Skip to content

Commit

Permalink
Merge pull request #92 from binarly-io/rc1
Browse files Browse the repository at this point in the history
refactoring and ida90 support
  • Loading branch information
yeggor authored Sep 30, 2024
2 parents 1e8f300 + b949176 commit 89f9648
Show file tree
Hide file tree
Showing 62 changed files with 11,332 additions and 12,398 deletions.
10 changes: 5 additions & 5 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -1,14 +1,14 @@
# Byte-compiled / optimized / DLL files
*$py.class
*.py[cod]
__pycache__/
*.py[cod]
*$py.class

# Distribution / packaging
*.egg
*.egg-info/
.eggs/
.installed.cfg
.Python
*.egg
*.egg-info/
build/
develop-eggs/
dist/
Expand Down Expand Up @@ -44,5 +44,5 @@ venv/
test/
tests

# OSX
.DS_Store
*.sh
30 changes: 15 additions & 15 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,16 +2,16 @@
[![efiXplorer CI](https://github.com/binarly-io/efiXplorer/actions/workflows/ci-build.yml/badge.svg)](https://github.com/binarly-io/efiXplorer/actions)

<p align="center">
<img alt="efiXlorer Logo" src="pics/efiXplorer_logo.png" width="20%">
<img alt="efiXlorer Logo" src="pics/efiXplorer_logo.png" width="45%">
</p>

**efiXplorer** - IDA plugin for UEFI firmware analysis and reverse engineering automation

__Supported versions of Hex-Rays products:__ everytime we focus on last versions of IDA and Decompiler because we try to use most recent features from new SDK releases. That means we tested only on recent versions of Hex-Rays products and do not guarantee stable work on previous generations.
**Supported versions of Hex-Rays products:** everytime we focus on last versions of IDA and Decompiler because we try to use most recent features from new SDK releases. That means we tested only on recent versions of Hex-Rays products and do not guarantee stable work on previous generations.

__Why not IDApython:__ all code developed in C++ because it's a more stable and performant way to support a complex plugin and get full power of most recent SDK's features.
**Why not IDApython:** all code developed in C++ because it's a more stable and performant way to support a complex plugin and get full power of most recent SDK's features.

__Supported Platforms:__ Windows, Linux and OSX.
**Supported Platforms:** Windows, Linux and OSX.

## [efiXplorer core features](https://github.com/binarly-io/efiXplorer/wiki/efiXplorer-features)

Expand All @@ -21,17 +21,17 @@ __Supported Platforms:__ Windows, Linux and OSX.

## Publications

* [efiXplorer: Hunting for UEFI Firmware Vulnerabilities at Scale with Automated Static Analysis](https://i.blackhat.com/eu-20/Wednesday/eu-20-Labunets-efiXplorer-Hunting-For-UEFI-Firmware-Vulnerabilities-At-Scale-With-Automated-Static-Analysis.pdf)
* [Static analysis-based recovery of service function calls in UEFI firmware](https://github.com/binarly-io/Research_Publications/blob/main/EKO_2020/EKO_2020_efiXplorer.pdf)
* [How efiXplorer helping to solve challenges in reverse engineering of UEFI firmware](https://www.youtube.com/watch?v=FFGQJBmRkLw)
- [efiXplorer: Hunting for UEFI Firmware Vulnerabilities at Scale with Automated Static Analysis](https://i.blackhat.com/eu-20/Wednesday/eu-20-Labunets-efiXplorer-Hunting-For-UEFI-Firmware-Vulnerabilities-At-Scale-With-Automated-Static-Analysis.pdf)
- [Static analysis-based recovery of service function calls in UEFI firmware](https://github.com/binarly-io/Research_Publications/blob/main/EKO_2020/EKO_2020_efiXplorer.pdf)
- [How efiXplorer helping to solve challenges in reverse engineering of UEFI firmware](https://www.youtube.com/watch?v=FFGQJBmRkLw)

## References

* https://github.com/LongSoft/UEFITool
* https://github.com/yeggor/uefi_retool
* https://github.com/gdbinit/EFISwissKnife
* https://github.com/snare/ida-efiutils
* https://github.com/al3xtjames/ghidra-firmware-utils
* https://github.com/DSecurity/efiSeek
* https://github.com/p-state/ida-efitools2
* https://github.com/zznop/bn-uefi-helper
- https://github.com/LongSoft/UEFITool
- https://github.com/yeggor/uefi_retool
- https://github.com/gdbinit/EFISwissKnife
- https://github.com/snare/ida-efiutils
- https://github.com/al3xtjames/ghidra-firmware-utils
- https://github.com/DSecurity/efiSeek
- https://github.com/p-state/ida-efitools2
- https://github.com/zznop/bn-uefi-helper
11 changes: 1 addition & 10 deletions build.py
Original file line number Diff line number Diff line change
Expand Up @@ -12,13 +12,6 @@ def cli():


@click.command()
@click.option(
"--batch",
"batch",
type=bool,
default=False,
help="set to True if the plugin will be used in batch mode",
)
@click.option(
"--hexrays_sdk",
"hexrays_sdk",
Expand All @@ -27,7 +20,7 @@ def cli():
help="path to hexrays_sdk directory",
)
@click.argument("idasdk")
def build_plugin(idasdk: str, hexrays_sdk: str, batch: bool):
def build_plugin(idasdk: str, hexrays_sdk: str):
"""Build efiXplorer plugin"""

os.chdir("efiXplorer")
Expand All @@ -38,8 +31,6 @@ def build_plugin(idasdk: str, hexrays_sdk: str, batch: bool):
os.chdir("build")

command = ["cmake", "..", f"-DIdaSdk_ROOT_DIR={idasdk}"]
if batch:
command.append("-DBATCH=1")
if hexrays_sdk:
print("[INFO] HexRays analysis will be enabled")
command.append(f"-DHexRaysSdk_ROOT_DIR={hexrays_sdk}")
Expand Down
7 changes: 3 additions & 4 deletions cmake/FindIdaSdk.cmake
Original file line number Diff line number Diff line change
Expand Up @@ -60,10 +60,9 @@ include(CMakeParseArguments)
include(FindPackageHandleStandardArgs)

option(USE_LD_CLASSIC "Use -ld_classic option" OFF)
if(CMAKE_CXX_COMPILER_ID STREQUAL "AppleClang")
if(CMAKE_CXX_COMPILER_VERSION VERSION_GREATER_EQUAL "15.0.0")
set(USE_LD_CLASSIC ON)
endif()
if(CMAKE_CXX_COMPILER_ID STREQUAL "AppleClang"
AND CMAKE_CXX_COMPILER_VERSION VERSION_GREATER_EQUAL "15.0.0")
set(USE_LD_CLASSIC ON)
endif()

find_path(
Expand Down
6 changes: 3 additions & 3 deletions efiXloader/.clang-format
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
---
Language: Cpp
BasedOnStyle: LLVM
ColumnLimit: 90
IndentWidth: 4
ColumnLimit: 80
IndentWidth: 2
Language: Cpp
17 changes: 11 additions & 6 deletions efiXloader/CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,15 @@ set(CMAKE_EXPORT_COMPILE_COMMANDS ON)

if(APPLE)
# to build Mach-O universal binaries with 2 architectures
set(CMAKE_CXX_FLAGS ${CMAKE_CXX_FLAGS} "-fPIC -arch x86_64 -arch arm64")
set(CMAKE_C_FLAGS ${CMAKE_C_FLAGS} "-fPIC -arch x86_64 -arch arm64")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fPIC -arch x86_64 -arch arm64")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIC -arch x86_64 -arch arm64")
else()
set(CMAKE_CXX_FLAGS ${CMAKE_CXX_FLAGS} "-fPIC")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fPIC")
endif()

if(CMAKE_CXX_COMPILER_ID MATCHES "Clang")
set(CMAKE_CXX_FLAGS
"${CMAKE_CXX_FLAGS} -Wno-nullability-completeness -Wno-varargs")
endif()

list(APPEND CMAKE_MODULE_PATH ${PROJECT_SOURCE_DIR}/../cmake)
Expand Down Expand Up @@ -52,13 +57,13 @@ file(
"3rd/uefitool/uefidump.h")

# efiLoader sources
file(GLOB efiloader_src "*.h" "*.c" "*.cpp")
file(GLOB efiloader_src "*.cc" "*.h")

add_ida_loader(efiXloader NOEA32 ${PROJECT_SOURCE_DIR}/efiLoader.cpp)
add_ida_loader(efiXloader NOEA32 ${PROJECT_SOURCE_DIR}/efi_loader.cc)

set_ida_target_properties(efiXloader PROPERTIES CXX_STANDARD 17)
ida_target_include_directories(efiXloader PRIVATE ${IdaSdk_INCLUDE_DIRS})

add_ida_library(efiXloader_lib ${efiloader_src} ${uefitool_src} uefitool.cpp
add_ida_library(efiXloader_lib ${efiloader_src} ${uefitool_src} uefitool.cc
uefitool.h)
ida_target_link_libraries(efiXloader efiXloader_lib)
177 changes: 0 additions & 177 deletions efiXloader/efiLoader.cpp

This file was deleted.

Loading

0 comments on commit 89f9648

Please sign in to comment.