live_helium_693c23ae
liblzma.so.5.6.0 | 319feb5a9cddd81955d915b5632b4a5f8f9080281fb46e2f6d69d53f693c23ae
247.80 KB
ELF Executable
Enabled
No eXecute
NX (No eXecute) indicates that the binary has a non-executable stack/heap (i.e., Data Execution Prevention). This prevents code from running in data sections of the process.
DSO
Position Independent Executable
Position Independent Executable (PIE) indicates that the binary is compiled with position-independent code, allowing it to be loaded at any address in memory.
Full
Read-Only Relocations
Read-Only Relocations indicate that the binary has read-only relocations, preventing modification of certain sections at runtime.
Enabled
Stack Canary
Stack Canary indicates that the binary uses stack canaries to detect stack buffer overflows and prevent exploitation.
0 / 3
FORTIFY
Refers to the _FORTIFY_SOURCE feature. “Partial” means some functions (like memcpy, strcpy, etc.) are protected by FORTIFY, but not all possible ones.
Disabled
Clang CFI
These fields being “false” simply mean the binary was not compiled with Clang’s Control Flow Integrity (CFI) or SafeStack support.
Disabled
Clang SafeStack
These fields being “false” simply mean the binary was not compiled with Clang’s Control Flow Integrity (CFI) or SafeStack support.
Disabled
Stack Clash Protection
Stack Clash Protection indicates that the binary has protections against stack clash attacks, which exploit stack memory layout.
| Analysis Signal | Status | Details |
|---|---|---|
| No eXecute | Enabled | NX (No eXecute) indicates that the binary has a non-executable stack/heap (i.e., Data Execution Prevention). This prevents code from running in data sections of the process. |
| Position Independent Executable | DSO | Position Independent Executable (PIE) indicates that the binary is compiled with position-independent code, allowing it to be loaded at any address in memory. |
| Read-Only Relocations | Full | Read-Only Relocations indicate that the binary has read-only relocations, preventing modification of certain sections at runtime. |
| Stack Canary | Enabled | Stack Canary indicates that the binary uses stack canaries to detect stack buffer overflows and prevent exploitation. |
| FORTIFY | 0 / 3 | Refers to the _FORTIFY_SOURCE feature. “Partial” means some functions (like memcpy, strcpy, etc.) are protected by FORTIFY, but not all possible ones. |
| Clang CFI | Disabled | These fields being “false” simply mean the binary was not compiled with Clang’s Control Flow Integrity (CFI) or SafeStack support. |
| Clang SafeStack | Disabled | These fields being “false” simply mean the binary was not compiled with Clang’s Control Flow Integrity (CFI) or SafeStack support. |
| Stack Clash Protection | Disabled | Stack Clash Protection indicates that the binary has protections against stack clash attacks, which exploit stack memory layout. |