hello can anyone please help me unlocking the advance menu + advance boot menu for AHCI, I have dumped my bios using insyde tool and spi flasher and extracted them using phoenixtool266 and have revealed the EFI strings this from my SPI Flasher dump Code: Form Sets -------------------------------------------------------------------------------- Offset:Title: -------------------------------------------------------------------------------- 0xAC118System Configuration (0x63 from string package 0x0) 0xADCF8Power (0x41B from string package 0x0) 0xAFDC8Security (0x133 from string package 0x0) 0xB1308Advanced (0x1C9 from string package 0x0) 0xBFD08Main (0x103 from string package 0x0) 0xBFFC8Exit (0x187 from string package 0x0) 0xC0098Diagnostics (0x49 from string package 0x0) 0xC01B8Security (0x3D from string package 0x0) 0xC0278Main (0x4 from string package 0x0) and this from insyde tool flash dump Code: Form Sets -------------------------------------------------------------------------------- Offset:Title: -------------------------------------------------------------------------------- 0xAC1BCSystem Configuration (0x63 from string package 0x0) 0xADD9CPower (0x41B from string package 0x0) 0xAFE6CSecurity (0x133 from string package 0x0) 0xB13ACAdvanced (0x1C9 from string package 0x0) 0xBFDACMain (0x103 from string package 0x0) 0xC006CExit (0x187 from string package 0x0) 0xC013CDiagnostics (0x49 from string package 0x0) 0xC025CSecurity (0x3D from string package 0x0) 0xC031CMain (0x4 from string package 0x0) don't know why the offsets are different.. could some one explain? both of these are extracted from "setuputility" branch with GUID of FE3542FE-C1D3-4EF8-657C-8048606FF670 I have tried using efi shell to setup_var 0x39 0x01 (that's for ahci boot) and it fails also tried to disable BIOS Lock 0x4bb fails as well with unable to set efi, but I know why cause its locked by damn HP here are some more info i managed to get from UEFITool Code: Full size: 1000h (4096) ME region offset: 1000h BIOS region offset: 300000h Region access settings: BIOS:0B0Ah ME:0D0Ch GbE:FFFFh BIOS access table: Read Write Desc Yes No BIOS Yes Yes ME No No GbE Yes Yes PDR No No Flash chips in VSCC table: 1F4700h EF4017h 1C7017h C84017h C22017h I want to unlock advance settings, my bios is RSA signed would that make a difference if I use hardware flasher? how can I set the variables so that I can flash the bios, need help
update: I have flashed after modding the bios enabling advance boot options but the laptop recovers the modded bios automatically maybe RSA signature failed ? or hash mismatch? , I honestly don't know so I'm stuck here with my laptop opened up and Raspberry pi connected to it update 2: flashed backupbios without mod no problem so can anyone help me bypassing bios checks ?
update: I'm trying to override the RSA signature check in bios I have come to a stand still and don't know how to proceed I found a module named "UEFIbiosimageinterface" trying to disassemble it in IDA pro gives me this (its an online version if the ida) Code: onlinedisassembler(dot)com/odaweb/wPWIC9sk/0 my basic knowledge in assembly says it have functions to write the bios (am I right?) please tell me if I'm looking in the correct area for disabling signature check on the bios. thanks