Simple EFI runtime driver that hooks GetVariable function and returns data expected by Windows to make it think that it's running with secure boot enabled (faking secure boot)

Overview

SecureFakePkg

SecureFakePkg is a simple EFI runtime driver that hooks GetVariable function and returns data expected by Windows to make it think that it's running with secure boot enabled. In other words, it fakes secure boot status.

Please note: Before loading the driver, check that you have vendor (Microsoft) keys enrolled. If not, try enabling secure boot and then disabling it. You can check that they are enrolled with dmpstore -b command in EFI shell. You should see something like this.

screen0 screen1

Usage

In order to use SecureFakePkg, you need to load it. First, obtain a copy of SecureFakePkg.efi and a copy of EDK2 efi shell. Now follow these steps:

  1. Extract downloaded efi shell and rename file Shell.efi (should be in folder UefiShell/X64) to bootx64.efi
  2. Format some USB drive to FAT32
  3. Create following folder structure:
USB:.
 │   SecureFakePkg.efi
 │
 └───EFI
      └───Boot
              bootx64.efi
  1. Boot from the USB drive
  2. An UEFI shell should start, change directory to your USB (FS0 should be the USB since we are booting from it) and list files:
FS0:
ls
  1. You should see file SecureFakePkg.efi, if you do, load it:
load SecureFakePkg.efi
  1. Now you should see output from SecureFakePkg. If it was successful, exit and boot into Windows (change to Windows boot media - usually FS1 - and run \EFI\Boot\bootx64.efi)

Compiling

See VisualEfi.

Download

See UnknownCheats post for compiled version.

You might also like...
Hide SMBIOS/disk/NIC serials from EFI bootkit
Hide SMBIOS/disk/NIC serials from EFI bootkit

Rainbow Rainbow is a bootkit like HWID spoofer for Windows. It abuses several hooks in EFI runtime services and uses clever DKOM to hide hardware seri

ThatOS64 is for the youtube series on 64-Bit Kernel Development pre-loaded by the EFI
ThatOS64 is for the youtube series on 64-Bit Kernel Development pre-loaded by the EFI

Step by Step Tutorials on how to code a 64-Bit loader and kernel for OS Development NOTES Starting with CODE5, the resolution from the EFI file sets t

GNU-EFI fork without the bs.

reduced-gnu-efi =============== reduced-gnu-efi is a fork of GNU-EFI that strips out all code save for the relocation assembly stubs and the EFI head

Make screenshot every few minutes to make your small history!

Screenlapse Fun CPP application (which isn't well-made, can be optimized) that automatically make screenshots of your screen every few minutes and sto

x64 Windows kernel driver mapper, inject unsigned driver using anycall
x64 Windows kernel driver mapper, inject unsigned driver using anycall

anymapper x64 Windows kernel driver mapper, inject unsigned driver using anycall This project is WIP. Todo Fix: Can't make API calls from IAT nor func

Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.

Hygieia The Greek goddess of health, her name is the source for the word "hygiene". Hygieia is a windows driver that works similarly to how pagewalkr

Minimal freestanding C library for kernel dev. Think Rust's libcore but for C. (memutils, string formatting, etc)

Libcore Minimal freestanding C library. Features String formatting. Memory utils memcpy memmove memcmp String utils strlen strncpy strncmp Serial driv

External warzone cheat with manual mapped driver (function hook), overlay (nvidia hijack), simple esp, no recoil

external_warzone_cheat External warzone cheat with manual mapped driver (function hook), overlay (nvidia hijack), simple esp, no recoil Offsests are N

A single file, single function, header to make notifications on the PS4 easier

Notifi Synopsis Adds a single function notifi(). It functions like printf however the first arg is the image to use (NULL and any invalid input should

Owner
Samuel Tulach
otiosum#0001 | @ootiosum | 17 y/o bc1quqye8z97pcaymhy9gxaexqnt4ulryqtua0t82v
Samuel Tulach
🎨 A secure boot compatible in-memory UxTheme patcher

SecureUxTheme About SecureUxTheme is a software that removes signature verification of styles from Windows. Features No system file modifications No d

null 1.5k Jan 8, 2023
A LoadLibrary injector for CS:GO that automatically bypasses Trusted Mode by disabling various Win32 function hooks.

TrustedInjector This is a LoadLibrary injector for Counter-Strike: Global Offensive. Information It automatically bypasses trusted mode by removing ho

Brandon 19 Jan 6, 2023
Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.

CosMapper Loads a signed kernel driver (signed with leaked cert) which allows you to map any driver to kernel mode without any traces of the signed /

null 157 Jan 2, 2023
VGG Runtime for loading design and running emulated apps.

VGG Runtime A design engine capable of loading design drafts as well as running design as an emulated app. Features Game-engine-like ECS architecture

Very Good Graphics 21 Nov 24, 2022
OCaml bytecode running on the nRF52840 board, using the OMicroB runtime with RIOT OS.

omicrob-riot-nrf52 This project gets OCaml bytecode running on the nRF52840 board. It uses OMicroB for the runtime and bytecode optimisation, and RIOT

Ben Andrew 7 Sep 23, 2022
OCaml bytecode running on the nRF52840 board, using the standard OCaml runtime with RIOT OS.

ocaml-riot-nrf52 This project gets OCaml bytecode running on the nRF52840 board. It uses the standard OCaml runtime, and RIOT OS for the base layer be

Ben Andrew 8 Mar 28, 2022
Opencore-based Hackintosh EFI and guide for Lenovo Thinkpad X1 Carbon Gen 7

macOS on Thinkpad X1 Carbon 7th Generation OpenCore-based Hackintosh EFI and guide for Lenovo Thinkpad X1 Carbon Gen 7. This guide has been generated

Aidan Chandra 35 Dec 19, 2022
fortnite cheat external that uses efi drivers and is updated

fortnite-external-efi-drivers fortnite cheat external that uses efi drivers and is updated ALL CREDITS TO CHASE: https://github.com/Chase1803 i just u

null 12 Dec 18, 2022
Basic EFI with Opencore for AMD Ryzen and Threadripper

BASE EFI AMD - Ryzen and Threadripper (1XXX, 2XXX, 3XXX, 4XXX, 5XXX) and Athlon 2xxGE Note Description Initial macOS Support macOS 10.13, High Sierra.

Gabriel Luchina 58 Dec 26, 2022
A simple implementation of a parser and its use to calculate simple mathematical expressions

Calculator C Parser A simple implementation of a parser and its use to calculate simple mathematical expressions I haven't written a detailed descript

Romes 14 Nov 8, 2021