Welcome
|
You have to register before you can post on our site.
|
|
General method to remove whitelist from Insyde BIOS
|
Posts: 298
Threads: 0
Joined: Jul 2009
Reputation:
35
04-26-2011, 07:17 PM
(This post was last modified: 04-26-2011, 07:19 PM by TTAV134.)
i was not clear enough: same problem than HP2540, this bios is not hackable.
note: ADDCC tool is not applicable for EFI bios!!
Posts: 1
Threads: 0
Joined: Oct 2009
Reputation:
0
06-13-2011, 11:01 PM
(This post was last modified: 06-13-2011, 11:02 PM by cacaurj.)
Hello TTAV!
Could you please mod this BIOS?
ftp://ftp.hp.com/pub/softpaq/sp51501-52000/sp51636.exe
Thanks !
Sorry, forgot to mention..
It´s a HP DV4-2040BR Intel Processor
Thanks again!
Posts: 14
Threads: 2
Joined: Jun 2011
Reputation:
0
06-14-2011, 04:49 PM
(This post was last modified: 06-14-2011, 04:53 PM by Technology.)
(08-03-2010, 02:00 PM)hspumanti Wrote: 10. Open a command prompt and navigate to where you saved the file and type debug something.com, you should get a '-' prompt, type u and hit enter and you should see something like this. See step3.jpg.
The first column is memory addresses, the 2nd column is instruction bytes and the rest are Intel mnemonics.
11. Now we need some elementary assembly skills to find what we are looking for. Debug will show the mnemonics for the instructions. Debug doesn't handle 386 instructions well so you may see a few ??? but we should be able to find what we need. Look for a test al,al followed by a jnz {address}. The unassemble should have addresses on the left and they should correspond to the addresses in the debug so you can then -u {address} to see what happens at the jump to locations. See step4.jpg.
12. Now that we know what to change write down a about 6 or so of the bytes ending with the 75 and the following byte (27 in the step 4 example) and go back to WinHex and from the start of our program (the «55 8b ec» bytes) search for the bytes you recorded. Make sure everything around matches your debug window and replace 75 (JNZ short) with eb (JMP short). eb is an unconditional jump and will exit the routine so we don't get to the infinite loop. See step5.jpg.
Mark
I have a problem, when i get to step 10 and its time to do the
"debug 'something'.com" it says "insufficient memory"... Then i get the "-" prompt and i can still do the "u" but i keep searching and searching and i get everything but test and jnz...
Also, if possiable, could anyone mod my bios? my computer is an hp g50-118NR and i want to remove the whitelist.. Heres the post i made requesting for help: http://www.bios-mods.com/forum/Thread-Re...val-hp-g50
Posts: 2,297
Threads: 39
Joined: Jun 2011
Reputation:
156
06-15-2011, 04:43 AM
(This post was last modified: 06-15-2011, 06:39 AM by camiloml.)
(06-14-2011, 04:49 PM)Technology Wrote: (08-03-2010, 02:00 PM)hspumanti Wrote: 10. Open a command prompt and navigate to where you saved the file and type debug something.com, you should get a '-' prompt, type u and hit enter and you should see something like this. See step3.jpg.
The first column is memory addresses, the 2nd column is instruction bytes and the rest are Intel mnemonics.
11. Now we need some elementary assembly skills to find what we are looking for. Debug will show the mnemonics for the instructions. Debug doesn't handle 386 instructions well so you may see a few ??? but we should be able to find what we need. Look for a test al,al followed by a jnz {address}. The unassemble should have addresses on the left and they should correspond to the addresses in the debug so you can then -u {address} to see what happens at the jump to locations. See step4.jpg.
12. Now that we know what to change write down a about 6 or so of the bytes ending with the 75 and the following byte (27 in the step 4 example) and go back to WinHex and from the start of our program (the «55 8b ec» bytes) search for the bytes you recorded. Make sure everything around matches your debug window and replace 75 (JNZ short) with eb (JMP short). eb is an unconditional jump and will exit the routine so we don't get to the infinite loop. See step5.jpg.
Mark
I have a problem, when i get to step 10 and its time to do the
"debug 'something'.com" it says "insufficient memory"... Then i get the "-" prompt and i can still do the "u" but i keep searching and searching and i get everything but test and jnz...
Also, if possiable, could anyone mod my bios? my computer is an hp g50-118NR and i want to remove the whitelist.. Heres the post i made requesting for help: http://www.bios-mods.com/forum/Thread-Re...val-hp-g50
40Mb com file???
real .com file has size limit of 64Kb and debug uses segmented memory in 64Kb sized segments.
Try reducing the selection before saving hi.com to 2 or 3 pages only not the whole bios.
When you end up with a .com file with less than 64Kb debug will load it properly.
Nice day.
Camilo.
Edit: This is the sencond BIOS i mod this days, i will put them in my mediafire folder. You can find yours there. Nice day
Folder with Modded Bios
BIOS REPOSITORY. Please consider donating ( me or forum) if you like my work.
Please remember to come back and leave feedback. I hate leech and disappear thing.
Nice day.
Camilo.
Posts: 12
Threads: 0
Joined: Jun 2011
Reputation:
0
(08-03-2010, 02:00 PM)hspumanti Wrote: I have figured out how to remove the whitelist from most (all) Insyde BIOSes. I used the F.34 BIOS for a Compaq Presario C700 series for this how to. You will need the EzH2O and WinHex tools. Using these tools I was able to figure out the byte that needed to be changed to ignore the PCIe wireless whitelist altogether. After not being able to find my subsys codes, I started looking around a bit. I found the 104 - Unsupported wireless network device detected string in the memory dump and the Microsoft EXE signature just above which lead to the breakthrough (at least for me). What follows is a general procedure to allow you to modify your own BIOS safely (I hope).
1. obtain your bios.fd file obtained from HP (or whatever manufacturer)
2. use Insyde BIOS editor - EZH2O (I used EZH20 2.1.0.4)
3. run exh2o.exe, open the file bios.fd
4. run WINHEX
5. Tools -> OpenRAM -> Ezh2o -> Entire Memory
6. Find HEX Values -> «31 00 30 00 34 00 2d 00 55», this should be the be the first part of the '104-U...' error string in wide character format (2 bytes/char) see step1.jpg.
7. from here search up and find HEX values «4d 5a», you can just scroll up a few pages till you see 'MZ' in the ASCII pane. This is the code that MS uses for start of an EXE. Somewhere between here and the 104 string is where we need to find and modify the JNZ (byte code 75)
8. You will notice that there is a lot of blank space around and below the 'MZ', this is header information and is of no interest. Scroll down till the ASCII pane no longer is mostly blanks, about a page, you should see «55 8b ec», this is the start of the program and is setting up the stack
9. Now click on the 55 and drag the mouse down to the next 'MZ' code about 1-2 pages on my BIOS, and then click Edit -> Copy Block -> Into New File and name the file Something.com. The .com is important as we will load it with debug. Refer to step2.jpg.
10. Open a command prompt and navigate to where you saved the file and type debug something.com, you should get a '-' prompt, type u and hit enter and you should see something like this. See step3.jpg.
The first column is memory addresses, the 2nd column is instruction bytes and the rest are Intel mnemonics.
11. Now we need some elementary assembly skills to find what we are looking for. Debug will show the mnemonics for the instructions. Debug doesn't handle 386 instructions well so you may see a few ??? but we should be able to find what we need. Look for a test al,al followed by a jnz {address}. The unassemble should have addresses on the left and they should correspond to the addresses in the debug so you can then -u {address} to see what happens at the jump to locations. See step4.jpg.
12. Now that we know what to change write down a about 6 or so of the bytes ending with the 75 and the following byte (27 in the step 4 example) and go back to WinHex and from the start of our program (the «55 8b ec» bytes) search for the bytes you recorded. Make sure everything around matches your debug window and replace 75 (JNZ short) with eb (JMP short). eb is an unconditional jump and will exit the routine so we don't get to the infinite loop. See step5.jpg.
13. In WinHex save your change by clicking on the disk icon
14. Switch to EzH2O, File -> Save AS
15. Put your modified BIOS (and only that BIOS) where the flash utility can find it and start InsydeFlash and let it do it's thing.
16. Sometimes after flashing the machine may appear bricked but turn it off remove power and battery and then reapply power and turn it on. If it still doesn't come up Google for the procedure to use a USB memory stick to get your computer back. Might be a good idea to prepare the flash drive before you flash your BIOS.
Mark
hi,
I have the dv6-6030el and with an other member of this forum i wos able to have a mod bios (*.rom) but i don't know i can flash it...can you help me?
thanks a lot
Giorgio
Posts: 14
Threads: 2
Joined: Jun 2011
Reputation:
0
Posts: 4
Threads: 0
Joined: Jul 2011
Reputation:
0
Hey I was trying to do this method but I am in windows 7 so no debug.exe
Can I have the whitelist bypassed for the following:
-Manufacturer: HP
-Motherboard Model: dm4-2070US
-Bios revision: f.04
-Bios Type: insyde
-Bios Download Link: ftp://ftp.hp.com/pub/softpaq/sp53001-53500/sp53126.exe
The Id's of my current Wifi card:
Current: PCI\VEN_8086&DEV_0084&SUBSYS_13158086&REV_00
The Id's of the new card:
New: PCI\VEN_168C&DEV_002E&SUBSYS_E030105B&REV_01
Also I have a dump of the bios here: http://www.mediafire.com/?rz8d033ec6j8tnq
Thanks in advance.
Posts: 2,297
Threads: 39
Joined: Jun 2011
Reputation:
156
(07-08-2011, 12:29 AM)bssayeda Wrote: Hey I was trying to do this method but I am in windows 7 so no debug.exe
Can I have the whitelist bypassed for the following:
-Manufacturer: HP
-Motherboard Model: dm4-2070US
-Bios revision: f.04
-Bios Type: insyde
-Bios Download Link: ftp://ftp.hp.com/pub/softpaq/sp53001-53500/sp53126.exe
The Id's of my current Wifi card:
Current: PCI\VEN_8086&DEV_0084&SUBSYS_13158086&REV_00
The Id's of the new card:
New: PCI\VEN_168C&DEV_002E&SUBSYS_E030105B&REV_01
Also I have a dump of the bios here: http://www.mediafire.com/?rz8d033ec6j8tnq
Thanks in advance.
Ensure you have proper tools to recover in case of something goes wrong.
http://www.mediafire.com/?is6dt9lxh7jo14l
Flash with included InsydeFlash.exe
Download and flash at your own risk
BIOS REPOSITORY. Please consider donating ( me or forum) if you like my work.
Please remember to come back and leave feedback. I hate leech and disappear thing.
Nice day.
Camilo.
|
Users browsing this thread: eepromm, 2 Guest(s)
|