Extracting MSDM from a dead mainboard

Discussion in 'BIOS Mods' started by nexus76, Jan 11, 2015.

  1. nexus76

    nexus76 MDL Addicted

    Jan 25, 2009
    783
    296
    30
    #1 nexus76, Jan 11, 2015
    Last edited: Jan 12, 2015
    Hi,

    I extracted a bios from a dead mainboard of a Samsung NP350E7C using a SPI-flasher.
    I tried to extract the Windows8 key now using Phoenix Tool using the option to modify DSDT,
    but the MSDM key isn't in there, I guess it's rather located in a module labeled SystemOemActivationDxe.efi cause
    there I found MSDM using sfk. It seems the samsung UEFI is intel based.
    Did someone manage to extract the key from a dead board to revive it on a new board?
    edit: found this article - impossible to transplant the key due to the hardware hash?
    So, a recovered key can be used for the trash bin only or is there any way to re-use the license bought with the hardware?

    kind regards
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. xforce

    xforce MDL Novice

    Feb 23, 2011
    21
    24
    0
    Hi,
    Samsung store OEM Key in DMI or Bootblock depend's on BIOS (APTIO, Phoenix, William). If you dumped BIOS region via programmer, look in DMI Region or bootblock near at the end of flash with hexeditor. Key is not ecrypted. If you find it, store and check activation on a new motherboard. If you want inject key to new mb you need Samsung Service Center OA Tool V2.2 or later with flash tools.

    Br, Paul
     
  3. Tito

    Tito Super Mod / Adviser
    Staff Member

    Nov 30, 2009
    17,215
    14,777
    340
    @xforce

    Any chance of getting such tools??
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. xforce

    xforce MDL Novice

    Feb 23, 2011
    21
    24
    0
    @Tito

    Tool is useless if you doesn't have usb dongle. But you can manually inject OA3.0 Key.

    for William use - AFUEMMC
    for Phoenix use - sFlash but need BCP.evs file
    for AMI use - afuwin
     
  5. Tito

    Tito Super Mod / Adviser
    Staff Member

    Nov 30, 2009
    17,215
    14,777
    340
    Looks like we need a reverse-engineer among us :D, anyway I'm more interested for OA 2.x tools. Do you have any information about such Samsung tools which can manipulates OA 2.x data (i.e SLIC)??
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. nexus76

    nexus76 MDL Addicted

    Jan 25, 2009
    783
    296
    30
    Thanks for your help guys,

    it wasn't urgent so I didn't research for a while but yesterday I cracked the nuts.
    First of all I started analyzing a MSDM example - thanks Tito! - and I found an indication code segment which is

    Samsung acts a little bit tricky about hiding the license cause there no MSDMU appearance ahead of the key,
    it's loaded from a different area, but finally I found the key :D using CodeRush's UEFITool using hex-search.

    In this case the license is stored in module

    rather at the end of the UEFI image.
    However I see a different attempt for future tools extracting and decompressing all modules
    and searching for patterns like "XXXXX-XXXXX-XXXXX-XXXXX-XXXXX" while XXXXX can be only
    A-Z and 0-9 ;-).

    thanks @all for your help!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...