UEFI has a few network commands, such as [1]. There’s a new one in the works, an HTTP client.
“Introduce an http client utilizing EDK2 HTTP protocol, to allow fast image downloading from http/https servers. HTTP download speed is usually faster than tftp. The client is based on the same approach as tftp dynamic command, and uses the same UEFI Shell command line parameters. This makes it easy integrating http into existing UEFI Shell scripts.”
Network security researchers should spend more time focusing on UEFI. Not only is there a new command, but the new network stack components. There’s a lot of network security tools that have not been directed at UEFI’s network stack and command line tools. Where security tools vary greatly bewteen OSes (and thus don’t apply well to UEFI), that is not the case with network security against common network protocols.
Hmm, today I can’t find this mailing list post in the proper EDK2 mailing list archives, the archives page does not show up-to-date message list. And I can’t find the source code on the EDK2 github page. 😦 In any case, the source is in the mailing list post, at at least Mail-Archive.com has a copy. Look for it to be in the main EDK2 tree at some time the future.
https://www.mail-archive.com/devel@edk2.groups.io/msg19906.html
https://www.mail-archive.com/devel@edk2.groups.io/msg14349.html
[1]
https://github.com/tianocore/edk2/tree/master/ShellPkg/DynamicCommand/TftpDynamicCommand
https://github.com/tianocore/edk2/tree/master/ShellPkg/Library/UefiShellNetwork2CommandsLib
https://github.com/tianocore/edk2/tree/master/ShellPkg/Library/UefiShellNetwork1CommandsLib
Firmware Security 