New BIOS region protection on ASUS Z77 and X79 boards

Discussion in 'BIOS Mods' started by CodeRush, Apr 1, 2013.

  1. CodeRush

    CodeRush MDL Member

    Jun 20, 2011
    220
    649
    10
    #1 CodeRush, Apr 1, 2013
    Last edited: Apr 1, 2013
    Hi to all.

    It seems that ASUS has implemented some sort of BIOS region protection in new BIOSes for their Z77 and X79 boards.
    Compare this two screenshots:
    normal.jpg crap.jpg
    Both of them are from DOS versions of FTK 0.9.6.1 (Intel FPT + FD44Copier + batch files)
    Normal one is from flashing all regions of new BIOS v3501 from stock v3305.
    Crappy one is from flashing BIOS region of the same BIOS v3501 from v3501.
    As you can see, some new protection prevents FPT from writing to BIOS space.
    It's definitely not a normal lock in descriptor region (checked this first), and not a BIOS chip malfunction (USB BIOS Flashback works OK), so it must be a new protection, that kicked in.
    The biggest problem of this new crap is that FPT is not aware of this protection before it tries to write something, so you can easily brick your board with fpt -rewrite -f BIOS.ROM, because it will fail only after erasing descriptor and ME regions!
    This particular board was bricked in a second after bad advice to use reflash.bat instead of biosrefl.bat.
    bricked.jpg

    So my question is that: what can we do to find the source of this sh*t and disable it once and for all?
    Must I make more RushSPI programmers to sell or we can remove it by BIOS patching?

    A bit of inside info in the end of post.
    ASUS will not implement USB BIOS Flashback in Z86 boards, so if this protection will be enabled on Z86 (and it seems it will be), there will be no method to flash modified BIOS except hardware SPI programmer.

    UPD: An example of protection on ASUS Maximus 5 Gene BIOS v1701
    Z77.jpg
     
  2. LatinMcG

    LatinMcG Bios Borker

    Feb 27, 2011
    5,314
    1,433
    180
    #2 LatinMcG, Apr 2, 2013
    Last edited: Apr 2, 2013
    hmm just a crazy idea.. try to dump the routines of USB flashback from pads of spi ?

    on the RushSPI side.. im doing a Hp G62 with mobo id 1484 (under battery) that i cant get to work. im in need of a dump for it.
     
  3. Tito

    Tito Super Mod / Adviser
    Staff Member

    Nov 30, 2009
    17,374
    15,027
    340
    Thumb rule

    Buy a hardware programmer along with the mobo if you want to modify the bios.

    :icecream:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. Tito

    Tito Super Mod / Adviser
    Staff Member

    Nov 30, 2009
    17,374
    15,027
    340
    Ok, serious talk.

    Seems that Lenovo has also implemented this type of locking.

    :g:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. RussianT530

    RussianT530 MDL Novice

    Mar 21, 2013
    41
    22
    0
    Cheap and functional SPI flash programmers are going for as much $10 on Ebay.
    Besides having a programmer is not really necessary. I was able to flash write-protected Lenovo BIOS using an old motherboard with SPI flash chip on-board.

    I have used HP T5730 thin client motherboard for this task.
    - Installed Linux
    - Compiled Flashrom from trunk (needed for support of latest MX25L chips used in Lenovo)
    - Verified that Flashrom can read and write BIOS on this motherboard
    - Desoldered SPI Flash from the motherboard and cleaned up the contacts on the motherboard.
    - Pressed HP T5730 SPI Flash hard against the motherboard and booted the MB. Removed HP SPI Flash after that.
    - Aligned Lenovo SPI flash chip on the motherboard, pressed the chip hard to the motherboard and read it with Flashrom.
    - Repeated the previous step, this time writing and verifying new BIOS.
    - Resoldered HP SPI flash back to the motherboard.

    Even though original HP flash was 512Kb type, this motherboard worked fine for flshing Lenovo 4Mb and 8Mb flash chips.

    8-Pin SPI flash chips are not very difficult to solder. There are plenty of good videos on Youtube on soldering SOIC packages with regular soldering iron.
    I can post pics if someone may find them useful.
     
  6. CodeRush

    CodeRush MDL Member

    Jun 20, 2011
    220
    649
    10
    This is definitely not SPI chip lockdown, but a sofware one, so nothing interesting is going on SPI pads, I think.
     
  7. CodeRush

    CodeRush MDL Member

    Jun 20, 2011
    220
    649
    10
    And I hope there is a way to remove that protection rather then use hotswap or hardware SPI programmers.
     
  8. RussianT530

    RussianT530 MDL Novice

    Mar 21, 2013
    41
    22
    0
    Someone skilled in assembler and reverse engineering may want to have look at the flashing routines built into BIOS. Once the BIOS signature is authenticated, the routines somehow unlock write access to SPI and flash the image. The key to removing protection is likely in the flashing routines.
     
  9. CodeRush

    CodeRush MDL Member

    Jun 20, 2011
    220
    649
    10
    Right you are. I can't do that because I don't have ASUS Z77 or X79 board to test, only Z68 one.
    Another option is to compare all modules from old BIOS without protection and new BIOS with it and see what is changed and where. Will do that and post results as soon as I have some.
     
  10. _patrik_

    _patrik_ MDL Member

    May 25, 2007
    175
    43
    10
  11. Tito

    Tito Super Mod / Adviser
    Staff Member

    Nov 30, 2009
    17,374
    15,027
    340
    The security check can be bypassed if mod is done via MMTool.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  12. RussianT530

    RussianT530 MDL Novice

    Mar 21, 2013
    41
    22
    0
    I've looked at 2001Q4 P5 Insyde presentation at UEFI plugfest (unfortunately I cannot post links with my post count).
    One angle of attack would be signing BIOS with our own private key, and then modifying public key used to verify the signature during the flashing process. One way of doing this may be using DMA - even if the public key is stored in protected flash, it has to be loaded at some point into RAM to decrypt the SHA256 hash and verify the signature. This may be the window of volnurability that may be attacked. For example, FireWire, by specification, should have DMA access to whole RAM. If we can use external FireWire device to replace public key in RAM by our key before signature is authenticated, we can use the BIOS with our own signature.
    Another volnurability is documented in a presentation "Attacking Intel BIOS", but I am sure any recent BIOS would have that volnurability patched up by now.
     
  13. RussianT530

    RussianT530 MDL Novice

    Mar 21, 2013
    41
    22
    0
    How would that bypass signature verification during update? Or does it unlock write access to SPI flash somehow?
     
  14. _patrik_

    _patrik_ MDL Member

    May 25, 2007
    175
    43
    10
    Can you explain how use MMt for this?

    Ty
     
  15. Tito

    Tito Super Mod / Adviser
    Staff Member

    Nov 30, 2009
    17,374
    15,027
    340
    Check PM. Newer Asus EFIs which has MSOA or DummyMSOA module inside can be SLIC modded and flashed this way.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  16. _patrik_

    _patrik_ MDL Member

    May 25, 2007
    175
    43
    10
    Tito

    ok thank you very much! let me say that You're very cooperative and friendly
     
  17. Tito

    Tito Super Mod / Adviser
    Staff Member

    Nov 30, 2009
    17,374
    15,027
    340
    Thanks.

    Actual credit goes to akcent who discovered & designed the way to mod it.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  18. LatinMcG

    LatinMcG Bios Borker

    Feb 27, 2011
    5,314
    1,433
    180
    i have tried hotswap an spi and it didnt work.. HP board.. i think it kept a live circuit inbios somehow with LPC
     
  19. RussianT530

    RussianT530 MDL Novice

    Mar 21, 2013
    41
    22
    0
    What exactly did not work for you?
    Once the board boots up you can remove the BIOS.
    What are you using for flashing? Is it Flashrom?
     
  20. LatinMcG

    LatinMcG Bios Borker

    Feb 27, 2011
    5,314
    1,433
    180
    when i removed bios board became unstable.. doesnt work on all board i know for a fact.

    this was back 5 months ago.. i have spi programmer