SamuelTulach/SecureFakePkg SamuelTulach/SecureFakePkg

  • Stars
    star
    117
  • Rank 292,833 (Top 6 %)
  • Language
    C
  • Created over 2 years ago
  • Updated over 2 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
SamuelTulach/SecureFakePkg
github

SamuelTulach

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Simple EFI runtime driver that hooks GetVariable function and returns data expected by Windows to make it think that it's running with secure boot enabled (faking secure boot)

SecureFakePkg

SecureFakePkg is a simple EFI runtime driver that hooks GetVariable function and returns data expected by Windows to make it think that it's running with secure boot enabled. In other words, it fakes secure boot status.

Please note: Before loading the driver, check that you have vendor (Microsoft) keys enrolled. If not, try enabling secure boot and then disabling it. You can check that they are enrolled with dmpstore -b command in EFI shell. You should see something like this.

screen0 screen1

Usage

In order to use SecureFakePkg, you need to load it. First, obtain a copy of SecureFakePkg.efi and a copy of EDK2 efi shell. Now follow these steps:

  1. Extract downloaded efi shell and rename file Shell.efi (should be in folder UefiShell/X64) to bootx64.efi
  2. Format some USB drive to FAT32
  3. Create following folder structure:
USB:.
 β”‚   SecureFakePkg.efi
 β”‚
 └───EFI
      └───Boot
              bootx64.efi
  1. Boot from the USB drive
  2. An UEFI shell should start, change directory to your USB (FS0 should be the USB since we are booting from it) and list files:
FS0:
ls
  1. You should see file SecureFakePkg.efi, if you do, load it:
load SecureFakePkg.efi
  1. Now you should see output from SecureFakePkg. If it was successful, exit and boot into Windows (change to Windows boot media - usually FS1 - and run \EFI\Boot\bootx64.efi)

Compiling

See VisualEfi.

Download

See UnknownCheats post for compiled version.

More Repositories

1

VirusTotalUploader

C# Open-Source Winforms application for uploading files to VirusTotal
C#
1,075
star
2

mutante

Kernel-mode Windows HWID spoofer
C++
509
star
3

efi-memory

PoC EFI runtime driver for memory r/w & kdmapper fork
C++
418
star
4

rainbow

Hide SMBIOS/disk/NIC serials from EFI bootkit
C
262
star
5

negativespoofer

PoC HWID spoofer that runs in EFI
C++
244
star
6

LightHook

Single-header, minimalistic, cross-platform hook library written in pure C
C
197
star
7

RwxMeme

State of the art DLL injector that took 20 minutes to make
C++
181
star
8

tpm-spoofer

Simple proof of concept kernel mode driver hooking tpm.sys dispatch to randomize any public key reads
C
156
star
9

nullmap

Using CVE-2023-21768 to manual map kernel mode driver
C
154
star
10

meme-rw

Archive R/W into any protected process by changing the value of KTHREAD->PreviousMode
C++
141
star
11

memhv

Minimalistic AMD-V/SVM hypervisor with memory introspection capabilities
C++
119
star
12

BetterTiming

PoC TSC offsetting in KVM
113
star
13

OverlayCord

Simple proof of concept showing how you can abuse Discord's in-game internal module to draw on top of the game (even if the game is in fullscreen) from an external application without modifying any Discord files or loading its modules.
C++
110
star
14

voidmap

Using CVE-2021-40449 to manual map kernel mode driver
C
97
star
15

CanetisRadar

Open-source application for detecting sound direction using 7.1 audio device in games
C#
92
star
16

windowhide

Hide external overlay by using SetWindowDisplayAffinity
C++
80
star
17

PatchBoot

Guide for patching AMI Aptio V UEFI firmware to circumvent Secure Boot checks
75
star
18

DirectPageManipulation

A basic demonstration of directly overwriting paging structures for physical memory r/w and interprocess memory copy
C++
66
star
19

eac_cr3_shuffle

C++
37
star
20

EfiDump

PoC EFI runtime driver for direct Windows interprocess memory copy
C
37
star
21

InjectMouseInputExample

C/C++ example of InjectMouseInput function
C++
29
star
22

human-mouse

Adopted SRL-6 mouse movement to C++
C++
28
star
23

memdrv

C++
26
star
24

be_shellcode_dump

December 2023 BattlEye shellcode dump
C
25
star
25

GetDeviceInterfacesMemoryLeak

Small memory leak PoC that is happening in IopGetDeviceInterfaces
C++
24
star
26

SaberHighlight

Beat Saber mod enabling NVIDIA Highlights functionality
C#
24
star
27

vmcheck

C
19
star
28

SoundReplacer

BSIPA mod for replacing hit sounds, menu music, click sounds and much more!
C#
18
star
29

ida-unity-pdb-downloader

Simple IDA Pro plugin to download Unity debug symbols from their symbol server
C++
17
star
30

OcuFix

Simple mod to automatically disable ASW and change services/runtime priority
C#
16
star
31

RecoilTime

A simple program made in C# for reducing recoil in games under Windows environment
C#
14
star
32

EasyUefi

Visual Studio template for GNU-EFI
C
13
star
33

EmuAuth

KeyAuth server emulator
C++
11
star
34

DiscordLeech

Read Discord user info from process memory
C#
10
star
35

EvilKaspersky

C++
10
star
36

lrdp

9
star
37

esea-control

Simple program to temporarly disable ESEA anti-cheat
C#
9
star
38

ByeMouse

C#
5
star
39

EasyDump

C#
4
star
40

PowerControl

C#
4
star
41

eft-profile-api

Reversing the newly added EFT feature that allows you to view other players' stats
C#
4
star
42

obs-dda

C
3
star
43

virtmgr

C++
2
star
44

OneplusDebloat

Remove crappy useless apps in Oxygen OS (both 3rd party and Google)
Shell
2
star
45

SamuelTulach

1
star
46

NekoSwap

C++
1
star