Since the Smashing The Stack For Fun And Profit article from Aleph1, a lot has been done on mitigation side: canaries, DEP/W^X, PIC (to allow ASLR), RELRO, SafeSEH, …
Because radare2 is also designed to be a present in the exploit writer arsenal, jvoisin implemented detection for some of those mitigations.
- GCC’s canary implementation can be detected by the presence of the __stack_chk_fail function. It is used to terminate a function, in case of stack overflow.
- PIE can be detected by the presence of sections headers of type dynamic.
Unfortunately, radare2 is not able to detect RELRO and NX for now.
- On windows, the DEP and PIE features can be detected by parsing the header.
- Visual Studio’s canary implementation can be detected by the presence of a __security_init_cookie function.
Radare2 is not yet able to detect SafeSEH.