{ "info": { "author": "Teddy Reed", "author_email": "teddy@prosauce.org", "bugtrack_url": null, "classifiers": [ "Development Status :: 4 - Beta", "Intended Audience :: System Administrators", "License :: OSI Approved :: BSD License", "Programming Language :: Python :: 2", "Programming Language :: Python :: 2.6", "Programming Language :: Python :: 2.7", "Topic :: Security" ], "description": "UEFI Firmware Parser\n====================\n\n.. image:: https://travis-ci.org/theopolis/uefi-firmware-parser.svg?branch=master\n :target: https://travis-ci.org/theopolis/uefi-firmware-parser\n\n\nThe UEFI firmware parser is a simple module and set of scripts for parsing, extracting, \nand recreating UEFI firmware volumes.\nThis includes parsing modules for BIOS, OptionROM, Intel ME and other formats too. \nPlease use the example scripts for parsing tutorials.\n\nInstallation\n------------\n\nThis module is included within PyPy as `uefi_firmware `_\n\n::\n\n $ sudo pip install uefi_firmware\n\nTo install from Github, checkout this repo and use:\n\n::\n\n $ sudo python ./setup.py install\n\n**Requirements**\n\n- Python development headers, usually found in the ``python-dev`` package.\n- The compression/decompression features will use the python headers and ``gcc``.\n- ``pefile`` is optional, and may be used for additional parsing.\n\nUsage\n-----\n\nThe simplest way to use the module to detect or parse firmware is through the ``AutoParser`` class.\n\n::\n\n import uefi_firmware\n with open('/path/to/firmware.rom', 'r') as fh:\n file_content = fh.read()\n parser = uefi_firmware.AutoParser(file_content)\n if parser.type() != 'unknown':\n firmware = parser.parse()\n firmware.showinfo()\n\nThere are several classes within the **uefi**, **pfs**, **me**, and **flash** packages that\naccept file contents in their constructor. In all cases there are abstract methods implemented:\n\n- ``process()`` performs parsing work and returns a ``True`` or ``False``\n- ``showinfo()`` print a hierarchy of information about the structure\n- ``dump()`` walk the hierarchy and write each to a file\n\nScripts\n-------\n\nA Python script is installed ``uefi-firmware-parser``\n\n::\n\n $ uefi-firmware-parser -h\n usage: uefi-firmware-parser [-h] [-b] [--superbrute] [-q] [-o OUTPUT] [-O]\n [-c] [-e] [-g GENERATE] [--test]\n file [file ...]\n\n Parse, and optionally output, details and data on UEFI-related firmware.\n\n positional arguments:\n file The file(s) to work on\n\n optional arguments:\n -h, --help show this help message and exit\n -b, --brute The input is a blob and may contain FV headers.\n --superbrute The input is a blob and may contain any sort of\n firmware object\n -q, --quiet Do not show info.\n -o OUTPUT, --output OUTPUT\n Dump firmware objects to this folder.\n -O, --outputfolder Dump firmware objects to a folder based on filename\n ${FILENAME}_output/\n -c, --echo Echo the filename before parsing or extracting.\n -e, --extract Extract all files/sections/volumes.\n -g GENERATE, --generate GENERATE\n Generate a FDF, implies extraction (volumes only)\n --test Test file parsing, output name/success.\n\nTo test a file or directory of files:\n\n::\n\n $ uefi-firmware-parser --test ~/firmware/*\n ~/firmware/970E32_1.40: UEFIFirmwareVolume\n ~/firmware/CO5975P.BIO: EFICapsule\n ~/firmware/me-03.obj: IntelME\n ~/firmware/O990-A03.exe: None\n ~/firmware/O990-A03.exe.hdr: DellPFS\n\nIf you need to parse and extract a large number of firmware files check out the ``-O`` option to auto-generate an output folder per file. If parsing and searching for internals in a shell the ``--echo`` option will print the input filename before parsing.\n\nThe firmware-type checker will decide how to best parse the file. If the ``--test`` option fails to identify the type, or calls it ``unknown``, try to use the ``-b`` or ``--superbrute`` option. The later performs a byte-by-byte type checker.\n::\n\n $ uefi-firmware-parser --type ~/firmware/970E32_1.40\n ~/firmware/970E32_1.40: unknown\n $ uefi-firmware-parser --superbrute ~/firmware/970E32_1.40\n [...]\n\n**Features**\n\n- UEFI Firmware Volumes, Capsules, FileSystems, Files, Sections parsing\n- Intel PCH Flash Descriptors\n- Intel ME modules parsing (ME, TXE, etc)\n- Dell PFS (HDR) updates parsing\n- Tiano/EFI, and native LZMA (7z) [de]compression\n\n- Complete UEFI Firmware volume object hierarchy display\n- Firmware descriptor [re]generation using the parsed input volumes\n- Firmware File Section injection\n\n**GUID Injection**\n\nInjection or GUID replacement (no addition/subtraction yet) can be performed on sections within a UEFI firmware file, or on UEFI firmware files within a firmware filesystem.\n\n:: \n\n $ python ./scripts/fv_injector.py -h\n usage: fv_injector.py [-h] [-c] [-p] [-f] [--guid GUID] --injection INJECTION\n [-o OUTPUT]\n file\n\n Search a file for UEFI firmware volumes, parse and output.\n\n positional arguments:\n file The file to work on\n\n optional arguments:\n -h, --help show this help message and exit\n -c, --capsule The input file is a firmware capsule.\n -p, --pfs The input file is a Dell PFS.\n -f, --ff Inject payload into firmware file.\n --guid GUID GUID to replace (inject).\n --injection INJECTION\n Pre-generated EFI file to inject.\n -o OUTPUT, --output OUTPUT\n Name of the output file.\n\nNote: when injecting into a firmware file the user will be prompted for which section to replace. At the moment this is not-yet-scriptable. \n\n**IDA Python support**\n\nThere is an included script to generate additional GUID labels to import into IDA Python\nusing Snare's plugins. Using the ``-g LABEL`` the script will generate a Python dictionary-formatted output. This project will try to keep up-to-date with popular vendor GUIDs automatically.\n\n::\n\n $ python ./scripts/uefi_guids.py -h\n usage: uefi_guids.py [-h] [-c] [-b] [-d] [-g GENERATE] [-u] file\n\n Output GUIDs for files, optionally write GUID structure file.\n\n positional arguments:\n file The file to work on\n\n optional arguments:\n -h, --help show this help message and exit\n -c, --capsule The input file is a firmware capsule, do not search.\n -b, --brute The input file is a blob, search for firmware volume\n headers.\n -d, --flash The input file is a flash descriptor.\n -g GENERATE, --generate GENERATE\n Generate a behemoth-style GUID output.\n -u, --unknowns When generating also print unknowns.\n\n**Supported Vendors**\n\nThis module has been tested on BIOS/UEFI/firmware updates from the following vendors.\nNot every update for every product will parse, some may required a-priori decompression\nor extraction from the distribution update mechanism (typically a PE). \n\n- ASRock\n- Dell\n- Gigabyte\n- Intel\n- Lenovo\n- HP\n- MSI\n- VMware\n- Apple\n", "description_content_type": null, "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/theopolis/uefi-firmware-parser", "keywords": "security uefi firmware parsing bios", "license": "BSD", "maintainer": "", "maintainer_email": "", "name": "uefi_firmware", "package_url": "https://pypi.org/project/uefi_firmware/", "platform": "", "project_url": "https://pypi.org/project/uefi_firmware/", "project_urls": { "Homepage": "https://github.com/theopolis/uefi-firmware-parser" }, "release_url": "https://pypi.org/project/uefi_firmware/1.7/", "requires_dist": null, "requires_python": "", "summary": "Various data structures and parsing tools for UEFI firmware.", "version": "1.7" }, "last_serial": 3209240, "releases": { "1.1": [ { "comment_text": "", "digests": { "md5": "5dafe23d73678934596fe117cc7f0bb0", "sha256": "5bcfca6fda2f2e14731f2bf8dff39a38611f71187e5fb136496fbd663f33b406" }, "downloads": -1, "filename": "uefi_firmware-1.1.tar.gz", "has_sig": false, "md5_digest": "5dafe23d73678934596fe117cc7f0bb0", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 158406, "upload_time": "2015-12-28T10:09:30", "url": "https://files.pythonhosted.org/packages/d2/4c/0bf30a5d33c9b209da30cb81eb677fbbd8b0518d7009ee49ae45f04c4af2/uefi_firmware-1.1.tar.gz" } ], "1.2": [ { "comment_text": "", "digests": { "md5": "1c45851e98a64fb1126daa7f73f623df", "sha256": "21d547664877273883e5454dc4118ff7ccdb87984e96daf7195b99ac9828557c" }, "downloads": -1, "filename": "uefi_firmware-1.2.tar.gz", "has_sig": false, "md5_digest": "1c45851e98a64fb1126daa7f73f623df", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 157305, "upload_time": "2015-12-30T08:57:07", "url": "https://files.pythonhosted.org/packages/9e/5a/09f1c5cdc0bd8270c64fab1a5c9698df0689421add232503aa62264e2db8/uefi_firmware-1.2.tar.gz" } ], "1.3": [ { "comment_text": "", "digests": { "md5": "2417251144a03e1f15ad2fc0b4c8e104", "sha256": "938b80c4efb31d529eb3e276ba5fb95f1807329e71da7ba785097bba17cc0a7a" }, "downloads": -1, "filename": "uefi_firmware-1.3.tar.gz", "has_sig": false, "md5_digest": "2417251144a03e1f15ad2fc0b4c8e104", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 167263, "upload_time": "2015-12-30T09:17:27", "url": "https://files.pythonhosted.org/packages/5b/42/794565af526517b25a06c44b87611f6c693a2a196810b1a376a07a16776e/uefi_firmware-1.3.tar.gz" } ], "1.4": [ { "comment_text": "", "digests": { "md5": "51cccc1fdaaddfe20540f01896012e32", "sha256": "037bf8ece78aaecbf7c5986f1e6d0788a7b8b89ec0b63c1a2e99c62338e4528b" }, "downloads": -1, "filename": "uefi_firmware-1.4.tar.gz", "has_sig": false, "md5_digest": "51cccc1fdaaddfe20540f01896012e32", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 171524, "upload_time": "2016-01-31T18:01:22", "url": "https://files.pythonhosted.org/packages/b0/8e/2c3043f59ff8630492abf998b0d8f440cdb72eeda5935618b53eeab6c7fd/uefi_firmware-1.4.tar.gz" } ], "1.6": [ { "comment_text": "", "digests": { "md5": "561cc83f9bf48f5c976398e47a3ba9df", "sha256": "8c15f0406e8f9ea1b0d1d0e7107199cbaaa996b5cffdc1437789291adb81ce52" }, "downloads": -1, "filename": "uefi_firmware-1.6.tar.gz", "has_sig": false, "md5_digest": "561cc83f9bf48f5c976398e47a3ba9df", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 172767, "upload_time": "2016-07-05T03:41:06", "url": "https://files.pythonhosted.org/packages/9d/cf/4bfe2b207e214bfedc2f57ced8d4742fad2da70ec67db562ab023373daf8/uefi_firmware-1.6.tar.gz" } ], "1.7": [ { "comment_text": "", "digests": { "md5": "f0913fae84eeef96be9648c5844ca6ac", "sha256": "9957796f0d3823c98397d178c0f8c8043fdce020ae9a87780fac92b3a2c52e8a" }, "downloads": -1, "filename": "uefi_firmware-1.7.tar.gz", "has_sig": false, "md5_digest": "f0913fae84eeef96be9648c5844ca6ac", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 176958, "upload_time": "2017-09-28T07:28:56", "url": "https://files.pythonhosted.org/packages/ea/e0/d8e060ec233777faab2db6bf060e905b3ddeaa5be172068f5954212372f9/uefi_firmware-1.7.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "f0913fae84eeef96be9648c5844ca6ac", "sha256": "9957796f0d3823c98397d178c0f8c8043fdce020ae9a87780fac92b3a2c52e8a" }, "downloads": -1, "filename": "uefi_firmware-1.7.tar.gz", "has_sig": false, "md5_digest": "f0913fae84eeef96be9648c5844ca6ac", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 176958, "upload_time": "2017-09-28T07:28:56", "url": "https://files.pythonhosted.org/packages/ea/e0/d8e060ec233777faab2db6bf060e905b3ddeaa5be172068f5954212372f9/uefi_firmware-1.7.tar.gz" } ] }