Tools for analyzing UEFI firmware using radare2/rizin
commit: d5f1aea5953fb7cbc59d219d7fa13d20390089f7
Install with pip
:
$ python -m pip install uefi-r2
Install manually:
$ git clone https://github.com/binarly-io/uefi_r2.git && cd uefi_r2
$ python setup.py install
./uefi_r2_analyzer.py analyze-image {image_path} -o out.json
./uefi_r2_analyzer.py scan --rule {rule_path} {image_path}
Basic usage examples:
from uefi_r2.uefi_analyzer import UefiAnalyzer
...
uefi_analyzer = UefiAnalyzer(image_path=image_path)
print(uefi_analyzer.get_summary())
uefi_analyzer.close()
from uefi_r2.uefi_analyzer import UefiAnalyzer
...
with UefiAnalyzer(image_path=image_path) as uefi_analyzer:
print(uefi_analyzer.get_summary())
On Linux platforms, you can pass blob for analysis instead of file:
from uefi_r2.uefi_analyzer import UefiAnalyzer
...
with UefiAnalyzer(blob=data) as uefi_analyzer:
print(uefi_analyzer.get_summary())
from uefi_r2.uefi_analyzer import UefiAnalyzer
from uefi_r2.uefi_scanner import UefiRule, UefiScanner
...
uefi_analyzer = UefiAnalyzer(image_path)
uefi_rule = UefiRule(rule)
scanner = UefiScanner(uefi_analyzer, uefi_rule)
result = scanner.result