribe to my newsletter
Read articles from Sangharsha directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by
Sangharsha
Sangharsha
Aspiring developer and security enthusiast.