Skip to content

efiXplorer features

Jump to bottom
yeggor edited this page Aug 11, 2021 · 7 revisions

Features summary table

Feature name 32-bit 64-bit
Boot Services + +
Runtime Services + +
SMM services - +
PEI Services + -
Protocols + +
GUIDS + +
Applying types for local variables + +
Vulnerabilities scanner + +
Report in JSON format + +
Loader - +
Dependency graph - +

Identify available Boot Services automatically

Annotate Boot Services calls in assembly code automatically:

efiXplorer_bs.gif

Identify available Runtime Services automatically

Annotate Runtime Services calls in assembly code automatically:

efiXplorer_rt.gif

Identify available SMM services automatically

Annotate SMM Services calls in assembly code automatically:

efiXplorer_smst.gif

Identify available PEI services automatically

Annotate PEI Services calls in assembly code automatically:

efiXplorer_pei.gif

Identify available EFI Protocols automatically

Build the list of EFI Protocols firmware consumes and installs:

efiXplorer_protocols.gif

Identify known EFI GUIDs

Build the list of identified EFI GUIDs (including protocol names for known GUIDS):

efiXplorer_guids.gif

Applying types for protocols interfaces

This feature works only in conjunction with a HexRays decompiler. If you don't have a HexRays decompiler, build efiXplorer without hexrays_sdk.

Vulnerabilities scanner

efiXplorer scans drivers for the following types of vulnerabilities:

  • SMM callouts
  • OOB Write via wrong GetVariable usage (in PEI, DXE and SMM drivers)

At the end of the analysis, a chooser is displayed with the suspected vulnerabilities.

Report in JSON format

After analysis efiXplorer saves the report in JSON format.

Clone this wiki locally