Thanks to visit codestin.com
Credit goes to github.com

Skip to content

xsh3llsh0ck/MilkBox

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
Example
Example
 
 
MilkBox
MilkBox
 
 
MilkBoxClient
MilkBoxClient
 
 
MilkFix
MilkFix
 
 
.gitignore
.gitignore
 
 
Doxyfile
Doxyfile
 
 
LICENSE
LICENSE
 
 
MilkBox.sln
MilkBox.sln
 
 
README.md
README.md
 
 

Repository files navigation

MilkBox

MilkBox - PoC of dumping EFI runtime drivers.

Demo

You can watch it here.

Usage

rtd - Locate runtime drivers (should be performed firstly)
wd - Write dump to binary file, dump location - "C:\MilkBox\"
ud - Uninstall driver
ex - Exit from program

Compilation

The MilkBox driver is compiled by any WDK designed for Windows 10 and above. The client is compiled with MSVC v143 or higher.

Restrictions

Since the driver is test signed only, you will need to disable DSE (Driver Signature Enforcement) while the driver is in use. PoC was only tested on a virtual machine. Although theoretically everything should be fine, but be careful if you use the driver on a physical machine.

Acknowledgments

Alex Ionescu, Satoshi Tandasat (for some tricks with physical memory which I implemented too).

Credits

0x00Alchemist (2023 - 2024)

About

Tool to dump EFI runtime drivers.

Topics

reverse-engineering uefi

Resources

Readme

License

WTFPL license
Activity

Stars

37 stars

Watchers

3 watching

Forks

4 forks
Report repository

Releases 1

MilkBox 1.0 Latest
Feb 23, 2024

Packages

No packages published

Languages