We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
I followed the instruction in README and installed fwhunt_scan module, but the analyzer cannot find any services when calling get_summary.
get_summary
Here is an example.
>>> from fwhunt_scan import UefiAnalyzer >>> analyzer = UefiAnalyzer(image_path="EnglishDxe") >>> analyzer.boot_services [] >>> analyzer.runtime_services [] >>> analyzer.get_summary() {'core': {'file': 'EnglishDxe', 'fd': 3, 'size': 3136, 'humansz': '3.1K', 'iorw': False, 'mode': 'r-x', 'block': 256, 'format': 'pe64'}, 'bin': {'arch': 'x86', 'baddr': 65536, 'binsz': 3136, 'bintype': 'pe', 'bits': 64, 'retguard': False, 'class': 'PE32+', 'cmp.csum': '0x00007325', 'compiled': 'Thu Jan 1 08:00:00 1970 UTC+8', 'endian': 'LE', 'hdr.csum': '0x00000000', 'laddr': 0, 'lang': 'c', 'machine': 'AMD 64', 'maxopsz': 16, 'minopsz': 1, 'os': 'efi', 'overlay': False, 'cc': 'ms', 'pcalign': 0, 'signed': False, 'subsys': 'EFI Boot Service Driver', 'stripped': False, 'crypto': False, 'havecode': True, 'va': True, 'sanitiz': False, 'static': True, 'linenum': False, 'lsyms': False, 'canary': False, 'PIE': False, 'RELROCS': False, 'NX': False}, 'g_bs': [67568], 'g_rt': [], 'g_smst': [], 'bs_list': [], 'rt_list': [], 'protocols': [], 'nvram_vars': [], 'p_guids': [{'value': 'A4C751FC-23AE-4C3E-92E94964CF63F349', 'name': 'EFI_UNICODE_COLLATION2_PROTOCOL_GUID', 'address': 67328}, {'value': '1D85CD7F-F43D-11D2-9A0C0090273FC14D', 'name': 'EFI_UNICODE_COLLATION_PROTOCOL_GUID', 'address': 67344}]} >>>
The rizin version is as follow:
(fwhunt) ➜ fwhunt-scan git:(master) ✗ rizin -v rizin 0.4.1 @ linux-x86-64 commit: 9023f8b997db210cef3b9a25cf1748fbc94942ed, build: 2022-09-10__02:22:47
I tried to find out the problem, it seems like the comparison here returns not equal.
fwhunt-scan/fwhunt_scan/uefi_analyzer.py
Line 336 in bfb3dbf
In rizin, the call instruction has a ircall type rather than ucall.
ircall
ucall
[0x00010362]> pdb │ 0x00010349 and qword [var_28h], 0 │ 0x0001034f lea rax, [0x00010758] │ 0x00010356 mov qword [var_20h], rax │ 0x0001035b lea r9, section..data ; 0x10700 │ 0x00010362 mov rax, qword [0x000107f0] ; [0x107f0:8]=0 │ 0x00010369 lea r8, [0x00010720] │ 0x00010370 lea rdx, [0x00010710] │ 0x00010377 lea rcx, [0x000107e0] │ 0x0001037e call qword [rax + 0x148] ; 328 │ 0x00010384 add rsp, 0x38 └ 0x00010388 ret [0x00010362]> pdj 1 @ 0x1037e [{"offset":66430,"ptr":328,"esil":"0x148,rax,+,[8],rip,8,rsp,-=,rsp,=[],rip,=","refptr":false,"fcn_addr":66208,"fcn_last":66435,"size":6,"opcode":"call qword [rax + 0x148]","disasm":"call qword [rax + 0x148]","bytes":"ff9048010000","family":"cpu","type":"ircall","reloc":false,"type_num":402653188,"type2_num":0}] [0x00010362]>
The issue was fixed when changing all these comparisons to ircall.
The text was updated successfully, but these errors were encountered:
Fix services detection (#58)
401233d
@river-li thank you very much. It's fixed now
Sorry, something went wrong.
No branches or pull requests
I followed the instruction in README and installed fwhunt_scan module, but the analyzer cannot find any services when calling
get_summary.Here is an example.
The rizin version is as follow:
I tried to find out the problem, it seems like the comparison here returns not equal.
fwhunt-scan/fwhunt_scan/uefi_analyzer.py
Line 336 in bfb3dbf
In rizin, the call instruction has a
ircalltype rather thanucall.The issue was fixed when changing all these comparisons to
ircall.The text was updated successfully, but these errors were encountered: