Binary Golfing UEFI Applications - Recon 2024

Explore the development of the smallest self-replicating UEFI application in this 44-minute conference talk from Recon 2024. Delve into UEFI architecture, the UEFI x64 ABI, and techniques for writing UEFI applications in x86_64 assembly. Learn about Tianocore EDK2 image loader internals, QEMU automation, and effective binary golf strategies specifically for UEFI PEs. Discover how to peel back UEFI's abstraction layers, understand the inner workings of applications, and see what can be accomplished with minimal payloads. The talk also covers methods to obfuscate hand-crafted binaries to reduce detection. Presented by Netspooky, a security researcher who founded the Binary Golf Grand Prix, co-founded the Linux VX zine tmp.0ut, and has extensive experience in protocol reverse engineering, file format hacking, industrial control systems, firmware development, and embedded device security.