UEFI_RETool is a tool for UEFI firmware reverse engineering.
UEFI firmware analysis with uefi_retool.py script
Usage
ida_plugin/uefi_analyser.py
script and ida_plugin/uefi_analyser
directory to IDA plugins directoryconfig.json
filePE_DIR
is a directory that contains all executable images from the UEFI firmwareDUMP_DIR
is a directory that contains all components from the firmware filesystemLOGS_DIR
is a directory for logsIDA_PATH
and IDA64_PATH
are paths to IDA Pro executable filespip install -r requirements.txt
python uefi_retool.py
command to display the help messageCommands
python uefi_retool.py
Usage: uefi_retool.py [OPTIONS] COMMAND [ARGS]…
Options:
–help Show this message and exit.
Commands:
get-images Get executable images from UEFI firmware.
get-info Analyze the entire UEFI firmware.
get-pp Get a list of proprietary protocols in the UEFI firmware.
Get-Images
python uefi_retool.py get-images –help
Usage: uefi_retool.py get-images [OPTIONS] FIRMWARE_PATH
Get executable images from UEFI firmware. Images are stored in “modules”
directory.
Options:
–help Show this message and exit.
Example
python uefi_retool.py get-images test_fw/fw-tp-x1-carbon-5th.bin
Get-Info
python uefi_retool.py get-info –help
Usage: uefi_retool.py get-info [OPTIONS] FIRMWARE_PATH
Analyze the entire UEFI firmware. The analysis result is saved to .json
file.
Options:
-w, –workers INTEGER Number of workers (8 by default).
–help Show this message and exit.
Example:
python uefi_retool.py get-info -w 6 test_fw/fw-tp-x1-carbon-5th.bin
Get-PP
python uefi_retool.py get-pp –help
Usage: uefi_retool.py get-pp [OPTIONS] FIRMWARE_PATH
Get a list of proprietary protocols in the UEFI firmware. The result is
saved to .json file.
Options:
-w, –workers INTEGER Number of workers (8 by default).
–help Show this message and exit.
Example:
python uefi_retool.py get-pp -w 6 test_fw/fw-tp-x1-carbon-5th.bin
Additional Tools
tools/update_edk2_guids.py
is a script that updates protocol GUIDs list from edk2
projectIDA plugin
Analyser & Protocol explorer
Usage
uefi_analyser
and uefi_analyser.py
to your %IDA_DIR%/plugins
directoryEdit
-> Plugins
-> UEFI analyser
(alternatively, you can use the key combination Ctrl+Alt+U
)Example
Dependency Browser & Dependency Graph
Usage
<LOGS_DIR>/<FIRMWARE_NAME>-all-info.json
file to IDA (File
-> UEFI_RETool...
)Ctrl+Alt+J
)Example
Nmap (Network Mapper) is a free tool that helps you find devices on a network,…
Introduction to the Model Context Protocol (MCP) The Model Context Protocol (MCP) is an open…
While file extensions in Linux are optional and often misleading, the file command helps decode what a…
The touch command is one of the quickest ways to create new empty files or update timestamps…
Handling large numbers of files is routine for Linux users, and that’s where the find command shines.…
Managing files and directories is foundational for Linux workflows, and the mv (“move”) command makes it easy…