-
-
Save Zibri/19f9838ffd12349bb2c6c3afddc9388f to your computer and use it in GitHub Desktop.
| An "italian" army knife to manage UEFI variables in Windows. | |
| V1.2 (C) 2019 by Zibri http://www.zibri.org | |
| UEFIVAR [-l] [-sg] [-sn] [-G:"GUID"] [-N:"NAME"] [-hd] [-bd[[:]["filename"]]] [-D] [-WB64:b64data] | |
| [-A:"ATTRIBUTES"] [-b64[[:]["filename"]]] [-I:"filename"] [-i:"filename"] [-WHEX:hexstring] | |
| [-APPEND] [-h] [-m] | |
| -l Lists all UEFI variables. | |
| -l -sg Sorts variables by their GUIDs. | |
| -l -sn Sorts variables by their names. | |
| -G:"GUID" Specifies the variable GUID. | |
| -N:"Name" Specifies the variable name. | |
| -A:"xx" Specifies the variable attribute. | |
| -hd Dumps the content of the variable(s) in Hex. | |
| -bd[[:]["filename"]] Dumps the content of the variable(s) in Binary file. | |
| -b64[[:]["filename"]] Dumps the content of the variable(s) in Base64. | |
| -I:"fname" Imports from binary or base64 file (need GUID and NAME). | |
| -i:"fname" Imports from binary or base64 file (using filename). | |
| -D Deletes the variable (DANGEROUS!) | |
| -WB64:"b64data" Writes the variable data (creating the variable if needed). | |
| -WHEX:"hex string" Writes the variable data (creating the variable if needed). | |
| -APPEND Appends the data to the existing variable. | |
| -h/-H Show this help sheet. | |
| -m/-M Manual with examples. | |
| -z Donate (please donate more than $2 or PayPal will take it all) | |
| An "italian" army knife to manage UEFI variables in Windows. | |
| V1.2 (C) 2019 by Zibri http://www.zibri.org | |
| UEFIVAR [-l [-sg] [-sn]] [-G:"GUID"] [-N:"NAME"] [-hd] [-bd[[:]["filename"]]] [-D] [-WB64:b64data] | |
| [-A:"ATTRIBUTES"] [-b64[[:]["filename"]]] [-I:"filename"] [-i:"filename"] [-WHEX:hexstring] | |
| [-APPEND] [-h] [-m] | |
| Examples: | |
| uefivar -l -bd Dumps all UEFI variables in binary format in the current directory. | |
| uefivar -l -hd Hex-dumps all UEFI variables in the current console. | |
| uefivar -l -b64 Dumps all UEFI variables in base64 format in the current console. | |
| uefivar -l -b64: Dumps all UEFI variables in base64 format in the current directory. | |
| Dump a variable on screen in hex: | |
| uefivar -G:"8be4df61-93ca-11d2-aa0d-00e098032b8c" -N:"BootCurrent" -hd | |
| Dump a variable on screen in base64: | |
| uefivar -G:"8be4df61-93ca-11d2-aa0d-00e098032b8c" -N:"BootCurrent" -b64 | |
| Dump a variable on disk in binary and automatic name: | |
| uefivar -G:"8be4df61-93ca-11d2-aa0d-00e098032b8c" -N:"BootCurrent" -bd | |
| Dump a variable on disk in binary and custom name: | |
| uefivar -G:"8be4df61-93ca-11d2-aa0d-00e098032b8c" -N:"BootCurrent" -bd:"bc.bin" | |
| Import a variable from binary file (automatic): | |
| uefivar -i:"8be4df61-93ca-11d2-aa0d-00e098032b8c-BootCurrent (BS+RT).bin" | |
| Create a variable (base64): | |
| uefivar -G:"12345678-1234-1234-1234-123456789012" -N:"Zibri" -WB64:"AQ==" -A:"NV" | |
| Create a variable (hex): | |
| uefivar -G:"12345678-1234-1234-1234-123456789012" -N:"Zibri" -WHEX:"01020304" -A:"NV" | |
| Delete a variable: | |
| uefivar -G:"12345678-1234-1234-1234-123456789012" -N:"Zibri" -D | |
| Automatic import from disk of a saved binary variable: | |
| uefivar -i:"12345678-1234-1234-1234-123456789012-Zibri (NV+BS+RT).bin" | |
| Dump a variable on disk in base64 automatic mode: | |
| uefivar -G:"12345678-1234-1234-1234-123456789012" -N:"Zibri" -b64: | |
| Manual import of a variable saved in an arbitrary binary file: | |
| uefivar -G:"12345678-1234-1234-1234-123456789012" -N:"Zibri" -I:"zibri.bin" | |
C:\>uefivar -G:"4A67B082-0A4C-41CF-B6C7-440B29BB8C4F" -N:"LoaderEntryDefault" -b64
4A67B082-0A4C-41CF-B6C7-440B29BB8C4F-LoaderEntryDefault
variable does not exist
C:\>uefivar -G:"605dab50-e046-4300-abb6-3dd810dd8b23" -N:"MokAuth" -b64
605dab50-e046-4300-abb6-3dd810dd8b23-MokAuth
variable does not exist
I reproduced the error: you are probably using windows powershell.
In powershell you must escape the double quotes.
or disable the powershell parser.
to do so:
this
.\uefivar.exe --% -G:"4A67B082-0A4C-41CF-B6C7-440B29BB8C4F" -N:"LoaderEntryDefault" -b64
works
Version update to V1.2 (which adds powershell detection and different -m and -h help and manual)
Please consider running uefivar -z and contribute with a donation!
First THANK YOU!!! You are right I was using powershell, switched to admin cmd.exe and worked like a charm. Booting to anything wasn't an option. You saved my life. You should put a donate button on your website. I trashed the windows install for linux, so I can't use your softtware to donate.
THANK YOU
First THANK YOU!!! You are right I was using powershell, switched to admin cmd.exe and worked like a charm. Booting to anything wasn't an option. You saved my life. You should put a donate button on your website. I trashed the windows install for linux, so I can't use your softtware to donate.
THANK YOU
There is a donate button.. but the easiest way is this: use UEFIVAR -z
and it will open a browser window to donate.
Thanks Zibri!
I'm getting the same GUID error in my powershell script with version 1.2. Disabling the parser works, but I want to use variables.
Also, the command doesn't seem to work even when no errors are thrown
.\UEFIVAR.exe --% -G:"4A67B082-0A4C-41CF-B6C7-440B29BB8C4F" -N:"$LoaderEntryOneShot" -WB64:"480480480480" -A:"NV+BS+RT"
The script outputs <null>, and .\UEFIVAR.exe --% -G:"4A67B082-0A4C-41CF-B6C7-440B29BB8C4F" -N:"$LoaderEntryOneShot" -b64: outputs that the variable doesn't exist.
- (to everyone) I didn't see any donations
- version 1.2 just updates the manual explaining how to disable powershell parser
- from an OS not all variables are accessible.
- for testing don't use powershell use CMD:EXE (without --%)
- please go study UEFI variables before asking questions, this is a good start https://uefi.org/sites/default/files/resources/UEFI_Shell_2_2.pdf
and as usual, google is your friend.
My program does only what is possible to do from any OS (same goes for linux)
For everything else you need UEFI SHELL.
- I'll donate once I can get it working with powershell and powershell variables.
- Thanks, that wasn't clear. When you said "which adds powershell detection", I assumed that meant changing the syntax if the user uses powershell.
- ...No, but from powershell, powershell variables are accessible. I might not understand the wording of this point.
- I'll test it with cmd, then I will try running cmd via powershell so I can still access variables. If there is no viable way to run the script with powershell, it's not going to be as useful to me.
- I've studied the variables fairly thoroughly, and done similar things on other OSes successfully. Is there something you think I'm missing?
- donating is not "paying for a program", it's just recognizing its usefulness and rewarding the author with a "thank you".
- you're welcome
Since I can't reproduce your "problem" I don't know how I can help.
Did you try to dump ALL uefi variables in the current directory?
Absolutely, I recognise that about donations. But I can't recognise the usefulness if it hasn't been useful, and I'm not prepared to donate because it might be useful to someone else. Especially since it isn't open source, where even if it didn't function, the work might be useful to build upon. At this stage I haven't been able to confirm it works. Don't get me wrong, I'm appreciative to you for working on the problem.
I didn't dump all after experiencing that problem. I've noticed I didn't delete the $ in front of the name, so that might be the problem I'm experiencing.
What does the output of a command like the one I posted look like for you? For all you've provided, <null> might be the expected output for successful commands.
My computer isn't booting at all anymore, so I downloaded this in case it might be of help. I've tried commands such as "bootrec /scanos", "bootrec /fixboot", "bootrec /rebuildbcd", among many others, all of which have no effect.
I created a Windows installation USB and booted into Windows Recovery Environment and activated Command Prompt. I tried executing "UEFIVAR -l" or "UEFIVAR -h" or anything, the program gives absolutely no response to any commands. Which is odd because BootIcex64 works just fine from Windows Recovery Environment command prompt, and it is windows-based.
(BootIceX64 is just an example of a program that does execute from Command Prompt).
Uefivar is a .NET executable not a win32 standard executable.
Hi Zibri, I am trying to copy the dbx file from one machine to another, but I am having trouble to do the file dump. Here is the console output;
_`E:\uefivar>uefivar -l -b64:
Dumping 5e724c0c-5c03-4543-bcb6-c1e23de24136-TpmSaveState
Unhandled Exception: System.ArgumentNullException: Value cannot be null.
Parameter name: inArray
at System.Convert.ToBase64String(Byte[] inArray)
at A.cfb32627a0c1b8f09930b71e614d43188.ce16bd29f6d5c88de3757ee977978fc10()
E:\uefivar>uefivar -G:"d719b2cb-3d3a-4596-a3bc-dad00e67656f" -N:"dbx" -b64:
d719b2cb-3d3a-4596-a3bc-dad00e67656f-dbx
variable does not exist
E:\uefivar>uefivar -l -sn
AcpiGlobalVariable-c020489e-6db2-4ef2-9aa5-ca06fc11d36a (0)
Boot0000-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
Boot0010-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
Boot0011-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
Boot0012-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
Boot0013-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
Boot0014-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
Boot0015-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
Boot0016-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
Boot0017-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
Boot0018-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
BootCurrent-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
BootOptionSupport-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
BootOrder-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
BootOrderDefault-0b7646a4-6b44-4332-8588-c8998117f2ef (0)
BuildDate-e5bbf7be-2417-499b-97db-39f4896391bc (0)
BuildTime-e5bbf7be-2417-499b-97db-39f4896391bc (0)
ConIn-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
ConInDev-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
ConOut-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
ConOutDev-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
CurrentPolicy-77fa9abd-0359-4d32-bd60-28f4e78f784b (0)
db-d719b2cb-3d3a-4596-a3bc-dad00e67656f (0)
dbx-d719b2cb-3d3a-4596-a3bc-dad00e67656f (0)
ELLACONFIG-73e0c63d-8fb9-41d1-9741-e1323e830b0c (0)
ErrOutDev-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
IoDisable-c3f0bf28-f77f-408d-942b-0f3dd3ededc7 (0)
ItkBiosModVar-3812723d-7e48-4e29-bc27-f5a39ac94ef1 (0)
KEK-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
Kernel_ATPSiStatus-77fa9abd-0359-4d32-bd60-28f4e78f784b (0)
Kernel_DriverSiStatus-77fa9abd-0359-4d32-bd60-28f4e78f784b (0)
Kernel_EntRevokeSiStatus-77fa9abd-0359-4d32-bd60-28f4e78f784b (0)
Kernel_RvkSiStatus-77fa9abd-0359-4d32-bd60-28f4e78f784b (0)
Kernel_SiStatus-77fa9abd-0359-4d32-bd60-28f4e78f784b (0)
Kernel_SkuSiStatus-77fa9abd-0359-4d32-bd60-28f4e78f784b (0)
Kernel_WinSiStatus-77fa9abd-0359-4d32-bd60-28f4e78f784b (0)
Key0000-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
Key0001-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
Key0002-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
Key0003-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
Key0004-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
Key0005-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
LastBootCurrent-0b7646a4-6b44-4332-8588-c8998117f2ef (0)
LastBootOrder-0b7646a4-6b44-4332-8588-c8998117f2ef (0)
LBOL-2a4dc6b7-41f5-45dd-b46f-2dd334c1cf65 (0)
lBoot0000-146b234d-4052-4e07-b326-11220f8e1fe8 (0)
lBoot0010-146b234d-4052-4e07-b326-11220f8e1fe8 (0)
lBoot0011-146b234d-4052-4e07-b326-11220f8e1fe8 (0)
lBoot0012-146b234d-4052-4e07-b326-11220f8e1fe8 (0)
lBoot0013-146b234d-4052-4e07-b326-11220f8e1fe8 (0)
lBoot0014-146b234d-4052-4e07-b326-11220f8e1fe8 (0)
lBoot0015-146b234d-4052-4e07-b326-11220f8e1fe8 (0)
lBoot0016-146b234d-4052-4e07-b326-11220f8e1fe8 (0)
lBoot0017-146b234d-4052-4e07-b326-11220f8e1fe8 (0)
lBoot0018-146b234d-4052-4e07-b326-11220f8e1fe8 (0)
LBOP0000-2a4dc6b7-41f5-45dd-b46f-2dd334c1cf65 (0)
LBOP0010-2a4dc6b7-41f5-45dd-b46f-2dd334c1cf65 (0)
LBOP0011-2a4dc6b7-41f5-45dd-b46f-2dd334c1cf65 (0)
LBOP0012-2a4dc6b7-41f5-45dd-b46f-2dd334c1cf65 (0)
LBOP0013-2a4dc6b7-41f5-45dd-b46f-2dd334c1cf65 (0)
LBOP0014-2a4dc6b7-41f5-45dd-b46f-2dd334c1cf65 (0)
LBOP0015-2a4dc6b7-41f5-45dd-b46f-2dd334c1cf65 (0)
LBOP0016-2a4dc6b7-41f5-45dd-b46f-2dd334c1cf65 (0)
LBOP0017-2a4dc6b7-41f5-45dd-b46f-2dd334c1cf65 (0)
LBOP0018-2a4dc6b7-41f5-45dd-b46f-2dd334c1cf65 (0)
LenovoConfig-2a4dc6b7-41f5-45dd-b46f-2dd334c1cf65 (0)
LenovoINV-e332f52d-8104-4a43-99d0-2c930d2f58cd (0)
LKOP0000-2a4dc6b7-41f5-45dd-b46f-2dd334c1cf65 (0)
LKOP0001-2a4dc6b7-41f5-45dd-b46f-2dd334c1cf65 (0)
LKOP0002-2a4dc6b7-41f5-45dd-b46f-2dd334c1cf65 (0)
LKOP0003-2a4dc6b7-41f5-45dd-b46f-2dd334c1cf65 (0)
LKOP0004-2a4dc6b7-41f5-45dd-b46f-2dd334c1cf65 (0)
LKOP0005-2a4dc6b7-41f5-45dd-b46f-2dd334c1cf65 (0)
LnvActivationVar-e5bbf7be-2417-499b-97db-39f4896391bc (0)
LnvOSLicDesc-e5bbf7be-2417-499b-97db-39f4896391bc (0)
LnvOSLicDescFlag-ac1a36a9-1153-4dd6-bd66-9ec06c85ea70 (0)
MailBoxQ-67c3208e-4fcb-498f-9729-0760bb4109a7 (0)
MemoryConfig-10ba6bbe-a97e-41c3-9a07-607ad9bd60e5 (0)
MemoryOverwriteRequestControl-e20939be-32d4-41be-a150-897f85d49829 (0)
MemoryTypeInformation-4c19049f-4137-4dd3-9c10-8b97a83ffdfa (0)
MemoryTypeInformationBackup-4c19049f-4137-4dd3-9c10-8b97a83ffdfa (0)
MTC-eb704011-1402-11d3-8e77-00a0c969723b (0)
nvram-74b00bd9-805a-4d61-b51f-43268123d113 (0)
OfflineUniqueIDRandomSeed-eaec226f-c9a3-477a-a826-ddc716cdc0e3 (0)
OfflineUniqueIDRandomSeedCRC-eaec226f-c9a3-477a-a826-ddc716cdc0e3 (0)
OsIndications-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
OsIndicationsSupported-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
OskTrigger-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
PartNumber-e5bbf7be-2417-499b-97db-39f4896391bc (0)
PbaStatusVar-0ec1a7f5-4904-40a0-8eab-4bcc4666da45 (0)
PBRDevicePath-a9b5f8d2-cb6d-42c2-bc01-b5ffaae4335e (0)
PK-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
PlatformCpuInfo-10ba6bbe-a97e-41c3-9a07-607ad9bd60e5 (0)
PlatformInfo-10ba6bbe-a97e-41c3-9a07-607ad9bd60e5 (0)
PlatformLang-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
PlatformLangCodes-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
PreBootEventLogReset-8b604cac-3c4f-4e6c-862e-00b8b7436e5f (0)
ProtectedBootOptions-0b7646a4-6b44-4332-8588-c8998117f2ef (0)
SbSts-0fdd207b-e58f-4686-a669-d99a4c69f557 (0)
SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
SecureBootOption-955b9041-133a-4bcf-90d1-97e1693c0e30 (0)
Setup-ec87d643-eba4-4bb5-a1e5-3f3e36b20da9 (0)
SetupMode-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
SignatureSupport-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
SLP20Magic-41282ef2-9b5a-4eb7-95d8-d9cd7bdce367 (0)
SMBIOSEPS-c3eeae98-23bf-412b-ab60-efcbb48e1534 (0)
System-e947fcf9-dd01-4965-b808-32a7b6815657 (0)
Time-470733de-df43-448b-8b45-4eeb0df8c812 (0)
Timeout-8be4df61-93ca-11d2-aa0d-00e098032b8c (0)
TpmAcpiData-6403753b-abde-4da2-aa11-6983ef2a7a69 (0)
TpmSaveState-5e724c0c-5c03-4543-bcb6-c1e23de24136 (0)
TrEEPhysicalPresence-f24643c2-c622-494e-8a0d-4632579c2d5b (0)
UCR-14a22a97-8424-489e-9ead-dc09255658b5 (0)
UnlockIDCopy-eaec226f-c9a3-477a-a826-ddc716cdc0e3 (0)
UserManagerVar-1ef17197-2cce-49d6-a6ce-4012f338a76e (0)
VConfigInfo-0fdd207b-e58f-4686-a669-d99a4c69f557 (0)
VSerializeInfo-0fdd207b-e58f-4686-a669-d99a4c69f557 (0)
VUserInfo-0fdd207b-e58f-4686-a669-d99a4c69f557 (0)
E:\uefivar>`
As you can see, the file dumping is failing both if done on its own or when I try to do the whole directory dump (as you suggested above to someone else).
What gives ?
some uefi variables are accessible only before the OS is loaded.
this program is just an interface to the kernel routines and can't do anything more than for example you can do from linux using similar tools.
Anything else you must do it from a UEFI SHELL.
My laptop stores the RGB keyboard settings like colors presumably in NVRAM. However, the utility that does that is Windows-only and I want to run only Linux in this laptop. Acer provides the Predator Sense software that's capable of controlling the RGB keyboard backlit settings. Do you think your program can help me read those values stored by Predator Sense and/or modify them?
I got the "variable does not exist" error and it was in windows cmd.exe. I just wanted to see what the folder names were in EFI so I can tell windows which boot file to use so it stops overwriting it (dual boot linux/windows). Here's the output if you find it useful:
C:\WINDOWS\system32>uefivar -G:"8be4df61-93ca-11d2-aa0d-00e098032b8c" -N:"BootCurrent" -hd
8be4df61-93ca-11d2-aa0d-00e098032b8c-BootCurrent
variable does not exist
First of all, kudos to Zibri for even thinking of building this utility. No one realizes how many features/functions are blocked on Windows by UEFI variables (yeah like MacOS NVRAM, Windows has NVRAM too). If just one of these variables is hosed, you lose your ethernet adapters (gone from Device Manager) for no obvious reason. Tons of Thunderbolt issues posted on the web could be easily solved if Windows users realized that resetting the NVRAM would return the Thunderbolt device and function.
Do you have any idea how many motherboards and Thunderbolt AIC's have been returned as 'defective' only to be the unknowing victim of UEFI/NVRAM variables that needed to be reset.
Right now, the only way to reset the NVRAM in Windows is to clear the BIOS using the motherboard jumpers (how convenient) or by reflashing an existing BIOS which also clears the NVRAM.
I can't wait to try this, THANKS ZIBRI
First of all, kudos to Zibri for even thinking of building this utility. No one realizes how many features/functions are blocked on Windows by UEFI variables (yeah like MacOS NVRAM, Windows has NVRAM too). If just one of these variables is hosed, you lose your ethernet adapters (gone from Device Manager) for no obvious reason. Tons of Thunderbolt issues posted on the web could be easily solved if Windows users realized that resetting the NVRAM would return the Thunderbolt device and function.
Do you have any idea how many motherboards and Thunderbolt AIC's have been returned as 'defective' only to be the unknowing victim of UEFI/NVRAM variables that needed to be reset.
Right now, the only way to reset the NVRAM in Windows is to clear the BIOS using the motherboard jumpers (how convenient) or by reflashing an existing BIOS which also clears the NVRAM.
I can't wait to try this, THANKS ZIBRI
Thanks for your words. They made my day. Really, thanks for taking the time to write them.
The only limit of this program is that as you probably know some variables can only be modiefied in an EFI shell before the OS is loaded.
But at least with UEFIVAR you can do everything you normally can do on linux.
And yes, f*cking up some variables can cause any kind of problem but "most" of the can be solved by reflashing the BIOS... but be carefull because if something is really f°cked up then the bios could go into a boot loop and the only way to recover the computer will be to physically reflash the eeprom. (which already happened to me twice)
I am 2 years too late to discover this awesome tool, thanks @Zibri for making it.
I have pretty straight forward requirement, but kinda lost.
I want to rename boot variables so that I can understand which one is which when booting from BIOS/UEFI.
Like renaming one of many 'Windows Boot Manager' to 'Windows 10 faulty' and things like that.
Any help ?
Hey @Zibri, thank you very much for this tool. You've mentioned a couple of times that more advanced use cases would need usage of the UEFI Shell, but I can't find information about how to launch it on my machine. Do you have any idea how I could invoke it? Thanks again :)
@Tachi107 it depends on your system BIOS AND your OS... a quick way is to install refind and find a suitable "shell.efi" for your system.. then you can just run "shell.efi" from bios even without refind.
But be very careful to what you do, because you can seriously mess up your system.
Hello,
I just discovered this tool.
Is it possible to extract, let's say, boot logo (bmp) and replace with another one in EFI image (not BIN)?
- you are not very clever and very bad at reverisng software.
- the http request is just for statistics.
- it has been obfucated only to make it more difficult to be used as a "weapon".
- nobody cares if one paranoid does not use it. Hundreds of downloads prove otherwise.
This is malware.
This is malware.
NO, THIS IS NOT.
And this kind of comments is what you get when you offer something for free to morons.
I'm also getting wrong format:
.\UEFIVAR.EXE -G:"605dab50-e046-4300-abb6-3dd810dd8b23" -N:"MokAuth" -D
Wrong guid format. Must be: "xxxxxxxx-yyyy-xxxx-yyyy-xxxxxxxxxxxx"
Oh I'm so close......