Santa's ELF Fingerprinting
2018-12-30, 11:55–12:00, Borg

Sometimes it is necessary to know how certain binaries are built. We'll talk about which heuristics will grant us the information we need.


Whenever researching a certain ELF binary image, one would like to know how it was built and what security mechanisms were used, in order to plan ahead for relevant attack scenarios. Therefore, we will look on how to implement this heuristic approach to glean as much information as possible:

1. Stack canaries

2. ASLR

3. Fortify_Source

4. Much more

See https://github.com/bit65/inspectelf for more info.