Fix paxtest output on OpenBSD 6.0?
Hallo :)
Also I included a few other OS.
Mirror for the post is here:
https://pastebin.com/raw/y9qHwZxi
Tests are after a default/fresh install (not livecd), using
https://www.grsecurity.net/~spender/paxtest-0.9.15.tar.gz
----
All OS were installed/tested in VirtualBox-5.1.6_110634_el7-1.x86_64 on a RHEL
7.2 / T450.
----
----
When I used 'paxtest-0.9.15' on OpenBSD, had to ADD two lines:
$ grep -n 'randarg1: randbody.o randarg1.o' Makefile.OpenBSD
157:randarg1: randbody.o randarg1.o
$ grep -n 'randarg2: randbody.o randarg2.o' Makefile.OpenBSD
159:randarg2: randbody.o randarg2.o
$
or else compile would fail, thx for the hint from Pinter Oliver!
----
----
On FreeBSD/HBSD I had to use paxtest-0.9.14-freebsd.tar compiled on FBSD9 from
https://github.com/HardenedBSD/tools/blob/master/tests/paxtest-freebsd/paxtest-0.9.14-freebsd.tgz
----
----
If anyone has outputs for NetBSD and DragonFlyBSD, please post.
----
Always used blackhat mode.
##############################################################################################
SUM (copy it to a simple editor, ex.: gedit, then from there to LibreOffice
Calc):
###################################################
CentOS-7-x86_64-Everything-1511.txt Executable anonymous mapping Killed
debian-8.6.0-amd64-CD-1.txt Executable anonymous mapping Killed
Fedora-Server-dvd-x86_64-24-1.2.txt Executable anonymous mapping Killed
Fedora-Workstation-netinst-x86_64-24-1.2.txt Executable anonymous mapping
Killed
FreeBSD-10.3-RELEASE-amd64-dvd1.txt Executable anonymous mapping Killed
FreeBSD-11.0-RC3-amd64-dvd1.txt Executable anonymous mapping Killed
FreeBSD-9.3-RELEASE-amd64-dvd1.txt Executable anonymous mapping Killed
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt Executable anonymous mapping
Killed
install60.txt Executable anonymous mapping Killed
linuxmint-18-cinnamon-64bit.txt Executable anonymous mapping Killed
openSUSE-Leap-42.1-DVD-x86_64.txt Executable anonymous mapping Killed
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Executable anonymous mapping
Killed
ubuntu-16.04.1-desktop-amd64.txt Executable anonymous mapping Killed
ubuntu-16.04.1-server-amd64.txt Executable anonymous mapping Killed
###################################################
CentOS-7-x86_64-Everything-1511.txt Executable bss Killed
debian-8.6.0-amd64-CD-1.txt Executable bss Killed
Fedora-Server-dvd-x86_64-24-1.2.txt Executable bss Killed
Fedora-Workstation-netinst-x86_64-24-1.2.txt Executable bss Killed
FreeBSD-10.3-RELEASE-amd64-dvd1.txt Executable bss Killed
FreeBSD-11.0-RC3-amd64-dvd1.txt Executable bss Killed
FreeBSD-9.3-RELEASE-amd64-dvd1.txt Executable bss Killed
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt Executable bss Killed
install60.txt Executable bss Killed
linuxmint-18-cinnamon-64bit.txt Executable bss Killed
openSUSE-Leap-42.1-DVD-x86_64.txt Executable bss Killed
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Executable bss Killed
ubuntu-16.04.1-desktop-amd64.txt Executable bss Killed
ubuntu-16.04.1-server-amd64.txt Executable bss Killed
###################################################
CentOS-7-x86_64-Everything-1511.txt Executable data Killed
debian-8.6.0-amd64-CD-1.txt Executable data Killed
Fedora-Server-dvd-x86_64-24-1.2.txt Executable data Killed
Fedora-Workstation-netinst-x86_64-24-1.2.txt Executable data Killed
FreeBSD-10.3-RELEASE-amd64-dvd1.txt Executable data Killed
FreeBSD-11.0-RC3-amd64-dvd1.txt Executable data Killed
FreeBSD-9.3-RELEASE-amd64-dvd1.txt Executable data Killed
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt Executable data Killed
install60.txt Executable data Killed
linuxmint-18-cinnamon-64bit.txt Executable data Killed
openSUSE-Leap-42.1-DVD-x86_64.txt Executable data Killed
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Executable data Killed
ubuntu-16.04.1-desktop-amd64.txt Executable data Killed
ubuntu-16.04.1-server-amd64.txt Executable data Killed
###################################################
CentOS-7-x86_64-Everything-1511.txt Executable heap Killed
debian-8.6.0-amd64-CD-1.txt Executable heap Killed
Fedora-Server-dvd-x86_64-24-1.2.txt Executable heap Killed
Fedora-Workstation-netinst-x86_64-24-1.2.txt Executable heap Killed
FreeBSD-10.3-RELEASE-amd64-dvd1.txt Executable heap Killed
FreeBSD-11.0-RC3-amd64-dvd1.txt Executable heap Killed
FreeBSD-9.3-RELEASE-amd64-dvd1.txt Executable heap Killed
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt Executable heap Killed
install60.txt Executable heap Killed
linuxmint-18-cinnamon-64bit.txt Executable heap Killed
openSUSE-Leap-42.1-DVD-x86_64.txt Executable heap Killed
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Executable heap Killed
ubuntu-16.04.1-desktop-amd64.txt Executable heap Killed
ubuntu-16.04.1-server-amd64.txt Executable heap Killed
###################################################
CentOS-7-x86_64-Everything-1511.txt Executable stack Killed
debian-8.6.0-amd64-CD-1.txt Executable stack Killed
Fedora-Server-dvd-x86_64-24-1.2.txt Executable stack Killed
Fedora-Workstation-netinst-x86_64-24-1.2.txt Executable stack Killed
FreeBSD-10.3-RELEASE-amd64-dvd1.txt Executable stack Killed
FreeBSD-11.0-RC3-amd64-dvd1.txt Executable stack Killed
FreeBSD-9.3-RELEASE-amd64-dvd1.txt Executable stack Killed
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt Executable stack Killed
install60.txt Executable stack Killed
linuxmint-18-cinnamon-64bit.txt Executable stack Killed
openSUSE-Leap-42.1-DVD-x86_64.txt Executable stack Killed
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Executable stack Killed
ubuntu-16.04.1-desktop-amd64.txt Executable stack Killed
ubuntu-16.04.1-server-amd64.txt Executable stack Killed
###################################################
CentOS-7-x86_64-Everything-1511.txt Executable shared library bss Killed
debian-8.6.0-amd64-CD-1.txt Executable shared library bss Killed
Fedora-Server-dvd-x86_64-24-1.2.txt Executable shared library bss Killed
Fedora-Workstation-netinst-x86_64-24-1.2.txt Executable shared library bss
Killed
FreeBSD-10.3-RELEASE-amd64-dvd1.txt Executable shared library bss Killed
FreeBSD-11.0-RC3-amd64-dvd1.txt Executable shared library bss Killed
FreeBSD-9.3-RELEASE-amd64-dvd1.txt Executable shared library bss Killed
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt Executable shared library bss
Killed
install60.txt Executable shared library bss Killed
linuxmint-18-cinnamon-64bit.txt Executable shared library bss Killed
openSUSE-Leap-42.1-DVD-x86_64.txt Executable shared library bss Killed
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Executable shared library bss
Killed
ubuntu-16.04.1-desktop-amd64.txt Executable shared library bss Killed
ubuntu-16.04.1-server-amd64.txt Executable shared library bss Killed
###################################################
CentOS-7-x86_64-Everything-1511.txt Executable shared library data Killed
debian-8.6.0-amd64-CD-1.txt Executable shared library data Killed
Fedora-Server-dvd-x86_64-24-1.2.txt Executable shared library data Killed
Fedora-Workstation-netinst-x86_64-24-1.2.txt Executable shared library data
Killed
FreeBSD-10.3-RELEASE-amd64-dvd1.txt Executable shared library data Killed
FreeBSD-11.0-RC3-amd64-dvd1.txt Executable shared library data Killed
FreeBSD-9.3-RELEASE-amd64-dvd1.txt Executable shared library data Killed
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt Executable shared library data
Killed
install60.txt Executable shared library data Killed
linuxmint-18-cinnamon-64bit.txt Executable shared library data Killed
openSUSE-Leap-42.1-DVD-x86_64.txt Executable shared library data Killed
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Executable shared library data
Killed
ubuntu-16.04.1-desktop-amd64.txt Executable shared library data Killed
ubuntu-16.04.1-server-amd64.txt Executable shared library data Killed
###################################################
CentOS-7-x86_64-Everything-1511.txt Executable anonymous mapping (mprotect)
Vulnerable
debian-8.6.0-amd64-CD-1.txt Executable anonymous mapping (mprotect)
Vulnerable
Fedora-Server-dvd-x86_64-24-1.2.txt Executable anonymous mapping (mprotect)
Vulnerable
Fedora-Workstation-netinst-x86_64-24-1.2.txt Executable anonymous mapping
(mprotect) Vulnerable
FreeBSD-10.3-RELEASE-amd64-dvd1.txt Executable anonymous mapping (mprotect)
Vulnerable
FreeBSD-11.0-RC3-amd64-dvd1.txt Executable anonymous mapping (mprotect)
Vulnerable
FreeBSD-9.3-RELEASE-amd64-dvd1.txt Executable anonymous mapping (mprotect)
Vulnerable
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt Executable anonymous mapping
(mprotect) Killed
install60.txt Executable anonymous mapping (mprotect) Vulnerable
linuxmint-18-cinnamon-64bit.txt Executable anonymous mapping (mprotect)
Vulnerable
openSUSE-Leap-42.1-DVD-x86_64.txt Executable anonymous mapping (mprotect)
Vulnerable
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Executable anonymous mapping
(mprotect) Vulnerable
ubuntu-16.04.1-desktop-amd64.txt Executable anonymous mapping (mprotect)
Vulnerable
ubuntu-16.04.1-server-amd64.txt Executable anonymous mapping (mprotect)
Vulnerable
###################################################
CentOS-7-x86_64-Everything-1511.txt Executable bss (mprotect)
Vulnerable
debian-8.6.0-amd64-CD-1.txt Executable bss (mprotect) Vulnerable
Fedora-Server-dvd-x86_64-24-1.2.txt Executable bss (mprotect)
Vulnerable
Fedora-Workstation-netinst-x86_64-24-1.2.txt Executable bss (mprotect)
Vulnerable
FreeBSD-10.3-RELEASE-amd64-dvd1.txt Executable bss (mprotect)
Vulnerable
FreeBSD-11.0-RC3-amd64-dvd1.txt Executable bss (mprotect) Vulnerable
FreeBSD-9.3-RELEASE-amd64-dvd1.txt Executable bss (mprotect)
Vulnerable
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt Executable bss (mprotect)
Killed
install60.txt Executable bss (mprotect) Vulnerable
linuxmint-18-cinnamon-64bit.txt Executable bss (mprotect) Vulnerable
openSUSE-Leap-42.1-DVD-x86_64.txt Executable bss (mprotect)
Vulnerable
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Executable bss (mprotect)
Vulnerable
ubuntu-16.04.1-desktop-amd64.txt Executable bss (mprotect)
Vulnerable
ubuntu-16.04.1-server-amd64.txt Executable bss (mprotect) Vulnerable
###################################################
CentOS-7-x86_64-Everything-1511.txt Executable data (mprotect)
Vulnerable
debian-8.6.0-amd64-CD-1.txt Executable data (mprotect) Vulnerable
Fedora-Server-dvd-x86_64-24-1.2.txt Executable data (mprotect)
Vulnerable
Fedora-Workstation-netinst-x86_64-24-1.2.txt Executable data (mprotect)
Vulnerable
FreeBSD-10.3-RELEASE-amd64-dvd1.txt Executable data (mprotect)
Vulnerable
FreeBSD-11.0-RC3-amd64-dvd1.txt Executable data (mprotect) Vulnerable
FreeBSD-9.3-RELEASE-amd64-dvd1.txt Executable data (mprotect)
Vulnerable
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt Executable data (mprotect)
Killed
install60.txt Executable data (mprotect) Vulnerable
linuxmint-18-cinnamon-64bit.txt Executable data (mprotect) Vulnerable
openSUSE-Leap-42.1-DVD-x86_64.txt Executable data (mprotect)
Vulnerable
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Executable data (mprotect)
Vulnerable
ubuntu-16.04.1-desktop-amd64.txt Executable data (mprotect)
Vulnerable
ubuntu-16.04.1-server-amd64.txt Executable data (mprotect) Vulnerable
###################################################
CentOS-7-x86_64-Everything-1511.txt Executable heap (mprotect) Killed
debian-8.6.0-amd64-CD-1.txt Executable heap (mprotect) Vulnerable
Fedora-Server-dvd-x86_64-24-1.2.txt Executable heap (mprotect) Killed
Fedora-Workstation-netinst-x86_64-24-1.2.txt Executable heap (mprotect)
Killed
FreeBSD-10.3-RELEASE-amd64-dvd1.txt Executable heap (mprotect)
Vulnerable
FreeBSD-11.0-RC3-amd64-dvd1.txt Executable heap (mprotect) Vulnerable
FreeBSD-9.3-RELEASE-amd64-dvd1.txt Executable heap (mprotect)
Vulnerable
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt Executable heap (mprotect)
Killed
install60.txt Executable heap (mprotect) Vulnerable
linuxmint-18-cinnamon-64bit.txt Executable heap (mprotect) Vulnerable
openSUSE-Leap-42.1-DVD-x86_64.txt Executable heap (mprotect)
Vulnerable
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Executable heap (mprotect)
Vulnerable
ubuntu-16.04.1-desktop-amd64.txt Executable heap (mprotect)
Vulnerable
ubuntu-16.04.1-server-amd64.txt Executable heap (mprotect) Vulnerable
###################################################
CentOS-7-x86_64-Everything-1511.txt Executable stack (mprotect)
Vulnerable
debian-8.6.0-amd64-CD-1.txt Executable stack (mprotect) Vulnerable
Fedora-Server-dvd-x86_64-24-1.2.txt Executable stack (mprotect)
Vulnerable
Fedora-Workstation-netinst-x86_64-24-1.2.txt Executable stack (mprotect)
Vulnerable
FreeBSD-10.3-RELEASE-amd64-dvd1.txt Executable stack (mprotect)
Vulnerable
FreeBSD-11.0-RC3-amd64-dvd1.txt Executable stack (mprotect) Vulnerable
FreeBSD-9.3-RELEASE-amd64-dvd1.txt Executable stack (mprotect)
Vulnerable
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt Executable stack (mprotect)
Killed
install60.txt Executable stack (mprotect) Killed
linuxmint-18-cinnamon-64bit.txt Executable stack (mprotect) Vulnerable
openSUSE-Leap-42.1-DVD-x86_64.txt Executable stack (mprotect)
Vulnerable
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Executable stack (mprotect)
Vulnerable
ubuntu-16.04.1-desktop-amd64.txt Executable stack (mprotect)
Vulnerable
ubuntu-16.04.1-server-amd64.txt Executable stack (mprotect) Vulnerable
###################################################
CentOS-7-x86_64-Everything-1511.txt Executable shared library bss
(mprotect) Vulnerable
debian-8.6.0-amd64-CD-1.txt Executable shared library bss (mprotect)
Vulnerable
Fedora-Server-dvd-x86_64-24-1.2.txt Executable shared library bss
(mprotect) Vulnerable
Fedora-Workstation-netinst-x86_64-24-1.2.txt Executable shared library bss
(mprotect) Vulnerable
FreeBSD-10.3-RELEASE-amd64-dvd1.txt Executable shared library bss
(mprotect) Vulnerable
FreeBSD-11.0-RC3-amd64-dvd1.txt Executable shared library bss (mprotect)
Vulnerable
FreeBSD-9.3-RELEASE-amd64-dvd1.txt Executable shared library bss
(mprotect) Vulnerable
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt Executable shared library bss
(mprotect) Killed
install60.txt Executable shared library bss (mprotect) Vulnerable
linuxmint-18-cinnamon-64bit.txt Executable shared library bss (mprotect)
Vulnerable
openSUSE-Leap-42.1-DVD-x86_64.txt Executable shared library bss
(mprotect) Vulnerable
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Executable shared library bss
(mprotect) Vulnerable
ubuntu-16.04.1-desktop-amd64.txt Executable shared library bss
(mprotect) Vulnerable
ubuntu-16.04.1-server-amd64.txt Executable shared library bss (mprotect)
Vulnerable
###################################################
CentOS-7-x86_64-Everything-1511.txt Executable shared library data
(mprotect) Vulnerable
debian-8.6.0-amd64-CD-1.txt Executable shared library data (mprotect)
Vulnerable
Fedora-Server-dvd-x86_64-24-1.2.txt Executable shared library data
(mprotect) Vulnerable
Fedora-Workstation-netinst-x86_64-24-1.2.txt Executable shared library data
(mprotect) Vulnerable
FreeBSD-10.3-RELEASE-amd64-dvd1.txt Executable shared library data
(mprotect) Vulnerable
FreeBSD-11.0-RC3-amd64-dvd1.txt Executable shared library data (mprotect)
Vulnerable
FreeBSD-9.3-RELEASE-amd64-dvd1.txt Executable shared library data
(mprotect) Vulnerable
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt Executable shared library data
(mprotect) Killed
install60.txt Executable shared library data (mprotect) Vulnerable
linuxmint-18-cinnamon-64bit.txt Executable shared library data (mprotect)
Vulnerable
openSUSE-Leap-42.1-DVD-x86_64.txt Executable shared library data
(mprotect) Vulnerable
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Executable shared library data
(mprotect) Vulnerable
ubuntu-16.04.1-desktop-amd64.txt Executable shared library data
(mprotect) Vulnerable
ubuntu-16.04.1-server-amd64.txt Executable shared library data (mprotect)
Vulnerable
###################################################
CentOS-7-x86_64-Everything-1511.txt Writable text segments Vulnerable
debian-8.6.0-amd64-CD-1.txt Writable text segments Vulnerable
Fedora-Server-dvd-x86_64-24-1.2.txt Writable text segments Vulnerable
Fedora-Workstation-netinst-x86_64-24-1.2.txt Writable text segments
Vulnerable
FreeBSD-10.3-RELEASE-amd64-dvd1.txt Writable text segments Vulnerable
FreeBSD-11.0-RC3-amd64-dvd1.txt Writable text segments Vulnerable
FreeBSD-9.3-RELEASE-amd64-dvd1.txt Writable text segments Vulnerable
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt Writable text segments
Vulnerable
install60.txt Writable text segments Killed
linuxmint-18-cinnamon-64bit.txt Writable text segments Vulnerable
openSUSE-Leap-42.1-DVD-x86_64.txt Writable text segments Vulnerable
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Writable text segments
Vulnerable
ubuntu-16.04.1-desktop-amd64.txt Writable text segments Vulnerable
ubuntu-16.04.1-server-amd64.txt Writable text segments Vulnerable
###################################################
CentOS-7-x86_64-Everything-1511.txt Anonymous mapping randomization test
28 quality bits (guessed)
debian-8.6.0-amd64-CD-1.txt Anonymous mapping randomization test 28
quality bits (guessed)
Fedora-Server-dvd-x86_64-24-1.2.txt Anonymous mapping randomization test
28 quality bits (guessed)
Fedora-Workstation-netinst-x86_64-24-1.2.txt Anonymous mapping randomization
test 28 quality bits (guessed)
FreeBSD-10.3-RELEASE-amd64-dvd1.txt Anonymous mapping randomization test
No randomization
FreeBSD-11.0-RC3-amd64-dvd1.txt Anonymous mapping randomization test No
randomization
FreeBSD-9.3-RELEASE-amd64-dvd1.txt Anonymous mapping randomization test
No randomization
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt Anonymous mapping randomization
test 30 quality bits (guessed)
install60.txt Anonymous mapping randomization test 33 quality bits
(guessed)
linuxmint-18-cinnamon-64bit.txt Anonymous mapping randomization test 28
quality bits (guessed)
openSUSE-Leap-42.1-DVD-x86_64.txt Anonymous mapping randomization test
28 quality bits (guessed)
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Anonymous mapping randomization
test 28 quality bits (guessed)
ubuntu-16.04.1-desktop-amd64.txt Anonymous mapping randomization test
28 quality bits (guessed)
ubuntu-16.04.1-server-amd64.txt Anonymous mapping randomization test 28
quality bits (guessed)
###################################################
CentOS-7-x86_64-Everything-1511.txt Heap randomization test (ET_EXEC)
13 quality bits (guessed)
debian-8.6.0-amd64-CD-1.txt Heap randomization test (ET_EXEC) 13
quality bits (guessed)
Fedora-Server-dvd-x86_64-24-1.2.txt Heap randomization test (ET_EXEC)
13 quality bits (guessed)
Fedora-Workstation-netinst-x86_64-24-1.2.txt Heap randomization test
(ET_EXEC) 13 quality bits (guessed)
FreeBSD-10.3-RELEASE-amd64-dvd1.txt Heap randomization test (ET_EXEC)
No randomization
FreeBSD-11.0-RC3-amd64-dvd1.txt Heap randomization test (ET_EXEC) No
randomization
FreeBSD-9.3-RELEASE-amd64-dvd1.txt Heap randomization test (ET_EXEC)
No randomization
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt Heap randomization test
(ET_EXEC) 21 quality bits (guessed)
install60.txt Heap randomization test (ET_EXEC) 38 quality bits
(guessed)
linuxmint-18-cinnamon-64bit.txt Heap randomization test (ET_EXEC) 13
quality bits (guessed)
openSUSE-Leap-42.1-DVD-x86_64.txt Heap randomization test (ET_EXEC)
13 quality bits (guessed)
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Heap randomization test
(ET_EXEC) 13 quality bits (guessed)
ubuntu-16.04.1-desktop-amd64.txt Heap randomization test (ET_EXEC)
13 quality bits (guessed)
ubuntu-16.04.1-server-amd64.txt Heap randomization test (ET_EXEC) 13
quality bits (guessed)
###################################################
CentOS-7-x86_64-Everything-1511.txt Heap randomization test (PIE) 28
quality bits (guessed)
debian-8.6.0-amd64-CD-1.txt Heap randomization test (PIE) 28 quality bits
(guessed)
Fedora-Server-dvd-x86_64-24-1.2.txt Heap randomization test (PIE) 28
quality bits (guessed)
Fedora-Workstation-netinst-x86_64-24-1.2.txt Heap randomization test (PIE)
28 quality bits (guessed)
FreeBSD-10.3-RELEASE-amd64-dvd1.txt Heap randomization test (PIE) No
randomization
FreeBSD-11.0-RC3-amd64-dvd1.txt Heap randomization test (PIE) No randomization
FreeBSD-9.3-RELEASE-amd64-dvd1.txt Heap randomization test (PIE) No
randomization
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt Heap randomization test (PIE)
22 quality bits (guessed)
linuxmint-18-cinnamon-64bit.txt Heap randomization test (PIE) 28 quality bits
(guessed)
openSUSE-Leap-42.1-DVD-x86_64.txt Heap randomization test (PIE) 28
quality bits (guessed)
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Heap randomization test (PIE)
28 quality bits (guessed)
ubuntu-16.04.1-desktop-amd64.txt Heap randomization test (PIE) 28
quality bits (guessed)
ubuntu-16.04.1-server-amd64.txt Heap randomization test (PIE) 28 quality bits
(guessed)
###################################################
CentOS-7-x86_64-Everything-1511.txt Main executable randomization (ET_EXEC)
No randomization
debian-8.6.0-amd64-CD-1.txt Main executable randomization (ET_EXEC) No
randomization
Fedora-Server-dvd-x86_64-24-1.2.txt Main executable randomization (ET_EXEC)
No randomization
Fedora-Workstation-netinst-x86_64-24-1.2.txt Main executable randomization
(ET_EXEC) No randomization
FreeBSD-10.3-RELEASE-amd64-dvd1.txt Main executable randomization (ET_EXEC)
No randomization
FreeBSD-11.0-RC3-amd64-dvd1.txt Main executable randomization (ET_EXEC) No
randomization
FreeBSD-9.3-RELEASE-amd64-dvd1.txt Main executable randomization (ET_EXEC)
No randomization
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt Main executable randomization
(ET_EXEC) No randomization
install60.txt Main executable randomization (ET_EXEC) 25 quality bits
(guessed)
linuxmint-18-cinnamon-64bit.txt Main executable randomization (ET_EXEC) No
randomization
openSUSE-Leap-42.1-DVD-x86_64.txt Main executable randomization (ET_EXEC)
No randomization
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Main executable randomization
(ET_EXEC) No randomization
ubuntu-16.04.1-desktop-amd64.txt Main executable randomization (ET_EXEC)
No randomization
ubuntu-16.04.1-server-amd64.txt Main executable randomization (ET_EXEC) No
randomization
###################################################
CentOS-7-x86_64-Everything-1511.txt Main executable randomization (PIE)
28 quality bits (guessed)
debian-8.6.0-amd64-CD-1.txt Main executable randomization (PIE) 28
quality bits (guessed)
Fedora-Server-dvd-x86_64-24-1.2.txt Main executable randomization (PIE)
28 quality bits (guessed)
Fedora-Workstation-netinst-x86_64-24-1.2.txt Main executable randomization
(PIE) 28 quality bits (guessed)
FreeBSD-10.3-RELEASE-amd64-dvd1.txt Main executable randomization (PIE)
No randomization
FreeBSD-11.0-RC3-amd64-dvd1.txt Main executable randomization (PIE) No
randomization
FreeBSD-9.3-RELEASE-amd64-dvd1.txt Main executable randomization (PIE)
No randomization
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt Main executable randomization
(PIE) 30 quality bits (guessed)
linuxmint-18-cinnamon-64bit.txt Main executable randomization (PIE) 28
quality bits (guessed)
openSUSE-Leap-42.1-DVD-x86_64.txt Main executable randomization (PIE)
28 quality bits (guessed)
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Main executable randomization
(PIE) 28 quality bits (guessed)
ubuntu-16.04.1-desktop-amd64.txt Main executable randomization (PIE)
28 quality bits (guessed)
ubuntu-16.04.1-server-amd64.txt Main executable randomization (PIE) 28
quality bits (guessed)
###################################################
CentOS-7-x86_64-Everything-1511.txt Shared library randomization test
28 quality bits (guessed)
debian-8.6.0-amd64-CD-1.txt Shared library randomization test 28
quality bits (guessed)
Fedora-Server-dvd-x86_64-24-1.2.txt Shared library randomization test
28 quality bits (guessed)
Fedora-Workstation-netinst-x86_64-24-1.2.txt Shared library randomization
test 28 quality bits (guessed)
FreeBSD-10.3-RELEASE-amd64-dvd1.txt Shared library randomization test
No randomization
FreeBSD-11.0-RC3-amd64-dvd1.txt Shared library randomization test No
randomization
FreeBSD-9.3-RELEASE-amd64-dvd1.txt Shared library randomization test
No randomization
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt Shared library randomization
test 30 quality bits (guessed)
install60.txt Shared library randomization test 33 quality bits
(guessed)
linuxmint-18-cinnamon-64bit.txt Shared library randomization test 28
quality bits (guessed)
openSUSE-Leap-42.1-DVD-x86_64.txt Shared library randomization test
28 quality bits (guessed)
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Shared library randomization
test 28 quality bits (guessed)
ubuntu-16.04.1-desktop-amd64.txt Shared library randomization test
28 quality bits (guessed)
ubuntu-16.04.1-server-amd64.txt Shared library randomization test 28
quality bits (guessed)
###################################################
CentOS-7-x86_64-Everything-1511.txt VDSO randomization test 20 quality bits
(guessed)
debian-8.6.0-amd64-CD-1.txt VDSO randomization test 20 quality bits
(guessed)
Fedora-Server-dvd-x86_64-24-1.2.txt VDSO randomization test 20 quality bits
(guessed)
Fedora-Workstation-netinst-x86_64-24-1.2.txt VDSO randomization test 20
quality bits (guessed)
FreeBSD-10.3-RELEASE-amd64-dvd1.txt VDSO randomization test No randomization
FreeBSD-11.0-RC3-amd64-dvd1.txt VDSO randomization test No randomization
FreeBSD-9.3-RELEASE-amd64-dvd1.txt VDSO randomization test No randomization
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt VDSO randomization test 28
quality bits (guessed)
linuxmint-18-cinnamon-64bit.txt VDSO randomization test 20 quality bits
(guessed)
openSUSE-Leap-42.1-DVD-x86_64.txt VDSO randomization test 20 quality bits
(guessed)
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt VDSO randomization test 20
quality bits (guessed)
ubuntu-16.04.1-desktop-amd64.txt VDSO randomization test 20 quality bits
(guessed)
ubuntu-16.04.1-server-amd64.txt VDSO randomization test 20 quality bits
(guessed)
###################################################
CentOS-7-x86_64-Everything-1511.txt Stack randomization test (SEGMEXEC)
30 quality bits (guessed)
debian-8.6.0-amd64-CD-1.txt Stack randomization test (SEGMEXEC) 30
quality bits (guessed)
Fedora-Server-dvd-x86_64-24-1.2.txt Stack randomization test (SEGMEXEC)
30 quality bits (guessed)
Fedora-Workstation-netinst-x86_64-24-1.2.txt Stack randomization test
(SEGMEXEC) 30 quality bits (guessed)
FreeBSD-10.3-RELEASE-amd64-dvd1.txt Stack randomization test (SEGMEXEC)
No randomization
FreeBSD-11.0-RC3-amd64-dvd1.txt Stack randomization test (SEGMEXEC) No
randomization
FreeBSD-9.3-RELEASE-amd64-dvd1.txt Stack randomization test (SEGMEXEC)
No randomization
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt Stack randomization test
(SEGMEXEC) 41 quality bits (guessed)
install60.txt Stack randomization test (SEGMEXEC) 14 quality bits
(guessed)
linuxmint-18-cinnamon-64bit.txt Stack randomization test (SEGMEXEC) 30
quality bits (guessed)
openSUSE-Leap-42.1-DVD-x86_64.txt Stack randomization test (SEGMEXEC)
30 quality bits (guessed)
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Stack randomization test
(SEGMEXEC) 30 quality bits (guessed)
ubuntu-16.04.1-desktop-amd64.txt Stack randomization test (SEGMEXEC)
30 quality bits (guessed)
ubuntu-16.04.1-server-amd64.txt Stack randomization test (SEGMEXEC) 30
quality bits (guessed)
###################################################
CentOS-7-x86_64-Everything-1511.txt Stack randomization test (PAGEEXEC)
30 quality bits (guessed)
debian-8.6.0-amd64-CD-1.txt Stack randomization test (PAGEEXEC) 30
quality bits (guessed)
Fedora-Server-dvd-x86_64-24-1.2.txt Stack randomization test (PAGEEXEC)
30 quality bits (guessed)
Fedora-Workstation-netinst-x86_64-24-1.2.txt Stack randomization test
(PAGEEXEC) 30 quality bits (guessed)
FreeBSD-10.3-RELEASE-amd64-dvd1.txt Stack randomization test (PAGEEXEC)
No randomization
FreeBSD-11.0-RC3-amd64-dvd1.txt Stack randomization test (PAGEEXEC) No
randomization
FreeBSD-9.3-RELEASE-amd64-dvd1.txt Stack randomization test (PAGEEXEC)
No randomization
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt Stack randomization test
(PAGEEXEC) 41 quality bits (guessed)
install60.txt Stack randomization test (PAGEEXEC) 14 quality bits
(guessed)
linuxmint-18-cinnamon-64bit.txt Stack randomization test (PAGEEXEC) 30
quality bits (guessed)
openSUSE-Leap-42.1-DVD-x86_64.txt Stack randomization test (PAGEEXEC)
30 quality bits (guessed)
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Stack randomization test
(PAGEEXEC) 30 quality bits (guessed)
ubuntu-16.04.1-desktop-amd64.txt Stack randomization test (PAGEEXEC)
30 quality bits (guessed)
ubuntu-16.04.1-server-amd64.txt Stack randomization test (PAGEEXEC) 30
quality bits (guessed)
###################################################
CentOS-7-x86_64-Everything-1511.txt Arg/env randomization test (SEGMEXEC)
22 quality bits (guessed)
debian-8.6.0-amd64-CD-1.txt Arg/env randomization test (SEGMEXEC) 22
quality bits (guessed)
Fedora-Server-dvd-x86_64-24-1.2.txt Arg/env randomization test (SEGMEXEC)
22 quality bits (guessed)
Fedora-Workstation-netinst-x86_64-24-1.2.txt Arg/env randomization test
(SEGMEXEC) 22 quality bits (guessed)
FreeBSD-10.3-RELEASE-amd64-dvd1.txt Arg/env randomization test (SEGMEXEC)
No randomization
FreeBSD-11.0-RC3-amd64-dvd1.txt Arg/env randomization test (SEGMEXEC) No
randomization
FreeBSD-9.3-RELEASE-amd64-dvd1.txt Arg/env randomization test (SEGMEXEC)
No randomization
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt Arg/env randomization test
(SEGMEXEC) 42 quality bits (guessed)
install60.txt Arg/env randomization test (SEGMEXEC) 14 quality bits
(guessed)
linuxmint-18-cinnamon-64bit.txt Arg/env randomization test (SEGMEXEC) 22
quality bits (guessed)
openSUSE-Leap-42.1-DVD-x86_64.txt Arg/env randomization test (SEGMEXEC)
22 quality bits (guessed)
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Arg/env randomization test
(SEGMEXEC) 22 quality bits (guessed)
ubuntu-16.04.1-desktop-amd64.txt Arg/env randomization test (SEGMEXEC)
22 quality bits (guessed)
ubuntu-16.04.1-server-amd64.txt Arg/env randomization test (SEGMEXEC) 22
quality bits (guessed)
###################################################
CentOS-7-x86_64-Everything-1511.txt Arg/env randomization test (PAGEEXEC)
22 quality bits (guessed)
debian-8.6.0-amd64-CD-1.txt Arg/env randomization test (PAGEEXEC) 22
quality bits (guessed)
Fedora-Server-dvd-x86_64-24-1.2.txt Arg/env randomization test (PAGEEXEC)
22 quality bits (guessed)
Fedora-Workstation-netinst-x86_64-24-1.2.txt Arg/env randomization test
(PAGEEXEC) 22 quality bits (guessed)
FreeBSD-10.3-RELEASE-amd64-dvd1.txt Arg/env randomization test (PAGEEXEC)
No randomization
FreeBSD-11.0-RC3-amd64-dvd1.txt Arg/env randomization test (PAGEEXEC) No
randomization
FreeBSD-9.3-RELEASE-amd64-dvd1.txt Arg/env randomization test (PAGEEXEC)
No randomization
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt Arg/env randomization test
(PAGEEXEC) 42 quality bits (guessed)
install60.txt Arg/env randomization test (PAGEEXEC) 14 quality bits
(guessed)
linuxmint-18-cinnamon-64bit.txt Arg/env randomization test (PAGEEXEC) 22
quality bits (guessed)
openSUSE-Leap-42.1-DVD-x86_64.txt Arg/env randomization test (PAGEEXEC)
22 quality bits (guessed)
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Arg/env randomization test
(PAGEEXEC) 22 quality bits (guessed)
ubuntu-16.04.1-desktop-amd64.txt Arg/env randomization test (PAGEEXEC)
22 quality bits (guessed)
ubuntu-16.04.1-server-amd64.txt Arg/env randomization test (PAGEEXEC) 22
quality bits (guessed)
###################################################
CentOS-7-x86_64-Everything-1511.txt Offset to library randomisation
(ET_EXEC) 28 quality bits (guessed)
debian-8.6.0-amd64-CD-1.txt Offset to library randomisation (ET_EXEC)
28 quality bits (guessed)
Fedora-Server-dvd-x86_64-24-1.2.txt Offset to library randomisation
(ET_EXEC) 28 quality bits (guessed)
Fedora-Workstation-netinst-x86_64-24-1.2.txt Offset to library randomisation
(ET_EXEC) 28 quality bits (guessed)
linuxmint-18-cinnamon-64bit.txt Offset to library randomisation (ET_EXEC)
28 quality bits (guessed)
openSUSE-Leap-42.1-DVD-x86_64.txt Offset to library randomisation
(ET_EXEC) 28 quality bits (guessed)
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Offset to library randomisation
(ET_EXEC) 28 quality bits (guessed)
ubuntu-16.04.1-desktop-amd64.txt Offset to library randomisation
(ET_EXEC) 28 quality bits (guessed)
ubuntu-16.04.1-server-amd64.txt Offset to library randomisation (ET_EXEC)
28 quality bits (guessed)
###################################################
CentOS-7-x86_64-Everything-1511.txt Offset to library randomisation
(ET_DYN) No randomization
debian-8.6.0-amd64-CD-1.txt Offset to library randomisation (ET_DYN)
No randomization
Fedora-Server-dvd-x86_64-24-1.2.txt Offset to library randomisation
(ET_DYN) 28 quality bits (guessed)
Fedora-Workstation-netinst-x86_64-24-1.2.txt Offset to library randomisation
(ET_DYN) 28 quality bits (guessed)
linuxmint-18-cinnamon-64bit.txt Offset to library randomisation (ET_DYN)
28 quality bits (guessed)
openSUSE-Leap-42.1-DVD-x86_64.txt Offset to library randomisation
(ET_DYN) 28 quality bits (guessed)
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Offset to library randomisation
(ET_DYN) No randomization
ubuntu-16.04.1-desktop-amd64.txt Offset to library randomisation
(ET_DYN) 28 quality bits (guessed)
ubuntu-16.04.1-server-amd64.txt Offset to library randomisation (ET_DYN)
28 quality bits (guessed)
###################################################
CentOS-7-x86_64-Everything-1511.txt Randomization under memory exhaustion
@~0 28 bits (guessed)
debian-8.6.0-amd64-CD-1.txt Randomization under memory exhaustion @~0
28 bits (guessed)
Fedora-Server-dvd-x86_64-24-1.2.txt Randomization under memory exhaustion
@~0 29 bits (guessed)
Fedora-Workstation-netinst-x86_64-24-1.2.txt Randomization under memory
exhaustion @~0 29 bits (guessed)
FreeBSD-10.3-RELEASE-amd64-dvd1.txt Randomization under memory exhaustion
@~0 No randomization
FreeBSD-11.0-RC3-amd64-dvd1.txt Randomization under memory exhaustion @~0
No randomization
FreeBSD-9.3-RELEASE-amd64-dvd1.txt Randomization under memory exhaustion
@~0 No randomization
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt Randomization under memory
exhaustion @~0 30 bits (guessed)
linuxmint-18-cinnamon-64bit.txt Randomization under memory exhaustion @~0
29 bits (guessed)
openSUSE-Leap-42.1-DVD-x86_64.txt Randomization under memory exhaustion
@~0 29 bits (guessed)
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Randomization under memory
exhaustion @~0 28 bits (guessed)
ubuntu-16.04.1-desktop-amd64.txt Randomization under memory exhaustion
@~0 28 bits (guessed)
ubuntu-16.04.1-server-amd64.txt Randomization under memory exhaustion @~0
29 bits (guessed)
###################################################
CentOS-7-x86_64-Everything-1511.txt Randomization under memory exhaustion
@0 29 bits (guessed)
debian-8.6.0-amd64-CD-1.txt Randomization under memory exhaustion @0
29 bits (guessed)
Fedora-Server-dvd-x86_64-24-1.2.txt Randomization under memory exhaustion
@0 28 bits (guessed)
Fedora-Workstation-netinst-x86_64-24-1.2.txt Randomization under memory
exhaustion @0 29 bits (guessed)
FreeBSD-10.3-RELEASE-amd64-dvd1.txt Randomization under memory exhaustion
@0 No randomization
FreeBSD-11.0-RC3-amd64-dvd1.txt Randomization under memory exhaustion @0
No randomization
FreeBSD-9.3-RELEASE-amd64-dvd1.txt Randomization under memory exhaustion
@0 No randomization
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt Randomization under memory
exhaustion @0 30 bits (guessed)
linuxmint-18-cinnamon-64bit.txt Randomization under memory exhaustion @0
28 bits (guessed)
openSUSE-Leap-42.1-DVD-x86_64.txt Randomization under memory exhaustion
@0 28 bits (guessed)
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Randomization under memory
exhaustion @0 28 bits (guessed)
ubuntu-16.04.1-desktop-amd64.txt Randomization under memory exhaustion
@0 28 bits (guessed)
ubuntu-16.04.1-server-amd64.txt Randomization under memory exhaustion @0
29 bits (guessed)
###################################################
CentOS-7-x86_64-Everything-1511.txt Return to function (strcpy) paxtest
return address contains a NULL byte.
debian-8.6.0-amd64-CD-1.txt Return to function (strcpy) paxtest return
address contains a NULL byte.
Fedora-Server-dvd-x86_64-24-1.2.txt Return to function (strcpy) paxtest
return address contains a NULL byte.
Fedora-Workstation-netinst-x86_64-24-1.2.txt Return to function (strcpy)
paxtest return address contains a NULL byte.
FreeBSD-10.3-RELEASE-amd64-dvd1.txt Return to function (strcpy) paxtest
return address contains a NULL byte.
FreeBSD-11.0-RC3-amd64-dvd1.txt Return to function (strcpy) paxtest return
address contains a NULL byte.
FreeBSD-9.3-RELEASE-amd64-dvd1.txt Return to function (strcpy) paxtest
return address contains a NULL byte.
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt Return to function (strcpy)
paxtest return address contains a NULL byte.
install60.txt Return to function (strcpy) paxtest return address contains
a NULL byte.
linuxmint-18-cinnamon-64bit.txt Return to function (strcpy) paxtest return
address contains a NULL byte.
openSUSE-Leap-42.1-DVD-x86_64.txt Return to function (strcpy) paxtest
return address contains a NULL byte.
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Return to function (strcpy)
paxtest return address contains a NULL byte.
ubuntu-16.04.1-desktop-amd64.txt Return to function (strcpy) paxtest
return address contains a NULL byte.
ubuntu-16.04.1-server-amd64.txt Return to function (strcpy) paxtest return
address contains a NULL byte.
###################################################
CentOS-7-x86_64-Everything-1511.txt Return to function (memcpy)
Vulnerable
debian-8.6.0-amd64-CD-1.txt Return to function (memcpy) Vulnerable
Fedora-Server-dvd-x86_64-24-1.2.txt Return to function (memcpy)
Vulnerable
Fedora-Workstation-netinst-x86_64-24-1.2.txt Return to function (memcpy)
Vulnerable
FreeBSD-10.3-RELEASE-amd64-dvd1.txt Return to function (memcpy)
Vulnerable
FreeBSD-11.0-RC3-amd64-dvd1.txt Return to function (memcpy) Vulnerable
FreeBSD-9.3-RELEASE-amd64-dvd1.txt Return to function (memcpy)
Vulnerable
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt Return to function (memcpy)
Vulnerable
install60.txt Return to function (memcpy) Vulnerable
linuxmint-18-cinnamon-64bit.txt Return to function (memcpy) Vulnerable
openSUSE-Leap-42.1-DVD-x86_64.txt Return to function (memcpy)
Vulnerable
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Return to function (memcpy)
Vulnerable
ubuntu-16.04.1-desktop-amd64.txt Return to function (memcpy)
Vulnerable
ubuntu-16.04.1-server-amd64.txt Return to function (memcpy) Vulnerable
###################################################
CentOS-7-x86_64-Everything-1511.txt Return to function (strcpy, PIE)
paxtest return address contains a NULL byte.
debian-8.6.0-amd64-CD-1.txt Return to function (strcpy, PIE) paxtest
return address contains a NULL byte.
Fedora-Server-dvd-x86_64-24-1.2.txt Return to function (strcpy, PIE)
paxtest return address contains a NULL byte.
Fedora-Workstation-netinst-x86_64-24-1.2.txt Return to function (strcpy,
PIE) paxtest return address contains a NULL byte.
FreeBSD-10.3-RELEASE-amd64-dvd1.txt Return to function (strcpy, PIE)
paxtest return address contains a NULL byte.
FreeBSD-11.0-RC3-amd64-dvd1.txt Return to function (strcpy, PIE) paxtest
return address contains a NULL byte.
FreeBSD-9.3-RELEASE-amd64-dvd1.txt Return to function (strcpy, PIE)
paxtest return address contains a NULL byte.
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt Return to function (strcpy,
PIE) paxtest return address contains a NULL byte.
install60.txt Return to function (strcpy, PIE) paxtest return address
contains a NULL byte.
linuxmint-18-cinnamon-64bit.txt Return to function (strcpy, PIE) paxtest
return address contains a NULL byte.
openSUSE-Leap-42.1-DVD-x86_64.txt Return to function (strcpy, PIE)
paxtest return address contains a NULL byte.
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Return to function (strcpy,
PIE) paxtest return address contains a NULL byte.
ubuntu-16.04.1-desktop-amd64.txt Return to function (strcpy, PIE)
paxtest return address contains a NULL byte.
ubuntu-16.04.1-server-amd64.txt Return to function (strcpy, PIE) paxtest
return address contains a NULL byte.
###################################################
CentOS-7-x86_64-Everything-1511.txt Return to function (memcpy, PIE)
Vulnerable
debian-8.6.0-amd64-CD-1.txt Return to function (memcpy, PIE)
Vulnerable
Fedora-Server-dvd-x86_64-24-1.2.txt Return to function (memcpy, PIE)
Vulnerable
Fedora-Workstation-netinst-x86_64-24-1.2.txt Return to function (memcpy,
PIE) Vulnerable
FreeBSD-10.3-RELEASE-amd64-dvd1.txt Return to function (memcpy, PIE)
Vulnerable
FreeBSD-11.0-RC3-amd64-dvd1.txt Return to function (memcpy, PIE)
Vulnerable
FreeBSD-9.3-RELEASE-amd64-dvd1.txt Return to function (memcpy, PIE)
Vulnerable
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt Return to function (memcpy,
PIE) Vulnerable
install60.txt Return to function (memcpy, PIE) Vulnerable
linuxmint-18-cinnamon-64bit.txt Return to function (memcpy, PIE)
Vulnerable
openSUSE-Leap-42.1-DVD-x86_64.txt Return to function (memcpy, PIE)
Vulnerable
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt Return to function (memcpy,
PIE) Vulnerable
ubuntu-16.04.1-desktop-amd64.txt Return to function (memcpy, PIE)
Vulnerable
ubuntu-16.04.1-server-amd64.txt Return to function (memcpy, PIE)
Vulnerable
##############################################################################################
RAW:
$ ls -1
CentOS-7-x86_64-Everything-1511.iso
CentOS-7-x86_64-Everything-1511.txt
debian-8.6.0-amd64-CD-1.iso
debian-8.6.0-amd64-CD-1.txt
Fedora-Server-dvd-x86_64-24-1.2.iso
Fedora-Server-dvd-x86_64-24-1.2.txt
Fedora-Workstation-netinst-x86_64-24-1.2.iso
Fedora-Workstation-netinst-x86_64-24-1.2.txt
FreeBSD-10.3-RELEASE-amd64-dvd1.iso
FreeBSD-10.3-RELEASE-amd64-dvd1.txt
FreeBSD-11.0-RC3-amd64-dvd1.iso
FreeBSD-11.0-RC3-amd64-dvd1.txt
FreeBSD-9.3-RELEASE-amd64-dvd1.iso
FreeBSD-9.3-RELEASE-amd64-dvd1.txt
HardenedBSD-11-STABLE-v46.5-amd64-disc1.iso
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt
install60.iso
install60.txt
linuxmint-18-cinnamon-64bit.iso
linuxmint-18-cinnamon-64bit.txt
openSUSE-Leap-42.1-DVD-x86_64.iso
openSUSE-Leap-42.1-DVD-x86_64.txt
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.iso
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt
ubuntu-16.04.1-desktop-amd64.iso
ubuntu-16.04.1-desktop-amd64.txt
ubuntu-16.04.1-server-amd64.iso
ubuntu-16.04.1-server-amd64.txt
$
###################################################
CentOS-7-x86_64-Everything-1511.txt
[root@localhost paxtest-0.9.15]# uname -mrs
Linux 3.10.0-327.el7.x86_64 x86_64
[root@localhost paxtest-0.9.15]# lsb_release -a
LSB Version: :core-4.1-amd64:core-4.1-noarch
Distributor ID: CentOS
Description: CentOS Linux release 7.2.1511 (Core)
Release: 7.2.1511
Codename: Core
[root@localhost paxtest-0.9.15]# make -f Makefile.psm THEARCH=-m64
...
[root@localhost paxtest-0.9.15]# ./paxtest blackhat
PaXtest - Copyright(c) 2003-2016 by Peter Busser <pe...@adamantix.org> and Brad
Spengler <spen...@grsecurity.net>
Released under the GNU Public Licence version 2 or later
Writing output to /root/paxtest.log
It may take a while for the tests to complete
Test results:
./paxtest : line 69 : ./gcc : No such file or directory
Executable anonymous mapping : Killed
Executable bss : Killed
Executable data : Killed
Executable heap : Killed
Executable stack : Killed
Executable shared library bss : Killed
Executable shared library data : Killed
Executable anonymous mapping (mprotect) : Vulnerable
Executable bss (mprotect) : Vulnerable
Executable data (mprotect) : Vulnerable
Executable heap (mprotect) : Killed
Executable stack (mprotect) : Vulnerable
Executable shared library bss (mprotect) : Vulnerable
Executable shared library data (mprotect) : Vulnerable
Writable text segments : Vulnerable
Anonymous mapping randomization test : 28 quality bits (guessed)
Heap randomization test (ET_EXEC) : 13 quality bits (guessed)
Heap randomization test (PIE) : 28 quality bits (guessed)
Main executable randomization (ET_EXEC) : No randomization
Main executable randomization (PIE) : 28 quality bits (guessed)
Shared library randomization test : 28 quality bits (guessed)
VDSO randomization test : 20 quality bits (guessed)
Stack randomization test (SEGMEXEC) : 30 quality bits (guessed)
Stack randomization test (PAGEEXEC) : 30 quality bits (guessed)
Arg/env randomization test (SEGMEXEC) : 22 quality bits (guessed)
Arg/env randomization test (PAGEEXEC) : 22 quality bits (guessed)
Offset to library randomisation (ET_EXEC) : 28 quality bits (guessed)
Offset to library randomisation (ET_DYN) : No randomization
Randomization under memory exhaustion @~0 : 28 bits (guessed)
Randomization under memory exhaustion @0 : 29 bits (guessed)
Return to function (strcpy) : paxtest : return address contains
a NULL byte.
Return to function (memcpy) : Vulnerable
Return to function (strcpy, PIE) : paxtest : return address contains
a NULL byte.
Return to function (memcpy, PIE) : Vulnerable
[root@localhost paxtest-0.9.15]#
###################################################
debian-8.6.0-amd64-CD-1.txt
root@a:~/paxtest-0.9.15# uname -mrs
Linux 3.16.0-4-amd64 x86_64
root@a:~/paxtest-0.9.15# lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux 8.6 (jessie)
Release: 8.6
Codename: jessie
root@a:~/paxtest-0.9.15# make -f Makefile.psm THEARCH=-m64
...
root@a:~/paxtest-0.9.15# ./paxtest blackhat
PaXtest - Copyright(c) 2003-2016 by Peter Busser <pe...@adamantix.org> and Brad
Spengler <spen...@grsecurity.net>
Released under the GNU Public Licence version 2 or later
Writing output to /root/paxtest.log
It may take a while for the tests to complete
Test results:
./paxtest : 69 : ./paxtest : ./gcc : not found
Executable anonymous mapping : Killed
Executable bss : Killed
Executable data : Killed
Executable heap : Killed
Executable stack : Killed
Executable shared library bss : Killed
Executable shared library data : Killed
Executable anonymous mapping (mprotect) : Vulnerable
Executable bss (mprotect) : Vulnerable
Executable data (mprotect) : Vulnerable
Executable heap (mprotect) : Vulnerable
Executable stack (mprotect) : Vulnerable
Executable shared library bss (mprotect) : Vulnerable
Executable shared library data (mprotect) : Vulnerable
Writable text segments : Vulnerable
Anonymous mapping randomization test : 28 quality bits (guessed)
Heap randomization test (ET_EXEC) : 13 quality bits (guessed)
Heap randomization test (PIE) : 28 quality bits (guessed)
Main executable randomization (ET_EXEC) : No randomization
Main executable randomization (PIE) : 28 quality bits (guessed)
Shared library randomization test : 28 quality bits (guessed)
VDSO randomization test : 20 quality bits (guessed)
Stack randomization test (SEGMEXEC) : 30 quality bits (guessed)
Stack randomization test (PAGEEXEC) : 30 quality bits (guessed)
Arg/env randomization test (SEGMEXEC) : 22 quality bits (guessed)
Arg/env randomization test (PAGEEXEC) : 22 quality bits (guessed)
Offset to library randomisation (ET_EXEC) : 28 quality bits (guessed)
Offset to library randomisation (ET_DYN) : No randomization
Randomization under memory exhaustion @~0 : 28 bits (guessed)
Randomization under memory exhaustion @0 : 29 bits (guessed)
Return to function (strcpy) : paxtest : return address contains
a NULL byte.
Return to function (memcpy) : Vulnerable
Return to function (strcpy, PIE) : paxtest : return address contains
a NULL byte.
Return to function (memcpy, PIE) : Vulnerable
root@a:~/paxtest-0.9.15#
###################################################
Fedora-Server-dvd-x86_64-24-1.2.txt
[root@localhost paxtest-0.9.15]# uname -mrs
Linux 4.5.5-300.fc24.x86_64 x86_64
[root@localhost paxtest-0.9.15]# lsb_release -a
LSB Version: :core-4.1-amd64:core-4.1-noarch
Distributor ID: Fedora
Description: Fedora release 24 (Twenty Four)
Release: 24
Codename: TwentyFour
[root@localhost paxtest-0.9.15]# make -f Makefile.psm THEARCH=-m64
...
[root@localhost paxtest-0.9.15]# ./paxtest blackhat
PaXtest - Copyright(c) 2003-2016 by Peter Busser <pe...@adamantix.org> and Brad
Spengler <spen...@grsecurity.net>
Released under the GNU Public Licence version 2 or later
Writing output to /root/paxtest.log
It may take a while for the tests to complete
Test results:
./paxtest : line 69 : ./gcc : No such file or directory
Executable anonymous mapping : Killed
Executable bss : Killed
Executable data : Killed
Executable heap : Killed
Executable stack : Killed
Executable shared library bss : Killed
Executable shared library data : Killed
Executable anonymous mapping (mprotect) : Vulnerable
Executable bss (mprotect) : Vulnerable
Executable data (mprotect) : Vulnerable
Executable heap (mprotect) : Killed
Executable stack (mprotect) : Vulnerable
Executable shared library bss (mprotect) : Vulnerable
Executable shared library data (mprotect) : Vulnerable
Writable text segments : Vulnerable
Anonymous mapping randomization test : 28 quality bits (guessed)
Heap randomization test (ET_EXEC) : 13 quality bits (guessed)
Heap randomization test (PIE) : 28 quality bits (guessed)
Main executable randomization (ET_EXEC) : No randomization
Main executable randomization (PIE) : 28 quality bits (guessed)
Shared library randomization test : 28 quality bits (guessed)
VDSO randomization test : 20 quality bits (guessed)
Stack randomization test (SEGMEXEC) : 30 quality bits (guessed)
Stack randomization test (PAGEEXEC) : 30 quality bits (guessed)
Arg/env randomization test (SEGMEXEC) : 22 quality bits (guessed)
Arg/env randomization test (PAGEEXEC) : 22 quality bits (guessed)
Offset to library randomisation (ET_EXEC) : 28 quality bits (guessed)
Offset to library randomisation (ET_DYN) : 28 quality bits (guessed)
Randomization under memory exhaustion @~0 : 29 bits (guessed)
Randomization under memory exhaustion @0 : 28 bits (guessed)
Return to function (strcpy) : paxtest : return address contains
a NULL byte.
Return to function (memcpy) : Vulnerable
Return to function (strcpy, PIE) : paxtest : return address contains
a NULL byte.
Return to function (memcpy, PIE) : Vulnerable
[root@localhost paxtest-0.9.15]#
###################################################
Fedora-Workstation-netinst-x86_64-24-1.2.txt
[root@localhost paxtest-0.9.15]# uname -mrs
Linux 4.7.5-200.fc24.x86_64 x86_64
[root@localhost paxtest-0.9.15]# lsb_release -a
LSB Version: :core-4.1-amd64:core-4.1-noarch
Distributor ID: Fedora
Description: Fedora release 24 (Twenty Four)
Release: 24
Codename: TwentyFour
[root@localhost paxtest-0.9.15]# make -f Makefile.psm THEARCH=-m64
...
[root@localhost paxtest-0.9.15]# ./paxtest blackhat
PaXtest - Copyright(c) 2003-2016 by Peter Busser <pe...@adamantix.org> and Brad
Spengler <spen...@grsecurity.net>
Released under the GNU Public Licence version 2 or later
Writing output to /root/paxtest.log
It may take a while for the tests to complete
Test results:
./paxtest : line 69 : ./gcc : No such file or directory
Executable anonymous mapping : Killed
Executable bss : Killed
Executable data : Killed
Executable heap : Killed
Executable stack : Killed
Executable shared library bss : Killed
Executable shared library data : Killed
Executable anonymous mapping (mprotect) : Vulnerable
Executable bss (mprotect) : Vulnerable
Executable data (mprotect) : Vulnerable
Executable heap (mprotect) : Killed
Executable stack (mprotect) : Vulnerable
Executable shared library bss (mprotect) : Vulnerable
Executable shared library data (mprotect) : Vulnerable
Writable text segments : Vulnerable
Anonymous mapping randomization test : 28 quality bits (guessed)
Heap randomization test (ET_EXEC) : 13 quality bits (guessed)
Heap randomization test (PIE) : 28 quality bits (guessed)
Main executable randomization (ET_EXEC) : No randomization
Main executable randomization (PIE) : 28 quality bits (guessed)
Shared library randomization test : 28 quality bits (guessed)
VDSO randomization test : 20 quality bits (guessed)
Stack randomization test (SEGMEXEC) : 30 quality bits (guessed)
Stack randomization test (PAGEEXEC) : 30 quality bits (guessed)
Arg/env randomization test (SEGMEXEC) : 22 quality bits (guessed)
Arg/env randomization test (PAGEEXEC) : 22 quality bits (guessed)
Offset to library randomisation (ET_EXEC) : 28 quality bits (guessed)
Offset to library randomisation (ET_DYN) : 28 quality bits (guessed)
Randomization under memory exhaustion @~0 : 29 bits (guessed)
Randomization under memory exhaustion @0 : 29 bits (guessed)
Return to function (strcpy) : paxtest : return address contains
a NULL byte.
Return to function (memcpy) : Vulnerable
Return to function (strcpy, PIE) : paxtest : return address contains
a NULL byte.
Return to function (memcpy, PIE) : Vulnerable
[root@localhost paxtest-0.9.15]#
###################################################
FreeBSD-10.3-RELEASE-amd64-dvd1.txt
root@:~/paxtest-0.9.14-freebsd # uname -mrs
FreeBSD 10.3-RELEASE amd64
root@:~/paxtest-0.9.14-freebsd # ./paxtest blackhat
PaXtest
Copyright(c) 2003-2014 by Peter Busser <pe...@adamantix.org> and Brad Spengler
<spen...@grsecurity.net>
Copyright(c) 2015 by Oliver Pinter <o...@hardenedbsd.org>
Released under the GNU Public Licence version 2 or later
Writing output to paxtest.log
It may take a while for the tests to complete
Test results:
PaXtest
Copyright(c) 2003-2014 by Peter Busser <pe...@adamantix.org> and Brad Spengler
<spen...@grsecurity.net>
Copyright(c) 2015 by Oliver Pinter <o...@hardenedbsd.org>
Released under the GNU Public Licence version 2 or later
Mode : blackhat
Uname : FreeBSD 9.3-RELEASE FreeBSD 9.3-RELEASE #0 r268512 : Thu Jul 10
23:44:39 UTC 2014 r...@snap.freebsd.org:/usr/obj/usr/src/sys/GENERIC amd64
Compiler : gcc version 4.2.1 20070831 patched [FreeBSD]
Executable anonymous mapping : Killed
Executable bss : Killed
Executable data : Killed
Executable heap : Killed
Executable stack : Killed
Executable shared library bss : Killed
Executable shared library data : Killed
Executable anonymous mapping (mprotect) : Vulnerable
Executable bss (mprotect) : Vulnerable
Executable data (mprotect) : Vulnerable
Executable heap (mprotect) : Vulnerable
Executable stack (mprotect) : Vulnerable
Executable shared library bss (mprotect) : Vulnerable
Executable shared library data (mprotect) : Vulnerable
Writable text segments : Vulnerable
Anonymous mapping randomization test : No randomization
Heap randomization test (ET_EXEC) : No randomization
Heap randomization test (PIE) : No randomization
Main executable randomization (ET_EXEC) : No randomization
Main executable randomization (PIE) : No randomization
Shared library randomization test : No randomization
VDSO randomization test : No randomization
Stack randomization test (SEGMEXEC) : No randomization
Stack randomization test (PAGEEXEC) : No randomization
Arg/env randomization test (SEGMEXEC) : No randomization
Arg/env randomization test (PAGEEXEC) : No randomization
Randomization under memory exhaustion @~0 : No randomization
Randomization under memory exhaustion @0 : No randomization
Return to function (strcpy) : paxtest : return address contains
a NULL byte.
Return to function (memcpy) : Vulnerable
Return to function (strcpy, PIE) : paxtest : return address contains
a NULL byte.
Return to function (memcpy, PIE) : Vulnerable
root@:~/paxtest-0.9.14-freebsd #
###################################################
FreeBSD-11.0-RC3-amd64-dvd1.txt
root@:~/paxtest-0.9.14-freebsd # uname -mrs
FreeBSD 11.0-RC3 amd64
root@:~/paxtest-0.9.14-freebsd # ./paxtest blackhat
PaXtest
Copyright(c) 2003-2014 by Peter Busser <pe...@adamantix.org> and Brad Spengler
<spen...@grsecurity.net>
Copyright(c) 2015 by Oliver Pinter <o...@hardenedbsd.org>
Released under the GNU Public Licence version 2 or later
Writing output to paxtest.log
It may take a while for the tests to complete
Test results:
PaXtest
Copyright(c) 2003-2014 by Peter Busser <pe...@adamantix.org> and Brad Spengler
<spen...@grsecurity.net>
Copyright(c) 2015 by Oliver Pinter <o...@hardenedbsd.org>
Released under the GNU Public Licence version 2 or later
Mode : blackhat
Uname : FreeBSD 9.3-RELEASE FreeBSD 9.3-RELEASE #0 r268512 : Thu Jul 10
23:44:39 UTC 2014 r...@snap.freebsd.org:/usr/obj/usr/src/sys/GENERIC amd64
Compiler : gcc version 4.2.1 20070831 patched [FreeBSD]
Executable anonymous mapping : Killed
Executable bss : Killed
Executable data : Killed
Executable heap : Killed
Executable stack : Killed
Executable shared library bss : Killed
Executable shared library data : Killed
Executable anonymous mapping (mprotect) : Vulnerable
Executable bss (mprotect) : Vulnerable
Executable data (mprotect) : Vulnerable
Executable heap (mprotect) : Vulnerable
Executable stack (mprotect) : Vulnerable
Executable shared library bss (mprotect) : Vulnerable
Executable shared library data (mprotect) : Vulnerable
Writable text segments : Vulnerable
Anonymous mapping randomization test : No randomization
Heap randomization test (ET_EXEC) : No randomization
Heap randomization test (PIE) : No randomization
Main executable randomization (ET_EXEC) : No randomization
Main executable randomization (PIE) : No randomization
Shared library randomization test : No randomization
VDSO randomization test : No randomization
Stack randomization test (SEGMEXEC) : No randomization
Stack randomization test (PAGEEXEC) : No randomization
Arg/env randomization test (SEGMEXEC) : No randomization
Arg/env randomization test (PAGEEXEC) : No randomization
Randomization under memory exhaustion @~0 : No randomization
Randomization under memory exhaustion @0 : No randomization
Return to function (strcpy) : paxtest : return address contains
a NULL byte.
Return to function (memcpy) : Vulnerable
Return to function (strcpy, PIE) : paxtest : return address contains
a NULL byte.
Return to function (memcpy, PIE) : Vulnerable
root@:~/paxtest-0.9.14-freebsd #
###################################################
FreeBSD-9.3-RELEASE-amd64-dvd1.txt
root@:~/paxtest-0.9.14-freebsd # uname -mrs
FreeBSD 9.3-RELEASE amd64
root@:~/paxtest-0.9.14-freebsd # make -f Makefile.FreeBSD
...
root@:~/paxtest-0.9.14-freebsd # ./paxtest blackhat
PaXtest
Copyright(c) 2003-2014 by Peter Busser <pe...@adamantix.org> and Brad Spengler
<spen...@grsecurity.net>
Copyright(c) 2015 by Oliver Pinter <o...@hardenedbsd.org>
Released under the GNU Public Licence version 2 or later
Writing output to paxtest.log
It may take a while for the tests to complete
Test results:
PaXtest
Copyright(c) 2003-2014 by Peter Busser <pe...@adamantix.org> and Brad Spengler
<spen...@grsecurity.net>
Copyright(c) 2015 by Oliver Pinter <o...@hardenedbsd.org>
Released under the GNU Public Licence version 2 or later
Mode : blackhat
Uname : FreeBSD 9.3-RELEASE FreeBSD 9.3-RELEASE #0 r268512 : Thu Jul 10
23:44:39 UTC 2014 r...@snap.freebsd.org:/usr/obj/usr/src/sys/GENERIC amd64
Compiler : gcc version 4.2.1 20070831 patched [FreeBSD]
Executable anonymous mapping : Killed
Executable bss : Killed
Executable data : Killed
Executable heap : Killed
Executable stack : Killed
Executable shared library bss : Killed
Executable shared library data : Killed
Executable anonymous mapping (mprotect) : Vulnerable
Executable bss (mprotect) : Vulnerable
Executable data (mprotect) : Vulnerable
Executable heap (mprotect) : Vulnerable
Executable stack (mprotect) : Vulnerable
Executable shared library bss (mprotect) : Vulnerable
Executable shared library data (mprotect) : Vulnerable
Writable text segments : Vulnerable
Anonymous mapping randomization test : No randomization
Heap randomization test (ET_EXEC) : No randomization
Heap randomization test (PIE) : No randomization
Main executable randomization (ET_EXEC) : No randomization
Main executable randomization (PIE) : No randomization
Shared library randomization test : No randomization
VDSO randomization test : No randomization
Stack randomization test (SEGMEXEC) : No randomization
Stack randomization test (PAGEEXEC) : No randomization
Arg/env randomization test (SEGMEXEC) : No randomization
Arg/env randomization test (PAGEEXEC) : No randomization
Randomization under memory exhaustion @~0 : No randomization
Randomization under memory exhaustion @0 : No randomization
Return to function (strcpy) : paxtest : return address contains
a NULL byte.
Return to function (memcpy) : Vulnerable
Return to function (strcpy, PIE) : paxtest : return address contains
a NULL byte.
Return to function (memcpy, PIE) : Vulnerable
root@:~/paxtest-0.9.14-freebsd #
###################################################
HardenedBSD-11-STABLE-v46.5-amd64-disc1.txt
root@:~/paxtest-0.9.14-freebsd # uname -mrs
FreeBSD 11.0-PRERELEASE-HBSD amd64
# warning : the randvdso test may be invalid, try to retest with the
security.bsd.unprivileged_proc_debug=1 sysctl setting
root@:~/paxtest-0.9.14-freebsd # sysctl security.bsd.unprivileged_proc_debug
security.bsd.unprivileged_proc_debug : 0
root@:~/paxtest-0.9.14-freebsd # sysctl security.bsd.unprivileged_proc_debug=1
security.bsd.unprivileged_proc_debug : 0 -> 1
root@:~/paxtest-0.9.14-freebsd # sysctl security.bsd.unprivileged_proc_debug
security.bsd.unprivileged_proc_debug : 1
root@:~/paxtest-0.9.14-freebsd # ./paxtest blackhat
PaXtest
Copyright(c) 2003-2014 by Peter Busser <pe...@adamantix.org> and Brad Spengler
<spen...@grsecurity.net>
Copyright(c) 2015 by Oliver Pinter <o...@hardenedbsd.org>
Released under the GNU Public Licence version 2 or later
Writing output to paxtest.log
It may take a while for the tests to complete
Test results:
PaXtest
Copyright(c) 2003-2014 by Peter Busser <pe...@adamantix.org> and Brad Spengler
<spen...@grsecurity.net>
Copyright(c) 2015 by Oliver Pinter <o...@hardenedbsd.org>
Released under the GNU Public Licence version 2 or later
Mode : blackhat
Uname : FreeBSD 9.3-RELEASE FreeBSD 9.3-RELEASE #0 r268512 : Thu Jul 10
23:44:39 UTC 2014 r...@snap.freebsd.org:/usr/obj/usr/src/sys/GENERIC amd64
Compiler : gcc version 4.2.1 20070831 patched [FreeBSD]
Executable anonymous mapping : Killed
Executable bss : Killed
Executable data : Killed
Executable heap : Killed
Executable stack : Killed
Executable shared library bss : Killed
Executable shared library data : Killed
Executable anonymous mapping (mprotect) : Killed
Executable bss (mprotect) : Killed
Executable data (mprotect) : Killed
Executable heap (mprotect) : Killed
Executable stack (mprotect) : Killed
Executable shared library bss (mprotect) : Killed
Executable shared library data (mprotect) : Killed
Writable text segments : Vulnerable
Anonymous mapping randomization test : 30 quality bits (guessed)
Heap randomization test (ET_EXEC) : 21 quality bits (guessed)
Heap randomization test (PIE) : 22 quality bits (guessed)
Main executable randomization (ET_EXEC) : No randomization
Main executable randomization (PIE) : 30 quality bits (guessed)
Shared library randomization test : 30 quality bits (guessed)
VDSO randomization test : 28 quality bits (guessed)
Stack randomization test (SEGMEXEC) : 41 quality bits (guessed)
Stack randomization test (PAGEEXEC) : 41 quality bits (guessed)
Arg/env randomization test (SEGMEXEC) : 42 quality bits (guessed)
Arg/env randomization test (PAGEEXEC) : 42 quality bits (guessed)
Randomization under memory exhaustion @~0 : 30 bits (guessed)
Randomization under memory exhaustion @0 : 30 bits (guessed)
Return to function (strcpy) : paxtest : return address contains
a NULL byte.
Return to function (memcpy) : Vulnerable
Return to function (strcpy, PIE) : paxtest : return address contains
a NULL byte.
Return to function (memcpy, PIE) : Vulnerable
root@:~/paxtest-0.9.14-freebsd #
###################################################
install60.txt
# uname -mrs
OpenBSD 6.0 amd64
# gmake -f Makefile.OpenBSD
...
# ./paxtest blackhat
PaXtest - Copyright(c) 2003-2016 by Peter Busser <pe...@adamantix.org> and Brad
Spengler <spen...@grsecurity.net>
Released under the GNU Public Licence version 2 or later
Writing output to /root/paxtest.log
It may take a while for the tests to complete
Test results:
./paxtest[70] : ./gcc : not found
Executable anonymous mapping : Killed
Executable bss : Killed
Executable data : Killed
Executable heap : Killed
Executable stack : Killed
Executable anonymous mapping (mprotect) : Vulnerable
Executable bss (mprotect) : Vulnerable
Executable data (mprotect) : Vulnerable
Executable heap (mprotect) : Vulnerable
Executable shared library bss (mprotect) : Vulnerable
Executable shared library data (mprotect) : Vulnerable
Executable stack (mprotect) : Killed
Anonymous mapping randomization test : 33 quality bits (guessed)
Heap randomization test (ET_EXEC) : 38 quality bits (guessed)
Main executable randomization (ET_EXEC) : 25 quality bits (guessed)
Shared library randomization test : 33 quality bits (guessed)
Stack randomization test (SEGMEXEC) : 14 quality bits (guessed)
Stack randomization test (PAGEEXEC) : 14 quality bits (guessed)
Arg/env randomization test (SEGMEXEC) : 14 quality bits (guessed)
Arg/env randomization test (PAGEEXEC) : 14 quality bits (guessed)
Return to function (strcpy) : paxtest : return address contains
a NULL byte.
Return to function (strcpy, PIE) : paxtest : return address contains
a NULL byte.
Return to function (memcpy) : Vulnerable
Return to function (memcpy, PIE) : Vulnerable
Executable shared library bss : Killed
Executable shared library data : Killed
Writable text segments : Killed
#
###################################################
linuxmint-18-cinnamon-64bit.txt
a paxtest-0.9.15 # uname -mrs
Linux 4.4.0-21-generic x86_64
a paxtest-0.9.15 # lsb_release -a
No LSB modules are available.
Distributor ID: LinuxMint
Description: Linux Mint 18 Sarah
Release: 18
Codename: sarah
a paxtest-0.9.15 # make -f Makefile.psm THEARCH=-m64
...
a paxtest-0.9.15 # ./paxtest blackhat
PaXtest - Copyright(c) 2003-2016 by Peter Busser <pe...@adamantix.org> and Brad
Spengler <spen...@grsecurity.net>
Released under the GNU Public Licence version 2 or later
Writing output to /root/paxtest.log
It may take a while for the tests to complete
Test results:
./paxtest : 69 : ./paxtest : ./gcc : not found
Executable anonymous mapping : Killed
Executable bss : Killed
Executable data : Killed
Executable heap : Killed
Executable stack : Killed
Executable shared library bss : Killed
Executable shared library data : Killed
Executable anonymous mapping (mprotect) : Vulnerable
Executable bss (mprotect) : Vulnerable
Executable data (mprotect) : Vulnerable
Executable heap (mprotect) : Vulnerable
Executable stack (mprotect) : Vulnerable
Executable shared library bss (mprotect) : Vulnerable
Executable shared library data (mprotect) : Vulnerable
Writable text segments : Vulnerable
Anonymous mapping randomization test : 28 quality bits (guessed)
Heap randomization test (ET_EXEC) : 13 quality bits (guessed)
Heap randomization test (PIE) : 28 quality bits (guessed)
Main executable randomization (ET_EXEC) : No randomization
Main executable randomization (PIE) : 28 quality bits (guessed)
Shared library randomization test : 28 quality bits (guessed)
VDSO randomization test : 20 quality bits (guessed)
Stack randomization test (SEGMEXEC) : 30 quality bits (guessed)
Stack randomization test (PAGEEXEC) : 30 quality bits (guessed)
Arg/env randomization test (SEGMEXEC) : 22 quality bits (guessed)
Arg/env randomization test (PAGEEXEC) : 22 quality bits (guessed)
Offset to library randomisation (ET_EXEC) : 28 quality bits (guessed)
Offset to library randomisation (ET_DYN) : 28 quality bits (guessed)
Randomization under memory exhaustion @~0 : 29 bits (guessed)
Randomization under memory exhaustion @0 : 28 bits (guessed)
Return to function (strcpy) : paxtest : return address contains
a NULL byte.
Return to function (memcpy) : Vulnerable
Return to function (strcpy, PIE) : paxtest : return address contains
a NULL byte.
Return to function (memcpy, PIE) : Vulnerable
a paxtest-0.9.15 #
###################################################
openSUSE-Leap-42.1-DVD-x86_64.txt
linux-oxsg:~/paxtest-0.9.15 # uname -mrs
Linux 4.1.12-1-default x86_64
linux-oxsg:~/paxtest-0.9.15 # lsb_release -a
LSB Version: n/a
Distributor ID: SUSE LINUX
Description: openSUSE Leap 42.1 (x86_64)
Release: 42.1
Codename: n/a
linux-oxsg:~/paxtest-0.9.15 # make -f Makefile.psm THEARCH=-m64
...
linux-oxsg:~/paxtest-0.9.15 # ./paxtest blackhat
PaXtest - Copyright(c) 2003-2016 by Peter Busser <pe...@adamantix.org> and Brad
Spengler <spen...@grsecurity.net>
Released under the GNU Public Licence version 2 or later
Writing output to /root/paxtest.log
It may take a while for the tests to complete
Test results:
./paxtest : line 69 : ./gcc : No such file or directory
Executable anonymous mapping : Killed
Executable bss : Killed
Executable data : Killed
Executable heap : Killed
Executable stack : Killed
Executable shared library bss : Killed
Executable shared library data : Killed
Executable anonymous mapping (mprotect) : Vulnerable
Executable bss (mprotect) : Vulnerable
Executable data (mprotect) : Vulnerable
Executable heap (mprotect) : Vulnerable
Executable stack (mprotect) : Vulnerable
Executable shared library bss (mprotect) : Vulnerable
Executable shared library data (mprotect) : Vulnerable
Writable text segments : Vulnerable
Anonymous mapping randomization test : 28 quality bits (guessed)
Heap randomization test (ET_EXEC) : 13 quality bits (guessed)
Heap randomization test (PIE) : 28 quality bits (guessed)
Main executable randomization (ET_EXEC) : No randomization
Main executable randomization (PIE) : 28 quality bits (guessed)
Shared library randomization test : 28 quality bits (guessed)
VDSO randomization test : 20 quality bits (guessed)
Stack randomization test (SEGMEXEC) : 30 quality bits (guessed)
Stack randomization test (PAGEEXEC) : 30 quality bits (guessed)
Arg/env randomization test (SEGMEXEC) : 22 quality bits (guessed)
Arg/env randomization test (PAGEEXEC) : 22 quality bits (guessed)
Offset to library randomisation (ET_EXEC) : 28 quality bits (guessed)
Offset to library randomisation (ET_DYN) : 28 quality bits (guessed)
Randomization under memory exhaustion @~0 : 29 bits (guessed)
Randomization under memory exhaustion @0 : 28 bits (guessed)
Return to function (strcpy) : paxtest : return address contains
a NULL byte.
Return to function (memcpy) : Vulnerable
Return to function (strcpy, PIE) : paxtest : return address contains
a NULL byte.
Return to function (memcpy, PIE) : Vulnerable
linux-oxsg:~/paxtest-0.9.15 #
###################################################
SLE-12-SP1-Server-DVD-x86_64-GM-DVD1.txt
linux-31ki:~/paxtest-0.9.15 # uname -mrs
Linux 3.12.49-11-default x86_64
linux-31ki:~/paxtest-0.9.15 # lsb_release -a
LSB Version: n/a
Distributor ID: SUSE LINUX
Description: SUSE Linux Enterprise Server 12 SP1
Release: 12.1
Codename: n/a
linux-31ki:~/paxtest-0.9.15 # make -f Makefile.psm THEARCH=-m64
...
linux-31ki:~/paxtest-0.9.15 # ./paxtest blackhat
PaXtest - Copyright(c) 2003-2016 by Peter Busser <pe...@adamantix.org> and Brad
Spengler <spen...@grsecurity.net>
Released under the GNU Public Licence version 2 or later
Writing output to /root/paxtest.log
It may take a while for the tests to complete
Test results:
./paxtest : line 69 : ./gcc : No such file or directory
Executable anonymous mapping : Killed
Executable bss : Killed
Executable data : Killed
Executable heap : Killed
Executable stack : Killed
Executable shared library bss : Killed
Executable shared library data : Killed
Executable anonymous mapping (mprotect) : Vulnerable
Executable bss (mprotect) : Vulnerable
Executable data (mprotect) : Vulnerable
Executable heap (mprotect) : Vulnerable
Executable stack (mprotect) : Vulnerable
Executable shared library bss (mprotect) : Vulnerable
Executable shared library data (mprotect) : Vulnerable
Writable text segments : Vulnerable
Anonymous mapping randomization test : 28 quality bits (guessed)
Heap randomization test (ET_EXEC) : 13 quality bits (guessed)
Heap randomization test (PIE) : 28 quality bits (guessed)
Main executable randomization (ET_EXEC) : No randomization
Main executable randomization (PIE) : 28 quality bits (guessed)
Shared library randomization test : 28 quality bits (guessed)
VDSO randomization test : 20 quality bits (guessed)
Stack randomization test (SEGMEXEC) : 30 quality bits (guessed)
Stack randomization test (PAGEEXEC) : 30 quality bits (guessed)
Arg/env randomization test (SEGMEXEC) : 22 quality bits (guessed)
Arg/env randomization test (PAGEEXEC) : 22 quality bits (guessed)
Offset to library randomisation (ET_EXEC) : 28 quality bits (guessed)
Offset to library randomisation (ET_DYN) : No randomization
Randomization under memory exhaustion @~0 : 28 bits (guessed)
Randomization under memory exhaustion @0 : 28 bits (guessed)
Return to function (strcpy) : paxtest : return address contains
a NULL byte.
Return to function (memcpy) : Vulnerable
Return to function (strcpy, PIE) : paxtest : return address contains
a NULL byte.
Return to function (memcpy, PIE) : Vulnerable
linux-31ki:~/paxtest-0.9.15 #
###################################################
ubuntu-16.04.1-desktop-amd64.txt
root@a:~/paxtest-0.9.15# uname -mrs
Linux 4.4.0-31-generic x86_64
root@a:~/paxtest-0.9.15# lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 16.04.1 LTS
Release: 16.04
Codename: xenial
root@a:~/paxtest-0.9.15# make -f Makefile.psm THEARCH=-m64
...
root@a:~/paxtest-0.9.15# ./paxtest blackhat
PaXtest - Copyright(c) 2003-2016 by Peter Busser <pe...@adamantix.org> and Brad
Spengler <spen...@grsecurity.net>
Released under the GNU Public Licence version 2 or later
Writing output to /root/paxtest.log
It may take a while for the tests to complete
Test results:
./paxtest : 69 : ./paxtest : ./gcc : not found
Executable anonymous mapping : Killed
Executable bss : Killed
Executable data : Killed
Executable heap : Killed
Executable stack : Killed
Executable shared library bss : Killed
Executable shared library data : Killed
Executable anonymous mapping (mprotect) : Vulnerable
Executable bss (mprotect) : Vulnerable
Executable data (mprotect) : Vulnerable
Executable heap (mprotect) : Vulnerable
Executable stack (mprotect) : Vulnerable
Executable shared library bss (mprotect) : Vulnerable
Executable shared library data (mprotect) : Vulnerable
Writable text segments : Vulnerable
Anonymous mapping randomization test : 28 quality bits (guessed)
Heap randomization test (ET_EXEC) : 13 quality bits (guessed)
Heap randomization test (PIE) : 28 quality bits (guessed)
Main executable randomization (ET_EXEC) : No randomization
Main executable randomization (PIE) : 28 quality bits (guessed)
Shared library randomization test : 28 quality bits (guessed)
VDSO randomization test : 20 quality bits (guessed)
Stack randomization test (SEGMEXEC) : 30 quality bits (guessed)
Stack randomization test (PAGEEXEC) : 30 quality bits (guessed)
Arg/env randomization test (SEGMEXEC) : 22 quality bits (guessed)
Arg/env randomization test (PAGEEXEC) : 22 quality bits (guessed)
Offset to library randomisation (ET_EXEC) : 28 quality bits (guessed)
Offset to library randomisation (ET_DYN) : 28 quality bits (guessed)
Randomization under memory exhaustion @~0 : 28 bits (guessed)
Randomization under memory exhaustion @0 : 28 bits (guessed)
Return to function (strcpy) : paxtest : return address contains
a NULL byte.
Return to function (memcpy) : Vulnerable
Return to function (strcpy, PIE) : paxtest : return address contains
a NULL byte.
Return to function (memcpy, PIE) : Vulnerable
root@a:~/paxtest-0.9.15#
###################################################
ubuntu-16.04.1-server-amd64.txt
root@a:~/paxtest-0.9.15# uname -mrs
Linux 4.4.0-31-generic x86_64
root@a:~/paxtest-0.9.15# lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 16.04.1 LTS
Release: 16.04
Codename: xenial
root@a:~/paxtest-0.9.15# make -f Makefile.psm THEARCH=-m64
...
root@a:~/paxtest-0.9.15# ./paxtest blackhat
PaXtest - Copyright(c) 2003-2016 by Peter Busser <pe...@adamantix.org> and Brad
Spengler <spen...@grsecurity.net>
Released under the GNU Public Licence version 2 or later
Writing output to /root/paxtest.log
It may take a while for the tests to complete
Test results:
./paxtest : 69 : ./paxtest : ./gcc : not found
Executable anonymous mapping : Killed
Executable bss : Killed
Executable data : Killed
Executable heap : Killed
Executable stack : Killed
Executable shared library bss : Killed
Executable shared library data : Killed
Executable anonymous mapping (mprotect) : Vulnerable
Executable bss (mprotect) : Vulnerable
Executable data (mprotect) : Vulnerable
Executable heap (mprotect) : Vulnerable
Executable stack (mprotect) : Vulnerable
Executable shared library bss (mprotect) : Vulnerable
Executable shared library data (mprotect) : Vulnerable
Writable text segments : Vulnerable
Anonymous mapping randomization test : 28 quality bits (guessed)
Heap randomization test (ET_EXEC) : 13 quality bits (guessed)
Heap randomization test (PIE) : 28 quality bits (guessed)
Main executable randomization (ET_EXEC) : No randomization
Main executable randomization (PIE) : 28 quality bits (guessed)
Shared library randomization test : 28 quality bits (guessed)
VDSO randomization test : 20 quality bits (guessed)
Stack randomization test (SEGMEXEC) : 30 quality bits (guessed)
Stack randomization test (PAGEEXEC) : 30 quality bits (guessed)
Arg/env randomization test (SEGMEXEC) : 22 quality bits (guessed)
Arg/env randomization test (PAGEEXEC) : 22 quality bits (guessed)
Offset to library randomisation (ET_EXEC) : 28 quality bits (guessed)
Offset to library randomisation (ET_DYN) : 28 quality bits (guessed)
Randomization under memory exhaustion @~0 : 29 bits (guessed)
Randomization under memory exhaustion @0 : 29 bits (guessed)
Return to function (strcpy) : paxtest : return address contains
a NULL byte.
Return to function (memcpy) : Vulnerable
Return to function (strcpy, PIE) : paxtest : return address contains
a NULL byte.
Return to function (memcpy, PIE) : Vulnerable
root@a:~/paxtest-0.9.15#
##############################################################################################
After a "ln -s G /etc/malloc.conf; reboot" the outputs are the same on OpenBSD.
Any hints how can I/we remove the vulnerables for the default install in
OpenBSD? Or how to config/fix them after install? :
install60.iso
Executable anonymous mapping (mprotect) : Vulnerable
Executable bss (mprotect) : Vulnerable
Executable data (mprotect) : Vulnerable
Executable heap (mprotect) : Vulnerable
Executable shared library bss (mprotect) : Vulnerable
Executable shared library data (mprotect) : Vulnerable
Return to function (strcpy) : paxtest : return address contains
a NULL byte.
Return to function (strcpy, PIE) : paxtest : return address contains
a NULL byte.
Return to function (memcpy) : Vulnerable
Return to function (memcpy, PIE) : Vulnerable
Hopefully the test shows the reality.
If anybody reads this, don't forget: http://www.openbsdfoundation.org/
Many Thanks! Great work!
