SamuelTulach/SecureFakePkg SamuelTulach/SecureFakePkg

  • Stars
    star
    125
  • Rank 286,335 (Top 6 %)
  • Language
    C
  • Created about 3 years ago
  • Updated about 3 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
SamuelTulach/SecureFakePkg
github

SamuelTulach

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Simple EFI runtime driver that hooks GetVariable function and returns data expected by Windows to make it think that it's running with secure boot enabled (faking secure boot)

SecureFakePkg

SecureFakePkg is a simple EFI runtime driver that hooks GetVariable function and returns data expected by Windows to make it think that it's running with secure boot enabled. In other words, it fakes secure boot status.

Please note: Before loading the driver, check that you have vendor (Microsoft) keys enrolled. If not, try enabling secure boot and then disabling it. You can check that they are enrolled with dmpstore -b command in EFI shell. You should see something like this.

screen0 screen1

Usage

In order to use SecureFakePkg, you need to load it. First, obtain a copy of SecureFakePkg.efi and a copy of EDK2 efi shell. Now follow these steps:

  1. Extract downloaded efi shell and rename file Shell.efi (should be in folder UefiShell/X64) to bootx64.efi
  2. Format some USB drive to FAT32
  3. Create following folder structure:
USB:.
 │   SecureFakePkg.efi
 │
 └───EFI
      └───Boot
              bootx64.efi
  1. Boot from the USB drive
  2. An UEFI shell should start, change directory to your USB (FS0 should be the USB since we are booting from it) and list files:
FS0:
ls
  1. You should see file SecureFakePkg.efi, if you do, load it:
load SecureFakePkg.efi
  1. Now you should see output from SecureFakePkg. If it was successful, exit and boot into Windows (change to Windows boot media - usually FS1 - and run \EFI\Boot\bootx64.efi)

Compiling

See VisualEfi.

Download

See UnknownCheats post for compiled version.

More Repositories

1

VirusTotalUploader

C# Open-Source Winforms application for uploading files to VirusTotal
C#
1,128
star
2

mutante

Kernel-mode Windows HWID spoofer
C++
524
star
3

efi-memory

PoC EFI runtime driver for memory r/w & kdmapper fork
C++
476
star
4

rainbow

Hide SMBIOS/disk/NIC serials from EFI bootkit
C
270
star
5

negativespoofer

PoC HWID spoofer that runs in EFI
C++
269
star
6

LightHook

Single-header, minimalistic, cross-platform hook library written in pure C
C++
246
star
7

RwxMeme

State of the art DLL injector that took 20 minutes to make
C++
192
star
8

tpm-spoofer

Simple proof of concept kernel mode driver hooking tpm.sys dispatch to randomize any public key reads
C
179
star
9

nullmap

Using CVE-2023-21768 to manual map kernel mode driver
C
171
star
10

memhv

Minimalistic AMD-V/SVM hypervisor with memory introspection capabilities
C++
152
star
11

meme-rw

Archive R/W into any protected process by changing the value of KTHREAD->PreviousMode
C++
146
star
12

OverlayCord

Simple proof of concept showing how you can abuse Discord's in-game internal module to draw on top of the game (even if the game is in fullscreen) from an external application without modifying any Discord files or loading its modules.
C++
139
star
13

BetterTiming

PoC TSC offsetting in KVM
122
star
14

PwnedBoot

Using Windows' own bootloader as a shim to bypass Secure Boot
C
103
star
15

voidmap

Using CVE-2021-40449 to manual map kernel mode driver
C
97
star
16

CanetisRadar

Open-source application for detecting sound direction using 7.1 audio device in games
C#
93
star
17

PatchBoot

Guide for patching AMI Aptio V UEFI firmware to circumvent Secure Boot checks
87
star
18

windowhide

Hide external overlay by using SetWindowDisplayAffinity
C++
86
star
19

DirectPageManipulation

A basic demonstration of directly overwriting paging structures for physical memory r/w and interprocess memory copy
C++
75
star
20

ImGui-AppKit

Project template for single-window GUI apps using Dear ImGui
C++
44
star
21

eac_cr3_shuffle

C++
41
star
22

ida-unity-pdb-downloader

Simple IDA Pro plugin to download Unity debug symbols from their symbol server
C++
41
star
23

EfiDump

PoC EFI runtime driver for direct Windows interprocess memory copy
C
37
star
24

InjectMouseInputExample

C/C++ example of InjectMouseInput function
C++
30
star
25

MemoryGuard

Experiment with PAGE_GUARD protection to hide memory from other processes
C
29
star
26

human-mouse

Adopted SRL-6 mouse movement to C++
C++
29
star
27

memdrv

C++
26
star
28

GetDeviceInterfacesMemoryLeak

Small memory leak PoC that is happening in IopGetDeviceInterfaces
C++
24
star
29

SaberHighlight

Beat Saber mod enabling NVIDIA Highlights functionality
C#
24
star
30

be_shellcode_dump

December 2023 BattlEye shellcode dump
C
24
star
31

SoundReplacer

BSIPA mod for replacing hit sounds, menu music, click sounds and much more!
C#
19
star
32

EvilKaspersky

C++
19
star
33

vmcheck

C
18
star
34

OcuFix

Simple mod to automatically disable ASW and change services/runtime priority
C#
16
star
35

RecoilTime

A simple program made in C# for reducing recoil in games under Windows environment
C#
14
star
36

EasyUefi

Visual Studio template for GNU-EFI
C
14
star
37

eft-profile-api

Reversing the newly added EFT feature that allows you to view other players' stats
C#
13
star
38

EmuAuth

KeyAuth server emulator
C++
11
star
39

DiscordLeech

Read Discord user info from process memory
C#
10
star
40

esea-control

Simple program to temporarly disable ESEA anti-cheat
C#
9
star
41

lrdp

8
star
42

InactiveTitlebarPatch

Simple registry patch to turn inactive title bar color dark
8
star
43

ByeMouse

C#
5
star
44

obs-dda

C
3
star
45

EasyDump

C#
3
star
46

PowerControl

C#
3
star
47

MapPasswordTool

TM2020 tool to remove password lock for editing from maps
C#
2
star
48

virtmgr

C++
2
star
49

OneplusDebloat

Remove crappy useless apps in Oxygen OS (both 3rd party and Google)
Shell
2
star
50

NekoSwap

C++
1
star