Skip to content

jethrogb/uefireverse

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
efiperun
efiperun
 
 
guiddb
guiddb
 
 
memdmp
memdmp
 
 
tree
tree
 
 
COPYING
COPYING
 
 
README.md
README.md
 
 

Repository files navigation

UEFI reverse engineering tools

This is a collection of tools to help reverse UEFI-based firwmare.

efiperun

Load and run EFI PE image files on your favorite operation system (Linux). See efiperun/README.md for more information.

guiddb

Scan .dec files (from e.g. TianoCore EDK2) for GUIDs and output them in C-source file format. A database of known guids is in guiddb/efi_guid.c.

memdmp

Tools to dump UEFI memory. There's a patch against EdkShell that makes the memmap command dump memory, pipe that to a file called mdmp. Then, run dmp2seg to convert that output file into many files with the actual memory contents. Then, run make_elf.rb to make a single ELF file with all the memory contents. The ELF file is not executable or anything, it's just a convenient format to store memory segments.

tree

A class file that will provides a Ruby tree abstraction for a firmware tree on your filesystem previously extracted by UEFIExtract (from UEFITool). Use UEFITool commit bf2c9f59 or newer.

Also included is an example script that uses said abstraction.

Other tools

I highly recommend UEFITool by Nikolaj Schlej.

About

Tools to help with Reverse Engineering UEFI-based firmware

Resources

Readme

License

View license
Activity

Stars

371 stars

Watchers

24 watching

Forks

62 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages