Ouch!


 
Thread Tools Search this Thread
Special Forums Cybersecurity Ouch!
# 1  
Old 07-06-2016
Ouch!

Not sure if this is the correct forum but a 0 day exploit of UEFI...

My aimful life: Exploring and exploiting Lenovo firmware secrets
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question
PESIGN-CLIENT(1)					      General Commands Manual						  PESIGN-CLIENT(1)

NAME
pesign-client - command line tool for signing UEFI applications SYNOPSIS
pesign [--in=infile | -i infile] [--out=outfile | -o outfile] [--export=exportfile | -e exportfile] [--token=token | -t token] [--certificate=nickname | -c nickname] [--unlock | -u] [--kill | -k] [--sign | -s] [--pinfd=pinfd | -f pinfd] [--pinfile=pinfile | -F pinfile] DESCRIPTION
pesign is a command line tool for manipulating signatures and cryptographic digests of UEFI applications. OPTIONS
--unlock Unlock the specified token. A PIN - specified by one of --pinfd, --pinfile, or the environmental variable PESIGN_TOKEN_PIN - is required for this operation to succeed. The PIN may be empty, if that is what is required for the token specified with --token. --pinfd=pinfd When using --unlock, read the token's PIN from the open file descriptor pinfd. --pinfile=pinfile When using --unlock, read the token's PIN from the file pinfile. --sign Sign the binary specified by infile. --detached When used with --sign, write the signature to outfile. --in=infile When used with --sign, specify the input binary. --out=outfile When used with --sign, specify output file. If --detached is specified, this will be a DER-formatted signature. Otherwise, the output will be the signed PE binary. --token=token When used with --unlock or --sign, use the specified NSS token's certificate database. --certificate=nickname When used with --sign, use the certificate database entry with the specified nickname for signing. --kill Terminate the signing server. SEE ALSO
pesign(1) AUTHORS
Peter Jones Mon Oct 15 2012 PESIGN-CLIENT(1)