UEFI_RETool - A tool for UEFI firmware reverse engineering


UEFI firmware analysis with uefi_retool.py script Usage: Copy ida_plugin/uefi_analyser.py script and ida_plugin/uefi_analyser directory to IDA plugins directory Edit config.json file PE_DIR is a directory that contains all executable images from the UEFI firmware DUMP_DIR is a directory that contains all components from the firmware filesystem LOGS_DIR is a directory for logs IDA_PATH and IDA64_PATH are paths to IDA Pro executable files Run pip install -r requirements.txt Run python uefi_retool.py the command to display the help message Commands python uefi_retool.py Usage: uefi_retool.py [OPTIONS] COMMAND [ARGS]... Options: --help Show this message and exit. Commands: get-images Get executable images from UEFI firmware. get-info Analyze the entire UEFI firmware. get-pp Get a list of proprietary protocols in the UEFI firmware. get-images python uefi_retool.py get-images --help Usage: uefi_retool.py get-images [OPTIONS] FIRMWARE_PATH Get executable images from UEFI firmware. Images are stored in "modules" directory. Options: --help Show this message and exit. Example: python uefi_retool.py get-images test_fw/fw-tp-x1-carbon-5th.bin get-info....

August 6, 2020


Hakin9 TEAM
Hakin9 is a monthly magazine dedicated to hacking and cybersecurity. In every edition, we try to focus on different approaches to show various techniques - defensive and offensive. This knowledge will help you understand how most popular attacks are performed and how to protect your data from them. Our tutorials, case studies and online courses will prepare you for the upcoming, potential threats in the cyber security world. We collaborate with many individuals and universities and public institutions, but also with companies such as Xento Systems, CATO Networks, EY, CIPHER Intelligence LAB, redBorder, TSG, and others.
Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023