Last active
August 7, 2024 01:26
-
-
Save Zibri/19f9838ffd12349bb2c6c3afddc9388f to your computer and use it in GitHub Desktop.
UEFIVAR
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| An "italian" army knife to manage UEFI variables in Windows. | |
| V1.2 (C) 2019 by Zibri http://www.zibri.org | |
| UEFIVAR [-l] [-sg] [-sn] [-G:"GUID"] [-N:"NAME"] [-hd] [-bd[[:]["filename"]]] [-D] [-WB64:b64data] | |
| [-A:"ATTRIBUTES"] [-b64[[:]["filename"]]] [-I:"filename"] [-i:"filename"] [-WHEX:hexstring] | |
| [-APPEND] [-h] [-m] | |
| -l Lists all UEFI variables. | |
| -l -sg Sorts variables by their GUIDs. | |
| -l -sn Sorts variables by their names. | |
| -G:"GUID" Specifies the variable GUID. | |
| -N:"Name" Specifies the variable name. | |
| -A:"xx" Specifies the variable attribute. | |
| -hd Dumps the content of the variable(s) in Hex. | |
| -bd[[:]["filename"]] Dumps the content of the variable(s) in Binary file. | |
| -b64[[:]["filename"]] Dumps the content of the variable(s) in Base64. | |
| -I:"fname" Imports from binary or base64 file (need GUID and NAME). | |
| -i:"fname" Imports from binary or base64 file (using filename). | |
| -D Deletes the variable (DANGEROUS!) | |
| -WB64:"b64data" Writes the variable data (creating the variable if needed). | |
| -WHEX:"hex string" Writes the variable data (creating the variable if needed). | |
| -APPEND Appends the data to the existing variable. | |
| -h/-H Show this help sheet. | |
| -m/-M Manual with examples. | |
| -z Donate (please donate more than $2 or PayPal will take it all) | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| An "italian" army knife to manage UEFI variables in Windows. | |
| V1.2 (C) 2019 by Zibri http://www.zibri.org | |
| UEFIVAR [-l [-sg] [-sn]] [-G:"GUID"] [-N:"NAME"] [-hd] [-bd[[:]["filename"]]] [-D] [-WB64:b64data] | |
| [-A:"ATTRIBUTES"] [-b64[[:]["filename"]]] [-I:"filename"] [-i:"filename"] [-WHEX:hexstring] | |
| [-APPEND] [-h] [-m] | |
| Examples: | |
| uefivar -l -bd Dumps all UEFI variables in binary format in the current directory. | |
| uefivar -l -hd Hex-dumps all UEFI variables in the current console. | |
| uefivar -l -b64 Dumps all UEFI variables in base64 format in the current console. | |
| uefivar -l -b64: Dumps all UEFI variables in base64 format in the current directory. | |
| Dump a variable on screen in hex: | |
| uefivar -G:"8be4df61-93ca-11d2-aa0d-00e098032b8c" -N:"BootCurrent" -hd | |
| Dump a variable on screen in base64: | |
| uefivar -G:"8be4df61-93ca-11d2-aa0d-00e098032b8c" -N:"BootCurrent" -b64 | |
| Dump a variable on disk in binary and automatic name: | |
| uefivar -G:"8be4df61-93ca-11d2-aa0d-00e098032b8c" -N:"BootCurrent" -bd | |
| Dump a variable on disk in binary and custom name: | |
| uefivar -G:"8be4df61-93ca-11d2-aa0d-00e098032b8c" -N:"BootCurrent" -bd:"bc.bin" | |
| Import a variable from binary file (automatic): | |
| uefivar -i:"8be4df61-93ca-11d2-aa0d-00e098032b8c-BootCurrent (BS+RT).bin" | |
| Create a variable (base64): | |
| uefivar -G:"12345678-1234-1234-1234-123456789012" -N:"Zibri" -WB64:"AQ==" -A:"NV" | |
| Create a variable (hex): | |
| uefivar -G:"12345678-1234-1234-1234-123456789012" -N:"Zibri" -WHEX:"01020304" -A:"NV" | |
| Delete a variable: | |
| uefivar -G:"12345678-1234-1234-1234-123456789012" -N:"Zibri" -D | |
| Automatic import from disk of a saved binary variable: | |
| uefivar -i:"12345678-1234-1234-1234-123456789012-Zibri (NV+BS+RT).bin" | |
| Dump a variable on disk in base64 automatic mode: | |
| uefivar -G:"12345678-1234-1234-1234-123456789012" -N:"Zibri" -b64: | |
| Manual import of a variable saved in an arbitrary binary file: | |
| uefivar -G:"12345678-1234-1234-1234-123456789012" -N:"Zibri" -I:"zibri.bin" | |
Tachi107
commented
Jan 4, 2023
via email
Il giorno mer 4 gen 2023 alle 11:52:12 -08:00:00, Zibri
***@***.***> ha scritto:
@Tachi107 it depends on your system BIOS AND your OS... a quick way
is to install refind and find a suitable "shell.efi" for your
system.. then you can just run "shell.efi" from bios even without
refind.
Thanks for the reply, I hadn't thought about using rEFInd. In the
meantime I also figured I could try using Tianocore's EDK II EFI shell,
just in case my old laptop firmware doesn't provide a shell.
Thanks again :)
Hello,
I just discovered this tool.
Is it possible to extract, let's say, boot logo (bmp) and replace with another one in EFI image (not BIN)?
- you are not very clever and very bad at reverisng software.
- the http request is just for statistics.
- it has been obfucated only to make it more difficult to be used as a "weapon".
- nobody cares if one paranoid does not use it. Hundreds of downloads prove otherwise.
This is malware.
This is malware.
NO, THIS IS NOT.
And this kind of comments is what you get when you offer something for free to morons.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment