def test_file(sample, type_name):
with open(sample, "rb") as fh:
sample_data = fh.read()
parser = uefi_firmware.AutoParser(sample_data)
if parser.type() is None:
print ("Cannot parse (%s): No matched type." % sample)
return Status(1)
if parser.type() != type_name:
print ("Problem parsing (%s): mismatched type " +
"expected %s, got %s") % (sample, parser.type(), type_name)
return Status(1)
try:
firmware = parser.parse()
except Exception as e:
# Wrap 'process' in exception handling for a pretty print.
print ("Exception parsing (%s): (%s)." % (sample, str(e)))
return Status(1)
# Check that 'process' does not encounter invalid formats/errors.
if firmware is None:
print ("Error parsing (%s): failure in process." % (sample))
return Status(1)
# Attempt to iterate each of the nested/parsed objects.
try:
for _object in firmware.iterate_objects():
pass
except Exception as e:
print ("Exception iterating (%s): (%s)." % (sample, str(e)))
print traceback.print_exc()
return Status(1)
print ("Parsing (%s): success" % (sample))
return Status(0, firmware)
def dump_all(self) -> bool:
if not os.path.isfile(self.fw_name):
print(f"[-] Check {self.fw_name} file")
return False
with open(self.fw_name, "rb") as fw:
file_content = fw.read()
parser = uefi_firmware.AutoParser(file_content)
if parser.type() is "unknown":
fvh_index = file_content.find(b"_FVH")
if fvh_index < 0:
return self._unsupported()
parser = uefi_firmware.AutoParser(file_content[fvh_index - 40 :])
if parser.type() is "unknown":
return self._unsupported()
firmware = parser.parse()
firmware.dump(self.dir_name)
return True
def get_bios_region(rom_file):
data = open(rom_file, "rb").read()
parser = uefi_firmware.AutoParser(data)
if parser.type() == 'unknown':
return None
firmware = parser.parse()
for region in firmware.regions:
if region.name == 'bios':
return region
def bios_region(rom_file):
"""
Returns the BIOS region of the given UEFI image.
"""
data = open(rom_file, 'rb').read()
parser = uefi_firmware.AutoParser(data)
fd = parser.parse()
for region in fd.regions:
if region.name == 'bios':
return region
def dump_all(self):
if not os.path.isfile(self.fw_name):
print(f'[-] Check {self.fw_name} file')
return False
with open(self.fw_name, 'rb') as fw:
file_content = fw.read()
parser = uefi_firmware.AutoParser(file_content)
if parser.type() == 'unknown':
print('[-] This type of binary is not supported')
return False
firmware = parser.parse()
firmware.dump(self.dir_name)
return True
def dump_all(self):
if os.path.isfile(self.fw_name) == False:
print("[-] Check {0} file".format(self.fw_name))
return False
with open(self.fw_name, "rb") as fw:
file_content = fw.read()
parser = uefi_firmware.AutoParser(file_content)
if parser.type() == "unknown":
print("[-] This type of binary is not supported")
return False
firmware = parser.parse()
firmware.dump(self.dir_name)
return True
def main(rom_filename, corpus_directory):
data = open(rom_filename, 'rb').read()
parser = uefi_firmware.AutoParser(data)
fd = parser.parse()
for region in fd.regions:
if region.name == 'bios':
break
else:
print('BIOS region could not be found')
sys.exit(1)
# Make clean directory.
if os.path.isdir(corpus_directory):
shutil.rmtree(corpus_directory)
os.mkdir(corpus_directory)
os.chdir(corpus_directory)
for volume in region.objects:
for fs in volume.firmware_filesystems:
for file in fs.files:
for obj in file.objects:
if obj.type_label == 'NVARVariableStore':
for var in obj.variables:
if not var.name:
# Invalid variable.
continue
if type(var.name) == bytes:
vname = var.name.decode('ascii')
else:
vname = var.name
if not os.path.isdir(vname):
os.mkdir(vname)
seeds = os.listdir(vname)
no = len(seeds)
with chdir(vname):
fname = vname + f'_{no}'
var_data = var.data[var.data_offset:]
open(fname, 'wb').write(var_data)
duplicate = any([
filecmp.cmp(fname, seed) for seed in seeds
])
if duplicate:
os.remove(fname)
else:
print(f'[*] Wrote {vname}/{fname}')
print('[!] Done!')
def binExtract(fileName):
# Generate the file descriptor using the file name
with open(fileName, 'r') as outFile:
file_content = outFile.read()
# Parse the File content
parser = uefi_firmware.AutoParser(file_content)
firmwareData = parser.parse()
# If the file has a known type, extract the content
if parser.type() == 'unknown':
firmwareContent = ''
else:
firmwareContent = firmwareData.showinfo()
return _('Resultado: ') + parser.type() + '\n' + buildResponse(
parser.type() == 'unknown', _('Sistema de arquivos nao identificado'),
_('Sistema de arquivo identificado:\n') + firmwareContent)
def main(rom_file, nvram_file):
data = open(rom_file, 'rb').read()
parser = uefi_firmware.AutoParser(data)
fd = parser.parse()
for region in fd.regions:
if region.name == 'bios':
break
else:
print('BIOS region could not be found')
sys.exit(1)
nvram_dict = {}
for volume in region.objects:
for fs in volume.firmware_filesystems:
for file in fs.files:
for obj in file.objects:
if obj.type_label == 'NVARVariableStore':
for var in obj.variables:
if not var.name:
# Invalid variable.
continue
if type(var.name) == bytes:
vname = var.name.decode('ascii')
else:
vname = var.name
if nvram_dict.get(vname):
# Redundant copy of a variable we already have.
continue
var_data = var.data[var.data_offset:]
nvram_dict[vname] = var_data
print(f'[*] Pickled variable {vname}')
with open(nvram_file, 'wb') as nvram_pickle:
pickle.dump(nvram_dict, nvram_pickle)
print('[!] Done!')
print(f'The complete pickled NVRAM environment can be found here: {nvram_file}')
def install(ql, rom_file):
def bios_region(fd):
"""
Returns the BIOS region of the given UEFI image.
"""
assert fd.type_label == 'FlashDescriptor'
for region in fd.regions:
if region.name == 'bios':
return region
# EFI_FIRMWARE_VOLUME2_PROTOCOL
install_EFI_FIRMWARE_VOLUME2_PROTOCOL(ql)
_patch_device_handle(ql, 1)
data = open(rom_file, 'rb').read()
parser = uefi_firmware.AutoParser(data)
fd = parser.parse()
if fd.type_label == 'FlashDescriptor':
ql.os.firmware_volumes = bios_region(fd).objects
elif fd.type_label == 'FirmwareCapsule':
ql.os.firmware_volumes = fd.objects
else:
ql.os.firmware_volumes = []
import uefi_firmware
with open('D:\\temp\\bios_f51\B450MS2H.F51', 'r') as fh:
file_content = fh.read()
parser = uefi_firmware.AutoParser(file_content)
if parser.type() != 'unknown':
firmware = parser.parse()
firmware.showinfo()