
Exploiting Signed Bootloaders to Circumvent UEFI Secure Boot - mmphosis
https://habr.com/en/post/446238/
======
rolph
Im all for takeing back the ownership of hardware platform.

This apparently requires a Kaspersky rescue GRUB, shim, and a small bit of
porting skill.

" Red Hat GRUB Secure Boot repository[2], the only problem—PE header parser is
missing. GRUB gets parsed header from shim, in a response to a function call
via a special protocol. This could be easily fixed by porting the appropriate
code from the shim or PreLoader to GRUB."

[1] [https://habr.com/en/post/446238/](https://habr.com/en/post/446238/)

[2]
[https://github.com/rhboot/grub2/tree/grub-2.02-sb](https://github.com/rhboot/grub2/tree/grub-2.02-sb)

[3] [https://techcommunity.microsoft.com/t5/Windows-Hardware-
Cert...](https://techcommunity.microsoft.com/t5/Windows-Hardware-
Certification/Microsoft-UEFI-CA-Signing-policy-
updates/ba-p/364828?advanced=false&collapse_discussion=true&q=uefi&search_type=thread)

