tool mini-review: untermensch UEFI Windows Secure Boot injection tools

Back in 2013, Untermensch wrote a series of tools to help with Windows8 UEFI Secure Boot testing.

Since I mostly use Unix-based platforms these days, I haven’t dug deep into this tool.

If you’re a security researcher who is looking into vulnerablties in Windows use of Secure Boot, these tools may be very useful to you.

Be very careful using the tools, they come with a strong warning:

CAUTION: this module is experimental!!! Be prepared to recover a bricked motherboard!
For best results use MMTool to replace module!!

WindSLIC:
WindSLIC SLIC injectors: includes UEFI, NTFS, bootmgr SLIC injectors and installers.

Injector:
UEFI SLIC injector alternate method: uses alternate method to inject SLIC into ACPI tables use LicenseData.exe to add key, marker & slp string to nvram.

FirmwareModule:
UEFI SLIC injector firmware module: build process generates an ffs image. use MMtool.exe to replace MSOA in target firmware. flash modified firmware use InstallData.cmd to write Marker, Key, Slp string to NVRAM.

More Information:
https://github.com/untermensch/WindSLIC
https://github.com/untermensch/Injector
https://github.com/untermensch/FirmwareModule

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s