Last active
September 13, 2023 01:43
-
-
Save droogie/7c299026e6843d783ed3f3caaa87167b to your computer and use it in GitHub Desktop.
Enumerate EFI GUIDs from UEFI shell
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import csv | |
| import uuid | |
| guid_dictionary = {} | |
| #raw-guids.txt should be the tab separated columns copied from IDA | |
| with open('raw-guids.txt', newline='') as csvfile: | |
| reader = csv.DictReader(csvfile, delimiter='\t') | |
| unkCnt = 0 | |
| for row in reader: | |
| name = row['Name'] | |
| service = row['Service'] | |
| module = row['Module'] | |
| guid = row['GUID'] | |
| if (name == "UNKNOWN_PROTOCOL_GUID"): | |
| name += str(unkCnt) | |
| unkCnt = unkCnt + 1 | |
| name = f"{name} - {module}" | |
| guid_dictionary[name] = guid | |
| # Will print the guids in the following structure | |
| #GuidDictEntry guids[] = { | |
| # { L"XXX", { 0xAAAAAAAA, 0xAAAA, 0xAAAA, { 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA } } }, | |
| # { L"YYY", { 0xBBBBBBBB, 0xBBBB, 0xBBBB, { 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB } } }, | |
| #}; | |
| print("GuidDictEntry guids[] = {") | |
| for name, guid in guid_dictionary.items(): | |
| #print(f"Name: {name} Service: {service} Module: {module}") | |
| #print(f"GUID: {guid}\n") | |
| fields = uuid.UUID(guid).fields | |
| efi_guid = "{{ 0x{:08X}, 0x{:04X}, 0x{:04X}, {{ 0x{:02X}, 0x{:02X}, 0x{:02X}, 0x{:02X}, 0x{:02X}, 0x{:02X}, 0x{:02X}, 0x{:02X} }} }}".format( | |
| fields[0], fields[1], fields[2], | |
| (fields[3] >> 8) & 0xFF, fields[3] & 0xFF, | |
| (fields[4] >> 8) & 0xFF, fields[4] & 0xFF, | |
| (fields[5] >> 40) & 0xFF, (fields[5] >> 32) & 0xFF, (fields[5] >> 24) & 0xFF, (fields[5] >> 16) & 0xFF, | |
| (fields[5] >> 8) & 0xFF, fields[5] & 0xFF) | |
| print(f' {{ L"{name}", {efi_guid} }},') | |
| print("};") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <Uefi.h> | |
| #include <Library/PcdLib.h> | |
| #include <Library/UefiLib.h> | |
| #include <Library/UefiApplicationEntryPoint.h> | |
| #include <Library/UefiBootServicesTableLib.h> | |
| #include <stddef.h> | |
| typedef struct { | |
| CHAR16 *name; | |
| EFI_GUID guid; | |
| } GuidDictEntry; | |
| void | |
| enumerateGuids ( | |
| GuidDictEntry* dict, | |
| size_t size | |
| ) | |
| { | |
| EFI_STATUS Status; | |
| VOID *interface = NULL; | |
| for (size_t i = 0; i < size; i++) { | |
| interface = NULL; | |
| Status = gBS->LocateProtocol(&dict[i].guid, NULL, &interface); | |
| if (!EFI_ERROR(Status)) { | |
| Print(L"Name: %s\n", dict[i].name); | |
| Print(L"GUID: %08X-%04X-%04X-%02X%02X-", | |
| dict[i].guid.Data1, | |
| dict[i].guid.Data2, | |
| dict[i].guid.Data3, | |
| dict[i].guid.Data4[0], | |
| dict[i].guid.Data4[1]); | |
| for (int j = 0; j < 6; j++) { | |
| Print(L"%02X", dict[i].guid.Data4[j]); | |
| } | |
| Print(L"\n\n"); | |
| } | |
| } | |
| } | |
| EFI_STATUS | |
| EFIAPI | |
| UefiMain ( | |
| IN EFI_HANDLE ImageHandle, | |
| IN EFI_SYSTEM_TABLE *SystemTable | |
| ) | |
| { | |
| GuidDictEntry guids[] = { | |
| { L"XXX", { 0xAAAAAAAA, 0xAAAA, 0xAAAA, { 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA } } }, | |
| { L"YYY", { 0xBBBBBBBB, 0xBBBB, 0xBBBB, { 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB } } }, | |
| }; | |
| size_t size = sizeof(guids) / sizeof(guids[0]); | |
| Print(L"Calling enumerateGuids() on %d guids\n", size); | |
| enumerateGuids(guids, size); | |
| return EFI_SUCCESS; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment