![]() The persistence at the BIOS level is very different from anything else. Why Firmware Security is Important?įrom the attacker’s perspective, the most logical way to do malicious activities nowadays is to simply move down to the next level into the software stack, to the system firmware (BIOS). But before we go deep into Intel Boot Guard details let’s talk a little bit about why the firmware issues can lead to serious problems. I proved how many mistakes can be done in practice and demonstrated that on Gigabyte hardware with modern CPU and insecure configuration with fully active Boot Guard. Intel Boot Guard is an excellent example of a complex technology where there are places where making a small mistake allows an attacker to bypass the security of the entire technology. While I was working on this research one thought bothered me: the specification of a technology can be almost perfect, but after all, the implementation part is done by third-parties and it is challenging to maintain proper level security in this case. ![]() So, if you want to make modifications to your motherboard image, downloading UEFITool is one of the best ways to do so.At the last Black Hat event in Vegas, I presented the first publicly known concept of an attack on a specific implementation of Intel Boot Guard technology - technology that is mostly undocumented. Also, some motherboard images are encrypted, in which case UEFITool won't be able to open them. The tool on which UEFITool is based is somewhat old, so some motherboard firmware may not work. However, it's important to know what you're modifying, because if you flash an incorrectly modified file, you may be left without a motherboard or be forced to run recovery mode to flash an original firmware from scratch. ![]() With UEFITool, you can open your motherboard's update file to check its structure, verify its integrity before flashing it, or, most importantly, make modifications to the image. This offers a greater number of settings on the motherboard, as well as other improvements, such as using a mouse to navigate its menus. With it, you can access all of the code behind your motherboard's image in hexadecimal, as well as make modifications to it.Īlthough motherboard images are commonly called BIOS, most computers today use UEFI, which stands for Unified Extensible Firmware Interface. UEFITool is a program for viewing and editing BIOS and UEFI installation files. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |