efi-resolver
efi-resolver copied to clipboard
Vector35
A Binary Ninja plugin that automatically resolves type information for EFI protocol usage.
When we tried to add backward compatibility on bndb files, we added a function `get_type`, but the result of ```python bv.get_code_refs_for_type("EFI_PEI_NOTIFY_DESCRIPTOR") ``` and ```python bv.get_code_refs_for_type(bv.types("EFI_PEI_NOTIFY_DESCRIPTOR") ``` is different. The latter...
The current version only contains types in `MdePkg`, some protocols in `MdeModulePkg` are missing. e.g. `EFI_PRINT2_PROTOCOL`, `EFI_FILE_EXPLORER_PROTOCOL` Even those in `MdePkg` are not complete (e.g. `EFI_PCD_PROTOCOL_GUID`), we need to double...
Registered a new action so that users could query the GUID database and define EFI_GUID with names 
In the current version, If we don't have the protocol's type information, we will use `void*` as default. However, Binary Ninja has a `create_structure_from_offset_access` API, which would automatically create the...
Currently, we already support parsing types and protocols for SMM binaries, but SMI handlers are not recognized. It's a common attack vector in UEFI security, and we should mark/rename SMI...
Currently, if a GUID is not marked during the analysis, there is no chance to query the GUID name again. We could consider either way: - Register a new plugin...
We can generate a markdown report or use UI APIs to draw a panel or sidebar widget for EFI Resolver's finding Things we could consider reporting: - [ ] Services...
Some of the PEI files are also PE files (e.g. compile edk2 in aarch64, all files are PE) We should either pop up a message box for users to choose...