I've tried to open your mod with itoolkit_4.0.1.258 and wanted to re-save it for comparison. Unfortunately the ITK refuses to open your mod. The original bios opens fine though. Edit: A way to figure about sums could be to edit some bytes at physical memory directly and let ITK save the bios. Then have a look if the sums are changing somewhere?
Yen, thanks for good idea. I'll try it tomorrow. As for mod for Intel BIOS it's trivial. Intel UEFI BIOS already has the code which adds SLIC table. I just placed SLIC table on the place where it should be (original BIOS has zeros there) and patched some bytes to skip all the code which checks whether SLIC is present or not. And of course I changed OEM IDs.
FYI, if anyone needs testing with a new mod for the UEFI BIOS... just let me know and I'll be glad to help
Yeah. I think you are right. I think the certificates are in 2x 1296 byte GUID submodules at 274h and 1807A4h. I guess these are being checked as part of the EFI boot process...... so I guess that we have to find the code responsible and patch it as well. RC3 loads and extracts the BIOS fine here. Interestingly it doesn't extract a BIOS that has been thru ITK.... they don't update a FV checksum; so perhaps they don't matter too much. Andy
Andy, I suspect that I use your tool in a wrong way. Could you write here very shortly what should I do to change one EFI file with your tool?
Hi With pleasure (note for RC4): 1) Click the .. adjacent to original BIOS and load the original BIOS. Note: the BIOS cannot be open in any other program or there is an error (this is true for any output files as well) 2) Click the .. adjacent to SLIC file and load a SLIC file. 3) Select other as manufacturer 4) Select dynamic if you want existing SLIC elements replaced. Select SSV2 if you don't. (If you want nothing replaced then select SSV2 then tick 'don't alter ACPI tables' and untick 'replace all oem/table id strings') 5) If you want it to insert a manually modded module tick 'allow user to modify other modules' in advanced . 6) Click Go - If you ticked modify modules above, it will then pause and open a dialog box. Modify any module you want manually and THEN press OK to continue and finish. See PM for RC4. Andy
There was definitly a bug in RC3 version. I did all according to your instructions and had got wrong checksum in the top level file. But with RC4 everything is OK. "FIX: Improve correction of nested FV checksums" I think this fix has resolved the problem. Anyway, now tool works like a charm. Thanks for this very useful utility.
Why Dont U Guys Post The Link Here So that Others Can Test it.......... Is it Safe To Test This in intel D945GCNL M/B
middleton, andyp, Yen Thanks for your efforts! Regret to inform that neither middleton nor andyp mod is flashing. I tried F7 during POST and iflash2 Recovery mode I think is useless in this case. Ready to test new mods I Am really puzzled, How does Gateway manage to insert slic and normally flash the bios in this case? middleton says it a little different from original Intel BIOS. pkaji123 be patient. As soon as we get result with one board, it will become possible with all Intel boards.
It seems Intel has realised what is needed to avoid bios manipulation. I've posted at a discussion thread about how to prevent SLICing the bios. I suggested a Digital Signature that signs the bios. The only difference I suggested was to let W7 verify the signature not the UEFI boot process. The ITK tool only allows to modify modules which are not signed. So therefore forget about to use it as 'signing tool'... @anmg, the chances to break this are low..... at least from my point of view...The modules to be modified are signed. They are using a 'tool' to sign every bios (adding a unique signature to each bios they have made, in order to declare it valid), without knowing the algorithm, you have to break this..
The Digital Signature is static usually. We can try to learn it. Unpack original bios and build it again without modification. I'm sure you'll find the difference.
Yep... RC3 went forwards through the modules but RC4 goes backwards. If you have any suggestions, or if there is anything I can do or any features I can add let me know. Andy
I've sent a email to invisiblethingslab asking for when they want to publish the code. I will play with Intel bioses, wanna know why ITK refuses to open.... anmg, to figure about the signing algorithm..complex..can be changed by Intel.......impossible, it's like you would be able to write your own working SLIC... to cirumvent the validation is the only way....or to patch the validation...... every result that returns will be: Your bios is valid.