Efiguard - Disable Patchguard Together With Dse At Kicking Time

EfiGuard is a portable x64 UEFI bootkit that patches the Windows kicking manager, kicking loader too center at kicking fourth dimension inward club to disable PatchGuard too Driver Signature Enforcement (DSE).

Features

• Currently supports all EFI-compatible versions of Windows x64 e'er released, from Vista SP1 to Server 2019.
  
• Easy to use: tin live on booted from a USB stick via a loader application that automatically finds too boots Windows. The driver tin also live on loaded too configured manually using either the UEFI rhythm out or the loader.
  
• Makes extensive utilization of the Zydis disassembler library for fast runtime pedagogy decoding to back upwardly to a greater extent than robust analysis than what is possible amongst signature matching, which oftentimes requires changes amongst novel OS updates.
  
• Works passively: the driver does non charge or start the Windows kicking manager. Instead it acts on a charge of bootmgfw.efi yesteryear the firmware kicking manager via the kicking selection carte or an EFI application such equally the loader. If a non-Windows OS is booted, the driver volition automatically unload itself.
  
• Supports four-stage patching for when bootmgfw.efi starts bootmgr.efi rather than winload.efi. This is the illustration when a WIM file is loaded to kicking WinPE, Windows Setup or Windows Recovery mode.
  
• Graceful recovery: inward illustration of field failure, the driver volition display mistake information too prompt to choke on booting or to reboot yesteryear pressing ESC. This is truthful fifty-fifty upwardly to the finally center field stage, because the finally field phase happens earlier ExitBootServices is called. Many UEFI Windows bootkits claw OslArchTransferToKernel which, piece tardily to discovery yesteryear pattern matching, is a role that executes inward protected fashion afterwards ExitBootServices. This agency no kicking services are available to say the user that something went wrong. 

• Simulated field failure amongst mistake information
  
• Debuggable: tin output messages to a center debugger too to the covert (albeit buffered) during the center patching stage, too to a series port or unbuffered to the covert during the kicking manager too kicking loader patching stages. If the driver is compiled amongst PDB debug information, it is possible to charge the debug symbols at whatever betoken afterwards HAL initialization yesteryear specifying the virtual DXE driver base of operations too debugging it equally yous would a regular NT driver.
  
• DSE bypasses: available equally either a straightforward UPGDSED-style DSE disable at kicking fourth dimension or equally a claw on the SetVariable() EFI runtime service. The latter serves equally an arbitrary center fashion read/write backdoor that tin live on called from Windows using NtSetSystemEnvironmentValueEx too allows setting g_CiEnabled/g_CiOptions to the desired value. Influenza A virus subtype H5N1 modest DSEFix-style application named EfiDSEFix.exe is provided that tin live on used to attain this. It is also possible to leave of absence DSE enabled too to disable solely PatchGuard. The loader volition utilization the SetVariable claw method yesteryear default, due to the fact that roughly anti-cheat too anti-virus programs attain non sympathize the departure betwixt cheats or malware too self-signed drivers inward full general too target the UPGDSED fix.
  
• Supports on-disk modified kernels too kicking loaders yesteryear patching ImgpValidateImageHash at every phase equally good equally ImgpFilterValidationFailure, which may silently rat out roughly classes of violations to a TPM or the SI log file.
  
• Allows Secure Boot to move amongst Windows vii (not a joke!). Windows vii itself is oblivious to Secure Boot equally it does non back upwardly it, or (officially) fifty-fifty booting without CSM. This is useful for people who wishing to utilization Windows vii on a locked downward device that requires WHQL Secure Boot. Wiki entry on how to larn this to move here. 

• WinObjEx64 on Windows vii amongst Secure Boot enabled
  

Issues too limitations

• EfiGuard tin non disable Hypervisor-enforced Code Integrity (HVCI or HyperGuard) due to HVCI running at a greater privilege level. EfiGuard can coexist amongst HVCI too fifty-fifty successfully disables PatchGuard inward the normal kernel, simply this is non useful inward do because HVCI volition grab what PatchGuard did previously. Both types of DSE bypass are rendered useless yesteryear HVCI: the kicking fourth dimension field has no number because the center defers to the secure center for integrity checks, too the SetVariable claw volition motility a SECURE_KERNEL_ERROR bugcheck if it is used to write to g_CiOptions.
• Checked kernels are non supported due to the differences inward PatchGuard too DSE initialization code caused yesteryear disabled optimizations too added asserts, equally good equally additional changes to PatchGuard inward checked kernels. This should non live on an number equally checked kernels are non mostly useful without a center debugger attached, which disables PatchGuard.
• The loader application is currently non lead bootable on roughly PCs (e.g. Dell XPS). In this illustration the UEFI rhythm out tin live on used equally a fallback (see below).

How to use
There are 2 ways to utilization EfiGuard: booting the loader (easiest), or using the UEFI rhythm out to charge the driver.

Booting the loader

1. Download or compile EfiGuard, choke to EFI/Boot too rename 1 of Loader.efi or Loader.config.efi to bootx64.efi. The 2 are identical, except Loader.efi boots without user interaction whereas Loader.config.efi volition prompt yous to configure the DSE field method used yesteryear the driver (if yous wishing to modify this).
2. Place the files on a kicking drive such equally a USB stick (for physical machines) or an ISO/virtual disk (for VMs). The paths should live on /EFI/Boot/{bootx64|EfiGuardDxe}.efi. It is recommended to utilization FAT32 formatted USB sticks.
3. Boot the machine from the novel drive instead of booting Windows. Most firmwares supply a kicking carte to attain this (accessible via F10/F11/F12). If not, yous volition involve to configure the BIOS to kicking from the novel drive.
4. If yous are using the default loader, Windows should straight off boot, too yous should run across EfiGuard messages during boot. If yous are using the configurable loader, response the configuration prompts too Windows volition boot.
5. If yous booted amongst the SetVariable claw (the default), run EfiDSEFix.exe -d from a ascendence prompt afterwards kicking to disable DSE. Run EfiDSEFix.exe to run across the total listing of options.

Using the UEFI rhythm out to charge the driver

1. Follow the steps 1 too 2 equally above, simply attain non rename the loader to bootx64.efi. Instead, either utilization the BIOS-provided rhythm out (if yous convey one), or download the EDK2 UEFI Shell too rename it to bootx64.efi.
2. Boot the machine to the UEFI shell.
3. cd to /EFI/Boot on the right filesystem too run load EfiGuardDxe.efi to charge the driver.
4. (Optional) Run either Loader.efi or Loader.config.efi from the same directory to kicking Windows. You tin also choke on working inward the shell, or exit to choke dorsum to the BIOS/boot carte too kicking from there.
5. After boot, apply the DSE develop equally to a higher house if applicable.

Compilation

Compiling EfiGuardDxe too the loader
EfiGuard requires EDK2 to build. If yous don't convey EDK2 installed, follow the steps inward Getting Started amongst EDK2 showtime equally the EDK2 construct organisation is fairly complex to laid up. This department assumes yous convey a workspace directory that your WORKSPACE environs variable points to, amongst a re-create of EDK2 checked out inward workspace/edk2. Supported compilers are MSVC, Clang, GCC too ICL.

1. Clone the EfiGuard repository into workspace/edk2/EfiGuardPkg.
2. Open a prompt or rhythm out that sets upwardly the environs variables for EDK2.
3. Run build -a X64 -t VS2017 -p EfiGuardPkg/EfiGuardPkg.dsc -b RELEASE, substituting your toolchain for VS2017.

This volition attain EfiGuardDxe.efi too Loader.efi inward workspace/Build/EfiGuard/RELEASE_VS2017/X64. To construct the interactively configurable loader, append -D CONFIGURE_DRIVER=1 to the construct command.

Compiling EfiDSEFix
EfiDSEFix requires Visual Studio to build.

1. Open EfiGuard.sln too construct the solution.

The output binary EfiDSEFix.exe volition live on inward Application/EfiDSEFix/bin.
The Visual Studio solution also includes projects for EfiGuardDxe.efi too Loader.efi which tin live on used amongst VisualUefi, simply these projects are non built yesteryear default equally they volition non link without additional code, too the construct output volition live on inferior (bigger) than what EDK2 produces. Loader.efi volition non link at all due to VisualUefi missing UefiBootManagerLib. These projection files are thence meant equally a evolution assist solely too the EFI files should however live on compiled amongst EDK2. To laid upwardly VisualUefi for this purpose, clone the repository into workspace/VisualUefi too opened upwardly EfiGuard.sln.

Architecture

While EfiGuard is a UEFI bootkit, it did non start out equally one. EfiGuard was originally an on-disk patcher running on NT (similar to UPGDSED), intended to evidence the viability of a disassembler-based aproach, equally opposed to using PDB symbols too version-specific signatures. PatchNtoskrnl.c however looks real much similar this original design. Only afterwards this approach proved successful, amongst no modifications to code needed inward over a twelvemonth of Windows updates, did UEFI come upwardly into the movie equally a way to farther amend capabilities too repose of use.
Some of the benefits provided yesteryear a bootkit approach include:

• No on-disk modifications to kernels or bootloaders needed.
• No involve to modify the kicking configuration shop using bcdedit.
• No involve to field ImgpValidateImageHash (although this is however optionally done).
• Ironically, the utilization of a bootkit allows enabling Secure Boot, provided yous ain the Platform Key too are able to add together your personal certificate to the db store.

The initial incarnation of EfiGuard equally a bootkit was an attempt to larn dude719's UEFI-Bootkit to move amongst recent versions of Windows 10, because it had choke dated too no longer plant on the latest versions (like UPGDSED, oftentimes caused yesteryear version-sensitive pattern scans). While I did eventually larn this to work, I was unsatisfied amongst the resultant mostly due to the selection of hooking OslArchTransferToKernel, which equally noted to a higher house executes inward protected fashion too afterwards ExitBootServices has been called. Apart from this, I was non satisfied amongst solely existence able to field roughly versions of Windows 10; I wanted the bootkit to move on every EFI-compatible version of Windows x64 released to date. Because of this, I rewrote the bootkit from scratch amongst the next aims:

• To supply field information at every phase of kicking including the center field itself.
• To growth the number of supported EFI-compatible Windows versions to "all" (at the fourth dimension of writing).
• To enable lazy instantiation of the bootkit too optionally a center backdoor, achieved yesteryear EFI System Table hooks.

Influenza A virus subtype H5N1 large movie overview of the finally EfiGuard kicking period of time is shown inward the diagram above. For the private component-specific hooks too patches, run across EfiGuardDxe/PatchXxx.c inward the source files. For driver initialization/unloading too the EFI Boot too Runtime Services hooks, run across EfiGuardDxe.c.

Credits

• UPGDSED yesteryear hfiref0x too Fyyre
• Zydis yesteryear zyantific
• Uninformed articles on PatchGuard v1, v2 too v3 yesteryear Skywing
• UEFI-Bootkit yesteryear dude719
• ReactOS

Download EfiGuard