How to detect that PIE / ASLR is enabled for my iOS application?

Question

How to detect that PIE / ASLR is enabled for my iOS application?

I enable PIE (position-independent executable) / ASLR (randomization of address space allocation) for the iPhone application using the "-w -pie" option flag. Is there a way to guarantee that now everything will work as advertised? I tried to print the address of the variable (Edit: and a function) with NSLog, and each time it occurs the same way. Am I doing it right?

+4

security ios iphone

kumar Feb 04 '12 at 12:14

source share

2 answers

Corey · Answer 1 · 2012-10-10T20:49:21+0000

I know this thread is outdated, but there is no good answer so far if anyone else stumbles upon it. To check if the PIE flag is set, it is very simple, just run this command:

 otool -hv /path/to/App.app/app

Where [APP] is the executable file created after creation (not ipa, but the binary executable).

You should see something like this:

 Mach header magic cputype cpusubtype caps filetype ncmds sizeofcmds flags MH_MAGIC ARM V7 0x00 EXECUTE 19 2708 NOUNDEFS DYLDLINK TWOLEVEL PIE

otool should be included in Xcode, but if you do not have it, you can install it in the Xcode settings> Downloads> Command Line Tools.

bneely · Answer 2 · 2012-02-04T12:22:04+0000

Examine function addresses, not variable addresses.

How to detect that PIE / ASLR is enabled for my iOS application?

More articles: