Platbox v1.2 releases: UEFI and SMM Assessment Tool

UEFI Assessment Tool

Platbox

UEFI and SMM Assessment Tool

Features

Platbox is a tool that helps assessing the security of the platform:

  • Dumps the platform registers that are interesting security-wise
    • Flash Locks
    • MMIO and Remapping Locks
    • SMM Base and Locks
    • MSRs
  • RW access to the PCI configuration space of devices.
  • RW to physical memory and virtual memory.
  • Allows allocating physical memory and map memory to usermode.
  • Read and Write MSRs.
  • Dump SPI Flash content (BIOS) into a file.
  • Basic dumb SMI Fuzzer.
  • Dump S3 Bootscript (from SMM-Lockbox) into a file.
  • Dump EFI Memory Map (Linux only for now).
  • List UEFI variables.
  • Supports Linux and Windows.
  • Supports Intel and AMD.

Project Structure

The project is divided as follows:

  • PlatboxDrv: kernel drivers used for Linux and Windows.
  • PlatboxLib: the usermode component that loads the kernel driver and provides access to all the previously listed features.
  • PlatboxCli: a console client that uses the library.
  • Pocs: an example of a program using features from the library.

Changelog v1.2

Added detection of SW SMI triggering Port for AMD
Added AMD Platform Secure Boot (PSB) checks
Added AMD PSP communication code
Added 32-bit address write mode to AMD SPI
Refactored AMD SPI code
Added SMM Supervisor Policy Parser python module
Added AMD ROM Armor ranges extraction python module
Added SMRAM Analysis python module for AMD (ported from Cr4sh code)
Added Intel GPIO module
Added IO ports communication
Added MIT License

Download

Copyright (c) 2023 IOActive