Anyone know how to extract a Dell bios from the ****.exe?? How to modify the ROM?

Discussion in 'Windows 7' started by jeff69dini, Jun 29, 2009.

Thread Status:
Not open for further replies.
Page 5 of 30
  1. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    13,081
    13,978
    340
    #81 Yen, Jul 1, 2009
    I've tried a few Dell-Phoenix bioses. At some the calculation works. At these the hdr files are only a bit larger than the corresponding romfiles. With the others I've played...no success. I think somebody has to disassemble the crc check routine.....Dell has changed the checksum algorithm...to go by trial and error isn't a good way...

    Ozymandias is the only one who can try for a mod. But IMO there will be still a problem to update the marker version bytes. Dell reads and builds the SLIC with these elements:
    -reads OEM and OEMTable ID (restricted to Ah bytes, original Eh bytes)
    -reads pure encrypted pubkey data (RSA field)
    -reads pure encrypted marker data

    IMO an update to SLIC21 isn't possible anyway...the version bytes will stay at 00 00 00.......
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. shakeyplace

    shakeyplace MDL Addicted

    May 5, 2007
    867
    75
    30
    #82 shakeyplace, Jul 1, 2009
    Last edited: Jul 1, 2009
    Yes, I was going to attempt changing that code as I described earlier but I am unable to test. I did find on Dell site a general bios recovery routine though. Place the *.hdr file in the root of a drive, boot up. I assume one may be able to use CD or hard drive, possibly USB stick. It didn't say whether the hard drive had to be Fat32 or not...
    Just in case anyone needs that info, I haven't tested it either...
    I attempted flashing the rom file with flashrom (coreboot), no success
     
  3. shakeyplace

    shakeyplace MDL Addicted

    May 5, 2007
    867
    75
    30
    #83 shakeyplace, Jul 1, 2009
    Last edited: Jul 1, 2009
    I agree, the version bytes won't change, unless we can insert the 2.1 version code somehow, some of the extra bytes in the hdr file would explain the secondary flash that always flashes the "keyboard controller" after the bios flash. There is a additional rom there somewhere, must be a 64k controller...
     
  4. shakeyplace

    shakeyplace MDL Addicted

    May 5, 2007
    867
    75
    30
    #84 shakeyplace, Jul 1, 2009
    YES! figured out the hash!!!! The HDR file contains 2 Roms format as follows
    gonna test now
    54h header
    ROM
    4h header
    Keyboard ROM
    crc/crc

    for the first crc figure copy both rom into one file (just roms) compute crc32 and calculate from there!
     
  5. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    13,081
    13,978
    340
    #85 Yen, Jul 1, 2009
    Really??:eek:
    You're great!!!
    Could you please post the offset ranges for both roms to be copied into one file?

    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. shakeyplace

    shakeyplace MDL Addicted

    May 5, 2007
    867
    75
    30
    #86 shakeyplace, Jul 1, 2009
    don't work much with this stuff so hope you understand my explanation...
    OK here is what I did, works with the original files MM061A17...
    copied with winhex from original hdr file 00100058-00110057 inclusive (64K exactly, ie keyboard.rom, LAST 64K before the two crc32 checks at the end of the file) into new file then copied the entire mm061a17.rom (not hdr) in the same file at the start. compute crc32 of entire new file, got 4443C2E0. NOT'd it, reversed it got 3B 9F 3E BD, matches! First attempt to edit, flash didn't work, may be my editing or it may be the 4h between the two roms...
    gotta step out for a bit,....
     
  7. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    13,081
    13,978
    340
    #87 Yen, Jul 1, 2009
    Yeah, I did that, too. But when I operate NOT to 4443C2E0 it results to BBBC3D1F. This I did 2 hours before.....:confused:
    So I thought I did the wrong way.....
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. shakeyplace

    shakeyplace MDL Addicted

    May 5, 2007
    867
    75
    30
    #88 shakeyplace, Jul 1, 2009
    You get the right sum now? Did I explain that right? If I did, and you can confirm that, else I can post a couple sceen shots.. the value between the roms is 85 0A F9 73, that is not included in the crc32 calculation, if this doesn't work, perhaps that value will turn out to be another check value?
    yes it is!!!! got it written down!!!! just gotta double check where I calculated that one from!!!!
     
  9. shakeyplace

    shakeyplace MDL Addicted

    May 5, 2007
    867
    75
    30
    #89 shakeyplace, Jul 1, 2009
    Last edited: Jul 1, 2009
    Yes!!!! That is crc32 from rom file, NOT'd and reversed as before!!!!
    Now to confirm and work on the actual bios....
     
  10. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    13,081
    13,978
    340
    #90 Yen, Jul 1, 2009


    Sorry I don't get it:eek:. It's very hot in here:). I'll have a shower and try again.
    Fact is that I get CRC32 sum of the TWO roms in one file of 4443C2E0. Same value you've got. And when I NOT it it results to a different value, named: BBBC3D1F!!! Reversed: 1F 3D BC BB!

    You seem to be some steps ahead of me:D
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. shakeyplace

    shakeyplace MDL Addicted

    May 5, 2007
    867
    75
    30
    #91 shakeyplace, Jul 1, 2009
    I got, tell me if wrong...
    44 43 C2 E0
    E0 C2 43 44
    1F 3D BC BB
    Back in a few hours...
     
  12. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    13,081
    13,978
    340
    #92 Yen, Jul 1, 2009
    OMG! Yes, you did it. You did only a little mistake, which confused me so much.

    3B 9F 3E BD was wrong and I thought it was the checksum....
    4443C2E0 NOT results to the right one BBBC3D1F--->1F 3D BC BB


    Excellent work!:D:)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  13. shakeyplace

    shakeyplace MDL Addicted

    May 5, 2007
    867
    75
    30
    #93 shakeyplace, Jul 1, 2009
    The end of the original hdr file ;
    1F 3D BC BB AE FD 46 77
    crc32 of the entire hdr file up to, including BB : (88B90251)
    88 B9 02 51
    77 46 FD AE
    AE FD 46 77
    STRING BETWEEN THE TWO ROMS
    85 0A F9 73
    7A F5 06 8C
    8C 06 F5 7A = crc32 of rom file!!!!
     
  14. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    13,081
    13,978
    340
    #94 Yen, Jul 1, 2009
    Yes, and the CRC32 of the hdr file excluding the second checksum results to 88B90251. NOT'ED: 7746FDAE-----> AE FD 46 77 matches to the second one!!!

    Now you are ready for the mod!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  15. shakeyplace

    shakeyplace MDL Addicted

    May 5, 2007
    867
    75
    30
    #95 shakeyplace, Jul 1, 2009
  16. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    13,081
    13,978
    340
    #96 Yen, Jul 1, 2009
    Last edited: Jul 1, 2009
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  17. shakeyplace

    shakeyplace MDL Addicted

    May 5, 2007
    867
    75
    30
    #97 shakeyplace, Jul 2, 2009
    Last edited: Jul 2, 2009
  18. shakeyplace

    shakeyplace MDL Addicted

    May 5, 2007
    867
    75
    30
    #98 shakeyplace, Jul 2, 2009
  19. acky

    acky MDL Novice

    Jun 15, 2009
    15
    8
    0
    #99 acky, Jul 2, 2009
    i am so interested in your work shakey mate. i have a dell xps notebook with pheonix biox, i lost the hope but maybe you can find a solution.
     
  20. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    13,081
    13,978
    340
    #100 Yen, Jul 2, 2009
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Page 5 of 30