Data

Tools

Indexes

Applications

Experiments

Open Source Science

https://github.com/ffri/orom-backdoor-research

PoC code and tools for Black Hat USA 2024

https://github.com/ffri/orom-backdoor-research

Science Score: 13.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
  • DOI references
  • Academic publication links
  • Committers with academic emails
  • Institutional organization owner
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (5.3%) to scientific vocabulary
Last synced: 6 months ago · JSON representation

Repository

PoC code and tools for Black Hat USA 2024

Basic Info
  • Host: GitHub
  • Owner: FFRI
  • License: apache-2.0
  • Language: C
  • Default Branch: master
  • Size: 4.15 MB
Statistics
  • Stars: 21
  • Watchers: 1
  • Forks: 3
  • Open Issues: 0
  • Releases: 0
Created over 1 year ago · Last pushed over 1 year ago
Metadata Files
Readme License

README.md

OROM Backdoor Research

While there are few studies inserting malicious code into UEFI Option ROMs (OROMs), none of them have focused soley on OROMs. In our presentation at Black Hat USA 2024, we organized the benefits and infection scenarios of placing a backdoor in UEFI OROM. This repository contains the PoC code of UEFI OROM backdoors (stripped for security purpose, full source given on demand) and some simple tools that I used in my research.

This repository contains the following contents (details are in the README.md inside each folder). * orom-builder: A simple tool to convert OROM image from DXE module * orom-flasher: A sample BusPirate script to write file to the SPI flash chip (OROM) * orom-backdoors: Source codes of 3 PoC OROM backdoors (stripped) * EtwConsumer: A simple ETW consumer for tracing only specified process

Author

Kazuki Matsuo. © FFRI Security, Inc. 2024

License

Apache version 2.0

Owner

  • Name: FFRI Security, Inc.
  • Login: FFRI
  • Kind: organization
  • Location: Tokyo, Japan

Next Generation Security

GitHub Events

Total
  • Watch event: 9
Last Year
  • Watch event: 9

Committers

Last synced: about 1 year ago

All Time
  • Total Commits: 1
  • Total Committers: 1
  • Avg Commits per committer: 1.0
  • Development Distribution Score (DDS): 0.0
Past Year
  • Commits: 1
  • Committers: 1
  • Avg Commits per committer: 1.0
  • Development Distribution Score (DDS): 0.0
Top Committers
Name Email Commits
kazuki-matsuo-ffri k****o@f****p 1
Committer Domains (Top 20 + Academic)
ffri.jp: 1

Issues and Pull Requests

Last synced: 10 months ago

All Time
  • Total issues: 0
  • Total pull requests: 0
  • Average time to close issues: N/A
  • Average time to close pull requests: N/A
  • Total issue authors: 0
  • Total pull request authors: 0
  • Average comments per issue: 0
  • Average comments per pull request: 0
  • Merged pull requests: 0
  • Bot issues: 0
  • Bot pull requests: 0
Past Year
  • Issues: 0
  • Pull requests: 0
  • Average time to close issues: N/A
  • Average time to close pull requests: N/A
  • Issue authors: 0
  • Pull request authors: 0
  • Average comments per issue: 0
  • Average comments per pull request: 0
  • Merged pull requests: 0
  • Bot issues: 0
  • Bot pull requests: 0
View more stats
Top Authors
Issue Authors
Pull Request Authors
Top Labels
Issue Labels
Pull Request Labels