Forum RSS Feed Follow @ Twitter Follow On Facebook

Thread Rating:
  • 11 Vote(s) - 4.64 Average
  • 1
  • 2
  • 3
  • 4
  • 5
[-]
Welcome
You have to register before you can post on our site.

Username:


Password:





[-]
Latest Threads
Lenovo ThinkPad SL510 Whitelist Removal....
Last Post: deepTeNk
Today 03:32 PM
» Replies: 5
» Views: 6350
[REQUEST] HP Pavilion G42-272BR Whitelis...
Last Post: eepromm
Yesterday 01:55 AM
» Replies: 0
» Views: 100
[REQUEST] Lenovo G710 BIOS Whitelist Rem...
Last Post: voyageur
11-21-2024 04:33 PM
» Replies: 475
» Views: 167266
[REQUEST] Acer Aspire 5738(G,Z): CPU Upg...
Last Post: DeathBringer
11-21-2024 03:44 PM
» Replies: 49
» Views: 32880
[REQUEST] HP Mini 110-4100 BIOS Unlock
Last Post: DSI INF
11-21-2024 09:24 AM
» Replies: 7
» Views: 247
[REQUEST] Lenovo IdeaPad U310 & U410 (65...
Last Post: Dudu2002
11-21-2024 03:11 AM
» Replies: 1780
» Views: 494837
Lenovo ThinkCentre M715q 2nd Gen & AMD R...
Last Post: Elmurley
11-20-2024 09:37 PM
» Replies: 2
» Views: 1292
[REQUEST] Lenovo Y50-70 (9ECNxxWW) White...
Last Post: SWZSSR
11-20-2024 09:34 PM
» Replies: 1775
» Views: 553898
[REQUEST] Lenovo Thinkpad X240 (GIETxxWW...
Last Post: Dudu2002
11-20-2024 04:58 PM
» Replies: 337
» Views: 143556
Unlock bios insyde
Last Post: Matox3140
11-19-2024 03:40 PM
» Replies: 0
» Views: 216
Whitelist WIFI card removal Lenovo Yoga ...
Last Post: Dudu2002
11-19-2024 12:58 PM
» Replies: 1
» Views: 223
[REQUEST] H310 MSI Gaming Infinite S (MS...
Last Post: awittyusername
11-19-2024 09:21 AM
» Replies: 10
» Views: 137
[REQUEST] Gigabyte GA-B85M-HD3 Rev 2.0 u...
Last Post: Maduli
11-19-2024 02:22 AM
» Replies: 0
» Views: 166
[REQUEST] Lenovo Ideapad 330-15ICH BIOS ...
Last Post: Dudu2002
11-18-2024 01:25 PM
» Replies: 8
» Views: 1908
[REQUEST] Lenovo ThinkPad Edge E330 (H3E...
Last Post: Dudu2002
11-18-2024 01:23 PM
» Replies: 640
» Views: 221231
[Request] Unlocked Bios for Asus TUF FX5...
Last Post: FlT4ever
11-18-2024 01:05 PM
» Replies: 1
» Views: 428
[REQUEST] Lenovo ThinkPad Edge E125(v1.1...
Last Post: kamome74
11-18-2024 10:43 AM
» Replies: 0
» Views: 211
[REQUEST] Xpg 15g 4070 2023ver InsydeH20...
Last Post: MireVelli
11-18-2024 07:26 AM
» Replies: 2
» Views: 207
Please help me recover my bios
Last Post: FuryOP
11-17-2024 12:37 PM
» Replies: 0
» Views: 223
[Request-Camilo] Sony Vaio SA/SB/SC/SD/S...
Last Post: edit
11-17-2024 12:13 PM
» Replies: 107
» Views: 136968

(UEFI) Dell XPS 15z L511z modded BIOS - and HOWTO
(02-01-2012, 07:10 PM)AHMED HOSSAM Wrote: i will make another 2 or 3 mods now for the Jkbuha to try as i have disassembled his module and managed to do some changes in it ......... then i will make all mods into your modules to try if you want that .

Hey Ahmed hope you're well Smile

Just a quick heads up to let you know that a new version of the 15z BIOS came out today (A09) but there were no changes in the setup module CFEF94C4-4167-466A-8893-8779459DFA86_1_1048.ROM - so that means that we can continue making changes on the same file Smile

Let me know if/when you have any new mods to test!

Cheers
jkbuha

find
quote
Hi All ,

I will be busy for the next 2 or 3 days and have just uploaded all finished mods for requests in PHOENIX section for this reason ...... aslo i don`t want you to wait for me .... we all will solve this and unlock the BIOS soon , i`m sure from this .

here is somethings to try :-

---This is where menus are initialized in Jkbuha`s BIOS ........ the first marked instruction is the one calling the ADVANCED tab ( which has disappeared as i noped this instruction ) .
and the second marked one is a menus as well but haven`t tried noping this instruction to knew what menu is it .

--------- i think you see that after these instructions is lea instruction for CFEF94C4.......etc which is the name of your setup module ! Big Grin -------------


[Image: uefisetup1.png]


---------- double click on the advanced menu instruction ( double click on the qword_3FB90 ) then you will be directed to this pic .

-- the q_word marked by yellow is the advanced menu and the one above it is the other menus which i don`t knew its name .

-- the other q_word found under the advanced menu ....... some of them are menus and the others are not .


[Image: uefisetup2.png]



------- then you will go down slowly and find more q_word which some of them are menus till you reach the UNICODE and sure this is not a menu .

-- the next two q_word after the UNICODE string may be menus .......... but after these 2 you will not find any valid things for menus .

[Image: uefisetup2.png]


what i`m managing to do is replacing the ADVANCED tab calling instruction :-

at offset 414A0

lea rcx , qword_3F9B0

replace the 3F9B0 with another one from what we have found in this pic :-

[Image: uefisetup2.png]

[Image: uefisetup3.png]

for example we the 3F9B0 with 3F9A0 or 3FA00 or any other one .
if we replaced the ADVANCED tab with a hidden tab , the hidden tab will appear and we get this BIOS unlocked .

sure the final mod will not replace the ADVANCED tab but we try first to see the hidden menus .

for you KASAR , you setup utility has the same structure but not the same offests , its easy to try it as well .

i will be back in 3 days to continue with you , and post any results here to let me knew any news .
aslo , you are free if you want to wait for me to modify it but i told my self that i don`t want you to wait more time Smile


"Many of life's failures are people who did not realize how close they were to success when they gave up." Smile
find
quote
@ahmed

well, I will wait for you ^_^
thanks to you, we did huge progress, also to be honest I dont have to many idea about those stuff, thats why I still need you Big Grin


question: what version of IDA software are you using? also,free or non free version?
(It looks a bit difficult to use anyway :o)

oh, I noticed about another file wich can be opened with the phoenix slic tool

it is 4A538818-5AE0-4EB2-B2EB-488B23657022_0_4.ROM


Since my bios seems like a tree extructure, making neccesary to unpack and repack everything in order, this is the current bios extructure I discovered for the moment.

[Image: biose.png]


find
quote
Hey Ahmed

Thanks for the useful info. Unfortunately replacing lea rcx , qword_3F9B0 with the following offsets:

qword_3F9C0
qword_3FA00
qword_3FA90
qword_3FAC0

successfully removed the Advanced Menu, but did not replace it with anything else! So all that changed was that the Advanced Menu disappeared, leaving only the remaining menus.

Any thoughts?

Cheers
jkbuha
find
quote
after replacing the call of the advanced menu to a call for another qword_xxxx ...... have you made sure its called correctly in the file by disassembling it again to see if the call was replaced correctly !

after you replace bytes and save the file ..... disassemble it using IDA to see if the call was correctly replaced and the new call points to the correct offset you need .


"Many of life's failures are people who did not realize how close they were to success when they gave up." Smile
find
quote
(02-07-2012, 06:15 AM)AHMED HOSSAM Wrote: after replacing the call of the advanced menu to a call for another qword_xxxx ...... have you made sure its called correctly in the file by disassembling it again to see if the call was replaced correctly !

after you replace bytes and save the file ..... disassemble it using IDA to see if the call was correctly replaced and the new call points to the correct offset you need .

Yes I did - in IDA in fact. It's quite easy to do so (and check).
Unfortunately no success with unlocking the menu!

I also tried the same approach on offset 414c8 (lea rcx, qword_3F9A0) but same thing (Advanced Menu disappears).
find
quote
Hmmmm, seems more complex than i have expected.
I will look into this when I'm back home in 2 days.
Another thing , try noping the other call for the offest you are using.
For example, you replaced advanced with another qword, this qword was called from another routine, nop this call and make it only called from one routine .


"Many of life's failures are people who did not realize how close they were to success when they gave up." Smile
find
quote
(02-07-2012, 07:25 AM)AHMED HOSSAM Wrote: Hmmmm, seems more complex than i have expected.
I will look into this when I'm back home in 2 days.
Another thing , try noping the other call for the offest you are using.
For example, you replaced advanced with another qword, this qword was called from another routine, nop this call and make it only called from one routine .

Not sure I've understood that, but I'll have a play about and see what happens.

On a related note, something just occurred to me. Surely there must be a way to load the BIOS in an emulator/simulator such as what we do in Vmware/Virtualbox? Any thoughts or ideas?

Cheers
jkbuha

find
quote
(02-07-2012, 08:22 AM)jkbuha Wrote: On a related note, something just occurred to me. Surely there must be a way to load the BIOS in an emulator/simulator such as what we do in Vmware/Virtualbox? Any thoughts or ideas?
yeah, I also though about that, it will decrease the risk since the number of flashes would drastically reduced, and also it would be faster while testing stuff,also would be really usefull to test custom menus, however not sure if there is already something like that avalible, googled several times for it and didnt found anything even similar.

maybe it could be a way to replace vmware stock BIOS with ours, but probaly not easy as it has been said.

well, I heard phoenix bios editor software had a feature to edit and test bios menus, the bad news is that i never got PBE working with my bios :o

find
quote
hi, im the owner of a l502x that is mentioned on ur topic so i picked up the 550 bios mod and flashed. all was ok under windows. pc rebooted and the flash program popped up normally, so the programming process was all quite good. after 5 seconds pc rebooted and nothing happened. the caps led is on, screen is off and the fan speed is stuck at 100% and pc is frozen. any suggestion on how to rcover it?
find
quote


Forum Jump:


Users browsing this thread: 38 Guest(s)