You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Sep 22, 2022. It is now read-only.
I know this is called unME11, but in Intel ME: The Way of the Static Analysis TXE 3 was discussed as well. So I wanted to try unME11 on the TXE 3 which was targeted by your IntelTXE-PoC. Specifically I wanted to see the data parsed out from slide 28 "Ext#4: Shared Lib" since currently AFAIK neither UEFITool nor MEAnalyzer prints that extension info (Edit: OK actually MEAnalyzer does...). But I'd like to see the parsed versions like appear in the talk.
So I used 3.0.1.1107_B_PRD_RGN.bin from here and I get:
python2.7 unME11.py ../3.0.1.1107_B_PRD_RGN.bin
. Processing CPD at 0x1000
. Processing CPD at 0x9A000
. Processing CPD at 0xA4000
. Processing CPD at 0x1AE000
- Module pavp is encrypted
- Bad LZMA[0x3408C] header bd7fd292a621c1bf1d53354139dd8157f2
- hash NFTP.pavp[lzma]: 2b7efcdd61adcca53b1176a95134cdc25265f32a829fe408c6b9cb7f703d5c00
I know this is called unME11, but in Intel ME: The Way of the Static Analysis TXE 3 was discussed as well. So I wanted to try unME11 on the TXE 3 which was targeted by your IntelTXE-PoC. Specifically I wanted to see the data parsed out from slide 28 "Ext#4: Shared Lib" since currently AFAIK neither UEFITool nor MEAnalyzer prints that extension info (Edit: OK actually MEAnalyzer does...). But I'd like to see the parsed versions like appear in the talk.
So I used 3.0.1.1107_B_PRD_RGN.bin from here and I get:
And no final report.