Simple EFI runtime driver that hooks GetVariable function and returns data expected by Windows to make it think that it's running with secure boot enabled (faking secure boot)

SecureFakePkg

SecureFakePkg is a simple EFI runtime driver that hooks GetVariable function and returns data expected by Windows to make it think that it's running with secure boot enabled. In other words, it fakes secure boot status.

Please note: Before loading the driver, check that you have vendor (Microsoft) keys enrolled. If not, try enabling secure boot and then disabling it. You can check that they are enrolled with dmpstore -b command in EFI shell. You should see something like this.

screen0 screen1

Usage

In order to use SecureFakePkg, you need to load it. First, obtain a copy of SecureFakePkg.efi and a copy of EDK2 efi shell. Now follow these steps:

  1. Extract downloaded efi shell and rename file Shell.efi (should be in folder UefiShell/X64) to bootx64.efi
  2. Format some USB drive to FAT32
  3. Create following folder structure:
USB:.
 │   SecureFakePkg.efi
 │
 └───EFI
      └───Boot
              bootx64.efi
  1. Boot from the USB drive
  2. An UEFI shell should start, change directory to your USB (FS0 should be the USB since we are booting from it) and list files:
FS0:
ls
  1. You should see file SecureFakePkg.efi, if you do, load it:
load SecureFakePkg.efi
  1. Now you should see output from SecureFakePkg. If it was successful, exit and boot into Windows (change to Windows boot media - usually FS1 - and run \EFI\Boot\bootx64.efi)

Compiling

See VisualEfi.

Download

See UnknownCheats post for compiled version.

Owner
Samuel Tulach
otiosum#0001 | @ootiosum | 17 y/o bc1quqye8z97pcaymhy9gxaexqnt4ulryqtua0t82v
Samuel Tulach
Similar Resources

Hide SMBIOS/disk/NIC serials from EFI bootkit

Hide SMBIOS/disk/NIC serials from EFI bootkit

Rainbow Rainbow is a bootkit like HWID spoofer for Windows. It abuses several hooks in EFI runtime services and uses clever DKOM to hide hardware seri

Nov 22, 2022

ThatOS64 is for the youtube series on 64-Bit Kernel Development pre-loaded by the EFI

ThatOS64 is for the youtube series on 64-Bit Kernel Development pre-loaded by the EFI

Step by Step Tutorials on how to code a 64-Bit loader and kernel for OS Development NOTES Starting with CODE5, the resolution from the EFI file sets t

Jul 10, 2022

GNU-EFI fork without the bs.

reduced-gnu-efi =============== reduced-gnu-efi is a fork of GNU-EFI that strips out all code save for the relocation assembly stubs and the EFI head

Nov 5, 2022

Make screenshot every few minutes to make your small history!

Screenlapse Fun CPP application (which isn't well-made, can be optimized) that automatically make screenshots of your screen every few minutes and sto

Aug 18, 2021

x64 Windows kernel driver mapper, inject unsigned driver using anycall

x64 Windows kernel driver mapper, inject unsigned driver using anycall

anymapper x64 Windows kernel driver mapper, inject unsigned driver using anycall This project is WIP. Todo Fix: Can't make API calls from IAT nor func

Nov 26, 2022

Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.

Hygieia The Greek goddess of health, her name is the source for the word "hygiene". Hygieia is a windows driver that works similarly to how pagewalkr

Oct 28, 2022

External warzone cheat with manual mapped driver (function hook), overlay (nvidia hijack), simple esp, no recoil

external_warzone_cheat External warzone cheat with manual mapped driver (function hook), overlay (nvidia hijack), simple esp, no recoil Offsests are N

Nov 14, 2022

Minimal freestanding C library for kernel dev. Think Rust's libcore but for C. (memutils, string formatting, etc)

Libcore Minimal freestanding C library. Features String formatting. Memory utils memcpy memmove memcmp String utils strlen strncpy strncmp Serial driv

Oct 21, 2021

C-function for traversing files/directories effectively and calling a given function with each encountered file and a void-pointer as parameters

C-function for traversing files/directories effectively and calling a given function with each encountered file and a void-pointer as parameters

Jun 27, 2022
🎨 A secure boot compatible in-memory UxTheme patcher
🎨 A secure boot compatible in-memory UxTheme patcher

SecureUxTheme About SecureUxTheme is a software that removes signature verification of styles from Windows. Features No system file modifications No d

Nov 24, 2022
A LoadLibrary injector for CS:GO that automatically bypasses Trusted Mode by disabling various Win32 function hooks.

TrustedInjector This is a LoadLibrary injector for Counter-Strike: Global Offensive. Information It automatically bypasses trusted mode by removing ho

Sep 12, 2022
Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.
Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.

CosMapper Loads a signed kernel driver (signed with leaked cert) which allows you to map any driver to kernel mode without any traces of the signed /

Nov 25, 2022
VGG Runtime for loading design and running emulated apps.

VGG Runtime A design engine capable of loading design drafts as well as running design as an emulated app. Features Game-engine-like ECS architecture

Nov 22, 2022
OCaml bytecode running on the nRF52840 board, using the OMicroB runtime with RIOT OS.

omicrob-riot-nrf52 This project gets OCaml bytecode running on the nRF52840 board. It uses OMicroB for the runtime and bytecode optimisation, and RIOT

Sep 23, 2022
OCaml bytecode running on the nRF52840 board, using the standard OCaml runtime with RIOT OS.

ocaml-riot-nrf52 This project gets OCaml bytecode running on the nRF52840 board. It uses the standard OCaml runtime, and RIOT OS for the base layer be

Mar 28, 2022
Opencore-based Hackintosh EFI and guide for Lenovo Thinkpad X1 Carbon Gen 7
Opencore-based Hackintosh EFI and guide for Lenovo Thinkpad X1 Carbon Gen 7

macOS on Thinkpad X1 Carbon 7th Generation OpenCore-based Hackintosh EFI and guide for Lenovo Thinkpad X1 Carbon Gen 7. This guide has been generated

Aug 9, 2022
fortnite cheat external that uses efi drivers and is updated

fortnite-external-efi-drivers fortnite cheat external that uses efi drivers and is updated ALL CREDITS TO CHASE: https://github.com/Chase1803 i just u

Jun 5, 2022
Basic EFI with Opencore for AMD Ryzen and Threadripper

BASE EFI AMD - Ryzen and Threadripper (1XXX, 2XXX, 3XXX, 4XXX, 5XXX) and Athlon 2xxGE Note Description Initial macOS Support macOS 10.13, High Sierra.

Nov 27, 2022
A simple implementation of a parser and its use to calculate simple mathematical expressions

Calculator C Parser A simple implementation of a parser and its use to calculate simple mathematical expressions I haven't written a detailed descript

Nov 8, 2021