Skip to content
This repository has been archived by the owner on Dec 28, 2024. It is now read-only.

Latest commit

 

History

History

ida_plugin

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
uefi_analyser
uefi_analyser
 
 
README.md
README.md
 
 
uefi_analyser.py
uefi_analyser.py
 
 

README.md

IDA plugin for UEFI analysis

This plugin allows you to automatically analyse the input UEFI images, as well as search for dependencies between UEFI images in firmware.

Analyser & Protocol explorer

Installation

Copy uefi_analyser and uefi_analyser.py to your %IDA_DIR%/plugins directory.

Usage

Open the executable UEFI image in IDA and go to Edit -> Plugins -> UEFI analyser (alternatively, you can use the key combination Ctrl+Alt+U)

Example

Pseudocode after plugin work

after_analysis

Protocol explorer window

protocols

Dependency browser & Dependency graph

Usage

  • Analyse the firmware with uefi_retool.py

    python uefi_retool.py get-info FIRMWARE_PATH

  • Load {LOGS_DIR}/{FIRMWARE_NAME}-all-info.json file to IDA (File -> uefi_retool...)

    db-usage

    alternatively, you can use the key combination Ctrl+Alt+J)

Example

Dependency browser window

db-usage

Dependency graph

db-graph