Another Linux-friendly Universal-IFR-Extractor fork

Re: and :

There’s another Universal-IFR-Extractor fork …I think. The original one was Windows-centric, I think motivation for some forks was from non-Windows users. Today’s new fork might have some new/interesting features or — I didn’t study the code — it might be a fork of one of the other Linux-friendly forks.

Visual Forms Representation (VFR) is the “source code” to UEFI forms-based app, IVR is the Internal Forms Representation that is included in binaries, and of interest to reverse engineers and modders. An example of how a modder uses it:

I don’t think the security researcher community has done much research in IFR-based attacks to this binary format that includes multiple complex structures in C that impact control flow.

Original tool:

Forks of tool: (this latest one)

I suspect one of the more recent forkers didn’t first check if there was another Linux-friendly fork already exists. Besides this tool “family”, there’s also a few other IFR tools, one is:

I’m pretty sure I blogged on another one, but I’m not great at adding tags to blog posts, so I can’t find it at the moment. 😦

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s