chipsec v1.12.3 releases: Platform Security Assessment Framework

CHIPSEC is a framework for analyzing the security of PC platforms including hardware, system firmware (BIOS/UEFI), and platform components. It includes a security test suite, tools for accessing various low-level interfaces, and forensic capabilities. It can be run on Windows, Linux, Mac OS X, and UEFI shell. Instructions for installing and using CHIPSEC can be found in the manual.

NOTE: This software is for security testing purposes. Use at your own risk. Read WARNING.txt before using.

The recent presentation on how to use CHIPSEC to find vulnerabilities in firmware, hypervisors and hardware configuration, explore low-level system assets and even detect firmware implants: Exploring Your System Deeper

What is Platform Security?
Hardware Implementation and Configuration
• Available Security Features
• Correct Configuration of HW Components
• Testing/Demonstration of HW Security Mechanisms
Firmware Implementation and Configuration
• Access Controls on Firmware Interfaces
• Correct Settings of Lock Bits
• Testing/Demonstration of FW Security Mechanisms

Feature:
+ System Management Mode
* CPU SMM Cache Poisoning / SMM Range Registers (SMRR)
* SMM memory (SMRAM) Lock
+ BIOS Write Protection
+ Direct HW Access for Manual Testing
+ Forensics
* Live system firmware analysis
* Offline system firmware analysis

Changelog v1.12.3

• Add get_bits() to library/bits.py by @frinzell in #1932
• Fix the issue with the bus lists by @npmitche in #1937
• fix misspelling of “Parameter” by @WilliamLeara in #1938
• Update PCH 6xx* DIDs by @npmitche in #1936
• Fix uefi_search cpuid.upper call as cpuid is an int by @npmitche in #1939
• Update DMAR tables per specification by @BrentHoltsclaw in #1935
• PEP632 URL typo by @frinzell in #1941
• Add helper function for return codes integration by @Sae86 in #1942
• Fix issue where platform cfgs would not overwrite common by @npmitche in #1950
• Add return codes support to vmm.venom and wsmt in tools by @Sae86 in #1949
• Add return codes support to iofuzz, msr_fuzz, pcie_fuzz, pcie_overlap… by @Sae86 in #1948
• Add return codes support to vbox and xen folders in tools by @Sae86 in #1946
• Add check for setuptools >=62.0.0 by @npmitche in #1943
• Add return codes support to cpuid_fuzz, ept_finder and hypercallfuzz … by @Sae86 in #1947
• Add return codes support to sinkhole, te, rogue_mmio_bar and smm_ptr by @Sae86 in #1940
• Add return codes support to tools/vmm/hv by @Sae86 in #1945
• Add initial windows helper unit tests by @npmitche in #1951

Tutorial

Copyright (C) 2018 chipsecintel

Source: https://github.com/chipsec/