tool mini-review: UEFI Xmod

UEFI Xmod is a to work with EFI images (extracting specific modules, batch processing, etc.). This Python-based command line tool is by “danse-macabre”. It is only 2 days old, so watch for it to evolve.

usage:
uefi_xmod.py [-h] [-g GUID] [-n NAME] [-r REGEX] [-p] [-o OUTDIR] [-t] target [target …]
target : EFI image file or directory which contains such files
-h, –help : show this help message and exit
-g GUID, –guid GUID : extract module with specified GUID
-n NAME, –name NAME : extract module with specified user interface name
-r REGEX, –regex REGEX : extract modules whose names match against given RE
-p, –prefix : add prefix to extracted file
-o OUTDIR, –outdir OUTDIR : store extracted modules in specified directory
-t, –test : do not extract anything but instead check the presence of the specified module

(UEFI Xmode aside, dans-macabre also has another set of UEFI tools: ida-efitools, which is a rewrite of another ida-efitools project, with multiple scripts to help IDA Pro users with UEFI analysis.)

More Information:
https://github.com/danse-macabre/uefi_xmod
https://github.com/danse-macabre/ida-efitools

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s