-
-
Notifications
You must be signed in to change notification settings - Fork 229
UEFI analysis
With this PR we introduced a new feature for analysing UEFI firmware. This feature is massively based on the open source project FwHunt from Binarly.
Warning: We introduce new features in a very early phase to get feedback from the EMBA users as early as possible! This UEFI analysis feature is in a very early state and nearly not tested!
- Download UEFI firmware (the following firmware is currently the only tested firmware): Firmware download / Intel Advisory / Binarly writeup
- Download firmware version 0064
- Start EMBA with the following options:
sudo ./emba.sh -f ~/bc0064.cap -l ~/emba_log_bc0064 -t -W -m s02
- After the usual health checks EMBA starts with the pre-checker phase:
- As EMBA has detected an AMI firmware it starts the extraction process with the AMI BIOS Guard Extractor:
-
The next step is to walk through all of the available files and extract whatever possible via the deep extraction mode: This step is not essentially needed for this kind of firmware files.
-
Module S02 - FwHunt on all available files
Warning: As this feature is highly experimental it is nearly not tested on a broad firmware base.
EMBA - firmware security scanning at its best
Sponsor EMBA and EMBArk:
The EMBA environment is free and open source!
We put a lot of time and energy into these tools and related research to make this happen. It's now possible for you to contribute as a sponsor!
If you like EMBA you have the chance to support future development by becoming a Sponsor
Thank You ❤️ Get a Sponsor
You can also buy us some beer here ❤️ Buy me a coffee
To show your love for EMBA with nice shirts or other merch you can check our Spreadshop
EMBA - firmware security scanning at its best