I hereby claim:
- I am out0xb2 on github.
- I am out0xb2 (https://keybase.io/out0xb2) on keybase.
- I have a public key ASC5tROD63_brnqywF19OzNUytJPwfq2R-7D80QDkR_IJQo
To claim this, I am signing this object:
Jeremiah Cox out0xb2
out0xb2
/ UefiSecureBootTests.md
Created
June 2, 2020 18:14
Basic functional tests for UEFI Secure Boot, including Powershell examples of packet assembly
The old, but still applicable, UEFI Secure Boot functional tests from the Windows Logo Kit (WLK), now Hardware Lab Kit (HLK), along with testing instructions...
-
Example Scroll to the bottom of the instructions page... Or here is the direct link: https://msdnshared.blob.core.windows.net/media/MSDNBlogsFS/prod.evol.blogs.msdn.com/CommunityServer.Components.PostAttachments/00/10/47/32/33/UefiSecureBootManualTests.zip
out0xb2
/ Check-Dbx.ps1
Last active
September 11, 2024 17:23
— forked from mattifestation/UEFISecDatabaseParser.ps1
Parses signature data from the pk, kek, db, and dbx UEFI variables.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Write-Host "Checking for Administrator permission..." | |
| if (-NOT ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) { | |
| Write-Warning "Insufficient permissions to run this script. Open the PowerShell console as administrator and run this script again." | |
| Break | |
| } else { | |
| Write-Host "Running as administrator — continuing execution..." -ForegroundColor Green | |
| } | |
| $patchfile = $args[0] | |
out0xb2
/ Split-AuthInfo2.ps1
Created
April 16, 2021 14:51
Splitting a signed dbx (or other Auth variable *data) into content and signature blobs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $file = Get-Content -Encoding Byte $args[0] | |
| $chop = $file[40..($file.Length - 1)] | |
| if (($chop[0] -ne 0x30) -or ($chop[1] -ne 0x82 )) { | |
| Write-Error "Cannot find signature" | |
| exit 1 | |
| } | |
| Write-Host "Found signature magic" | |
| $sig_length = ($chop[2] * 256) + $chop[3] + 4 # ASN size plus header of 4 bytes |