slimm609
commented
5 months ago This is a difference between using cobra as part of golang which makes several things much easier including shell completion so this will be a difference between the 2.
Open teoberi opened 5 months ago
slimm609
commented
5 months ago This is a difference between using cobra as part of golang which makes several things much easier including shell completion so this will be a difference between the 2.
slimm609
commented
5 months ago RELRO is partially broken at the moment (and listed in the README as broken) but FORTIFY should be pretty accurate. The count will be off a bit due to some difference in available functions but it should be more accurate. https://github.com/slimm609/checksec.sh/blob/main/pkg/checksec/fortify.go#L33. lists only functions that can actually be fortified. I have not backported this to the bash version since this is intended to replace it.
slimm609
commented
5 months ago RELRO is fixed in https://github.com/slimm609/checksec.sh/pull/253
teoberi
commented
5 months ago I will test the changes!
You tried checksec ascii art in the combination of green writing on a black background? It looks more effective and inspires confidence.
I compiled it statically with the command:
go build -tags osusergo,netgo main.go
but the file size is 6.8 M
slimm609
commented
5 months ago I changed the color to green in the latest MR. The file size will be larger because it is a static binary that doesn't require any external dependencies. This means it does need to include all libraries needed to perform the scans. However, today you need to install many more dependencies and requires bash, and multiple packages that are no longer needed with the golang release.
There are small differences in the options, for example: ./checksec --file=/usr/bin/ssh vs ./main file /usr/bin/ssh The variant for Golang seems to me not very intuitive, that is:
Is ASCII Art Generator for checksec a bit too big?
RELRO and FORTIFY still differ between the two versions. I only checked for /usr/bin/ssh