UEFI

bootkits

Signed bootloaders of bootloaders

tivoization

UEFI db

GRUB2

Use modded GRUB with internal EFI loader, without digital signature vertification or module restrictions;

Use custom pre-loader (the second one) which hook UEFI file vertification functions (EFI_SECURITY_ARCH_PROTOCOL.FileAuthenticationState, EFI_SECURITY2_ARCH_PROTOCOL.FileAuthentication)

______ ______ ______ ╱│ │ ╱│ │ ╱│ │ /_│ │ → /_│ │ → /_│ │ │ │ → │ │ → │ │ │ EFI │ → │ EFI │ → │ EFI │ │_______│ │_______│ │_______│ BOOTX64.efi grubx64.efi grubx64_real.efi (shim) (FileAuthentication (GRUB2) override) ↓↓↓ ↑ ↑ ______ ↑ ╱│ │ ║ /_│ │ ║ │ │ ═══════════╝ │ EFI │ │_______│ MokManager.efi (Key enrolling tool)

Super UEFIinSecureBoot Disk is a bootable image with GRUB2 bootloader designed to be used as a base for recovery USB flash drives.



Key feature: disk is fully functional with UEFI Secure Boot mode activated. It can launch any operating system or .efi file, even with untrusted, invalid or missing signature.



The disk could be used to run various Live Linux distributions, WinPE environment, network boot, without disabling Secure Boot mode in UEFI settings, which could be convenient for performing maintenance of someone else's PC and corporate laptops, for example, with UEFI settings locked with a password.



The image contains 3 components: shim pre-loader from Fedora (signed with Microsoft key which is pre-installed in most motherboards and laptops), modified Linux Foundation PreLoader (disables digital signature verification of executed files), and modified GRUB2 loader.



On the first boot it's necessary to select the certificate using MokManager (starts automatically), after that everything will work just as with Secure Boot disabled—GRUB loads any unsigned .efi file or Linux kernel, executed EFI programs can load any other untrusted executables or drivers.



To demonstrate disk functions, the image contains Super Grub Disk (a set of scripts to search and execute OS even if the bootloader is broken), GRUB Live ISO Multiboot (a set of scripts to load Linux Live distros directly from ISO file), One File Linux (the kernel and initrd in a single file, for system recovery) and several UEFI utilities.



The disk is also compatible with UEFI without Secure Boot and with older PCs with BIOS.

Signed bootloaders

PE

Silent

______ ______ ______ ╱│ │ ╱│ │ ╱│ │ /_│ │ /_│ │ → /_│ │ │ │ │ │ → │ │ │ EFI │ │ EFI │ → │ EFI │ │_______│ │_______│ │_______│ BOOTX64.efi grubx64.efi grubx64_real.efi (Kaspersky (FileAuthentication (GRUB2) Loader) override) ↓↓↓ ↑ ↑ ______ ↑ ╱│ │ ║ /_│ │ ║ │ │ ═══════════╝ │ EFI │ │_______│ fde_ld.efi + custom chain.mod (Kaspersky GRUB2)

The end

About ZeroNet ZeroNet is a very powerful system for decentralized distributed dynamic web sites and services. The user starts downloading and seeding website data upon visiting it, following BitTorrent principle. But unlike other similar systems, ZeroNet allows creating full-fledged blogs with comments, forums, video hostings, wiki sites, chats, email and git.

ZeroNet splits website data from website code: the data is stored in .json files and combined into sqlite databases with defined scheme, which allows to implement mind-bending features: local search in all opened websites in a meaning of milliseconds, all-site real-time RSS-like update stream.

ZeroNet provides standardized authentication system similar to OAuth, NAT and Tor support.

The system works really fast, is user-friendly, has modern user interface with small but convenient features like global night/day theme switch for all sites.



I believe that ZeroNet is underrated and intentionally uploaded silent version of the disk only to ZeroNet Git, to attract new users.