[REQUEST] Lenovo Thinkpad T430 (G1ETxxWW) Whitelist Removal

[ucupsz]

hi donovan6000!
thanks for your reply.
i'm lost with your explanation.. hehehehe
i guess i need more research on this issue.
btw, is h20 insyde and phoenix share the same idea/code?
i saw in andy's tool that when i opened my T430 using it, it shown that the bios is EFI/insyde bios.
but all other discussion lead me to believe that it is phoenix's.

Insyde secure flash is certainly annoying lol

I guess I'll contribute a little bit. Get ready for a long post! When a new rom is flashed via Insyde's programs, it is flashed to a reserved space on the bios chip which is 20MB ( according to the source code). Then immedialey after the computer restarts, then old bios verifies the new bios before overwiriting itself with it. Then the new bios is fully in place.

Since it is the old bios which is verifying the new bios, we can't modify the secure flash verification process since it would require modifying the old rom somehow. Here's some of the code that the old rom preforms at the end of the verifccation process.

Code:

if (*ErrorStatus == EFI_ACCESS_DENIED) {
do {
IfrLibCreatePopUp (8,
&Key,
L"",
L" InsydeH2O - Secure Flash ",
L"",
L" Error : Invalid firmware image!!! ",
L"",
L"",
L" Please press any key to reset system...... ",
L""
);
} while (Key.UnicodeChar == CHAR_NULL);
} else if (*ErrorStatus == EFI_SUCCESS) {
do {
IfrLibCreatePopUp (8,
&Key,
L"",
L" InsydeH2O - Secure Flash ",
L"",
L" Status : Finish!!! ",
L"",
L"",
L" Please press any key to reset system...... ",
L""
);
} while (Key.UnicodeChar == CHAR_NULL);
} else {
do {
IfrLibCreatePopUp (8,
&Key,
L"",
L" InsydeH2O - Secure Flash ",
L"",
L" Error : Firmware update failed!!! ",
L"",
L"",
L" Please press any key to reset system...... ",
L""
);
} while (Key.UnicodeChar == CHAR_NULL);
}

The digital signature for the new rom isn't limited to a fixed hash algorithm. It can be any of the following. Most manufacturers go with one of the asymmetric encryption algorithms, so it's something we can easily change accuratley

Code:

Sha1
Sha224
Sha245
Sha384
Sha512
Md5
Tdes
Aes
Rsa
Pkcs7
X509

This digital signature is stored in the extra space in the bios rom. You'll notice that the Insyde secure roms are slightly bigger than what they should be. They are also PE32 programs, which you can verify by looking at their header. This program is run by Insyde's flasher programs and it will usually overwrite platforms.ini with an unmodified version to make modifying platforms.ini useless. However my tests have shown that any modifications to platforms.ini's secure flash settings is useless anyway.

So what if we extract the pure rom from the securre flash rom and try to flash that? Thanks to the research done by BDMaster, this is simple Unfortunatley InsydeFlash.exe will make sure the rom is secure before flashing it. Special thanks to the person who was willing to test out my ideas on their computer lol

So lets bypass that error to make it flash the pure rom.

So we look up what that error message corresponds to in Iscflash.dll, and we find out that it is a write permission error. And here's where I'm stuck lol The region of the bios chip that contains the current bios is locked. So we can't directly overwrite it with InsydeFlash.exe. I have some more ideas, but nothing I want to make public right now If I ever buy a laptop that has Insyde Secure bios, then I'll be able to experiment more

[donovan6000]

All EFI/UEFI uses Intel's opensource code and compiler as a base. Because of this, they all have to stick to the same standards for everything. That's why we can now develop tools that can easily work on all EFI/UEFI instead of having to focus on just one brand. That's why Insyde, Phoenix, and Aptio are all very similar.

[Mysticcal]

Question about the T430, I was looking to run a mini PCIE raid card and I don't get the "unauthorized card inserted" upon start, it just doesn't recognize it at all, would going through these steps to remove the whitelist allow it to be recognized? I'm worried that the card isn't compatible with the motherboard in the first place.

[BDMaster]

Question about the T430, I was looking to run a mini PCIE raid card and I don't get the "unauthorized card inserted" upon start, it just doesn't recognize it at all, would going through these steps to remove the whitelist allow it to be recognized? I'm worried that the card isn't compatible with the motherboard in the first place.

After a request I reuploaded a Bios Mod here new link :

http://rghost.net/55120590

regards

[patitki]

Hi and what is the result of your investigation, did you already remove a whitelist, I have the same problem

[Gyuri111]

Hello! I have a problem with my Lenovo T430.
I got a new Broadcom PCI card, but the error:
1802: Unauthorized network card is plugged in... 
I tried the no-1802.iso, but in the screen: 

To remove the 1802 error, type "no-1802" (no quotes) and press Enter..

Again, and again i got the A:\

and nothing...

I don't found removed whitelist bios version of me.
Please, help me.


Lenovo T430 with win7 64 bit
BIOS version: UEFI 2.66 G1ETA6WW
BIOS download link: g1uj33us.exe

Thank you very much!

[Gyuri111]

I uploaded the BIOS file to rghost.net

http://rghost.net/7tMh5gT79

[BDMaster]

Hi friend,
use this toolo run It as Admin and upload the result file here :

http://rghost.net/58219938

use this tool too and do he same :

http://rghost.net/53128665

let me know
regards

[Gyuri111]

okay, this is the backup from my bios.

download link: http://rghost.net/8jkX2rBSK

or the attached rar.

[Michu_z]

Hi BDMaster and ucupsz!

I want to ask about progress in BIOS hack for keymapping for Tx30 ThinkPad series... Do you have any progress in this topic? We had already a small discussion on another forum about this issue: look

To bring some more light on our issue: Classic Keyboard on XX30 Series ThinkPads ;-)

Thank you in advance for your answer.