checksec.sh

Modern Linux distributions offer some mitigation techniques to make it harder to exploit software vulnerabilities reliably. Mitigations such as RELRO, NoExecute (NX), Stack Canaries, Address Space Layout Randomization (ASLR) and Position Independent Executables (PIE) have made reliably exploiting any vulnerabilities that do exist far more challenging. The checksec.sh script is designed to test what standard Linux OS and PaX security features are being used.

As of version 1.3 the script also lists the status of various Linux kernel protection mechanisms.

Examples

See my blog for some examples.

Download

You can download the latest version 1.5 of checksec.sh here.

FAQ

Q: What prerequisites do you need to run checksec.sh?
A: To use checksec.sh you are required to use bash version 3.2 or higher. Furthermore, the 'readelf' system command is necessary for most of the checks. Some Linux distributions (e.g. Ubuntu Server Edition 11.10 and Fedora 16) come without this command in the default installation. On these systems, it is necessary to install the 'binutils' package that includes the 'readelf' command.

Q: When I try to run checksec.sh I get the error message '-bash: ./checksec.sh: Permission denied'. What am I doing wrong?
A: You have to make the script executable with the following command: chmod +x checksec.sh

Q: Which Linux distributions are supported?
A: checksec.sh should work on all Linux distributions. I successfully tested the script under Ubuntu Desktop and Server Edition, Fedora, openSUSE and Gentoo (Hardened).

History and Changes

[17-Nov-2011] checksec.sh v1.5 has been released. Here are the changes.
[14-Jan-2011] checksec.sh v1.4 has been released.
[15-Jun-2010] checksec.sh v1.3.1 has been released.
[04-May-2010] checksec.sh v1.3 has been released.
[02-Jan-2010] checksec.sh v1.2 has been released.
[27-Dec-2009] checksec.sh v1.1 has been released.
[28-Jan-2009] Initial release of checksec.sh v1.0.