[−][src]Struct checksec::pe::PECheckSecResults
Checksec result struct for PE32/32+ binaries
Example
use checksec::pe::PEProperties; use goblin::pe::PE; use memmap::Mmap; use std::fs; pub fn print_results(binary: &String) { if let Ok(fp) = fs::File::open(&binary) { if let Ok(buf) = unsafe { Mmap::map(&fp) } { if let Ok(obj) = Object::parse(&buf) { match obj { Object::PE(pe) => println!( "{:#?}", PECheckSecResults::parse(&pe, &buf) ), _ => println!("Not an pe binary."), } } } } }
Some of the mitigations/security features that are checked require access to the underlying binary file to parse, so both the goblin object and a read-only memory-mapped version of the original file must be provided for evaluating PE32/32+ binaries.
Fields
aslr: ASLR
Address Space Layout Randomization
authenticode: bool
Authenticode
cfg: bool
Control Flow Guard (/guard:cf
)
clr: bool
Common Language Runtime (.NET Framework)
dep: bool
Data Execution Prevention
dynamic_base: bool
Dynamic Base
force_integrity: bool
Force Integrity (/INTEGRITYCHECK
)
gs: bool
Buffer Security Check (/GS
)
high_entropy_va: bool
64-bit ASLR (/HIGHENTROPYVA
)
isolation: bool
Allow Isolation (/ALLOWISOLATION
)
rfg: bool
Return Flow Guard
safeseh: bool
Safe Structured Exception Handler (/SAFESEH
)
seh: bool
Structured Exception Handler
Methods
impl PECheckSecResults
[src]
pub fn parse(pe: &PE, buffer: &Mmap) -> PECheckSecResults
[src]
Trait Implementations
impl Debug for PECheckSecResults
[src]
impl<'de> Deserialize<'de> for PECheckSecResults
[src]
fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error> where
__D: Deserializer<'de>,
[src]
__D: Deserializer<'de>,
impl Display for PECheckSecResults
[src]
impl Serialize for PECheckSecResults
[src]
Auto Trait Implementations
impl RefUnwindSafe for PECheckSecResults
impl Send for PECheckSecResults
impl Sync for PECheckSecResults
impl Unpin for PECheckSecResults
impl UnwindSafe for PECheckSecResults
Blanket Implementations
impl<T> Any for T where
T: 'static + ?Sized,
[src]
T: 'static + ?Sized,
impl<T> Borrow<T> for T where
T: ?Sized,
[src]
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
[src]
T: ?Sized,
fn borrow_mut(&mut self) -> &mut T
[src]
impl<T> DeserializeOwned for T where
T: for<'de> Deserialize<'de>,
[src]
T: for<'de> Deserialize<'de>,
impl<T> From<T> for T
[src]
impl<T, U> Into<U> for T where
U: From<T>,
[src]
U: From<T>,
impl<T> ToString for T where
T: Display + ?Sized,
[src]
T: Display + ?Sized,
impl<T, U> TryFrom<U> for T where
U: Into<T>,
[src]
U: Into<T>,
type Error = Infallible
The type returned in the event of a conversion error.
fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>
[src]
impl<T, U> TryInto<U> for T where
U: TryFrom<T>,
[src]
U: TryFrom<T>,