Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Improved EFI binaries search and updated blacklist config (#131)
* Changes in calculating hashes of EFI binaries Calculating hashes of actual .efi executable files (PE32/TE sections of EFI binaries) rather than of entire EFI binaries. There's still an option (WRITE_ALL_HASHES) to calculate hashes of entire EFI binaries. * Improved UEFI search and updated blacklist config 1. Updated EFI binaries search - searching only leaf nodes (PE/TE executable sections) 2. Added exclusion criteria and improved JSON format 3. Changed tools.uefi.blacklist module to return a warning 4. Updated ThinkPwn rules in blacklist.json - Updated config to match by GUID AND regexp of SmmRuntime protcol GUID within the binary to skip binaries consuming SmmRuntime protcol - Added exclusion rules for UEFI update images with patched SystemSmmRuntimeRt.efi. Config excludes patched binaries from Lenovo and HP. Tested on Intel, Lenovo, HP and Gigabyte images.
- Loading branch information