I need some guidance-any logical sense of this would be mighty appreciated
I usually prefer to do the work myself but to0 many impossible projects calling my name-Im having trouble getting nvme support for this lenovo insyde biios laptop B40-30-any moddying=brick-Ive unlocked all the register with direct hex edit to signed bios which didnt break the bios amazingly, signed the oem flashing tool and the bios (fptw allows full dump but no write back)to what I thought was success: no warnings fully flashed and then=brick
I cant try the sleep bug trick as I need 9ccn30ww.exe which somebody here provided but only the full rom not .exe-Im certain an additional intergrity check stops even a hardware programmed insyde bios-officla intel doc confirms this-If the chip is locked a certain way even blanking chip not guarantee success and I am unclear on is if the sleep bug trick also prepares the mod bios for passing boot check maybe a hidden fptw switch inserting the encrypted signature right before flash, fptw is the backing tool for h20fft flashing tool after all and since this thiong has TXE not ME there is -mfg manufacturing mode switch instead of the -disable me switch on later fptw packages-Im using 1.14 version lol
it is also possible I bungled the nvme module insertion?
I discovered an smmdxe dual driver for nvme in a newer insyde bios-my laptop has mulitple dual drivers so I followed suit-extracting it with uefi tool and h20 and then comparing the module revealed it diffd by one byte so Im unsure which saved from UEFI tool27, 28, Ispillmydrink's insyde tool version to use and where to put it or if I ended up creating dependancies by not updating some config list by just inserting it letting bios sort out smm hand off-I havent tried nvme.ffs insert as either being added breaks the sig anyway-someone mentioned on another forum unrelated at the time
that using target computer when launching insyde h20 loads the de-encryted bios into ram and winhex can open the active ram, download, hex edit, save back then sign flasher & bin -f back to chip but my puter having trouble "speaking" to the low level h20 tool that runs the webbrowser tool
the same forum had another great idea where you can flash just a snippet back to bios at a certain offset maybe outside locked ranges so I tried to see the specific starting offset by comparing oem and my dumped bios diff between nvme add or without but failed as any tool used to change something changes the size and the file scructure so it cant locate the just inserted nvme module code offset as its scrambled-it appears the weird diff in sizing between oem 9.2mb and direct dump 8mb is oem pkg contains sig and me and they are all mixed in so remaing feasable options are
1. locate 9ccn30ww.exe here at badcaps as all other searchs exhausted- hope sleep bug fixes boot sanity check-another forum member said b40-30 and B50-30 not moddible but wouldnt elaborate
2. get guidance on what nvme module smmdxe combo or nvme5.ffs small, compressed to use and where to put it?
*new idea just popped in*
compare already secure 9ccn30ww rom file with hardware dump
determining security updates that closed the sleep bug trick
screwing self maintainers in the name of so called security
Have you heard of a single person ever getting meltdown or spectre?
add small .ffs to hardware dumped using h20 at the end of FV#3 (the smmdxe combo lives there) so bios will see it and once selected as boot, bios should arrange/rearange things to handoff to os and since past bootguard in process it should do it blindly-then sign the modded dumped bios and hardware flash that back in-I found a resigning tool that replaces rsa cert with mine-I still believe the secret is using oem package resigned and repacked will nullify bios boot check but then Im back to finding 9ccn30ww.exe oem (last known sleep bug)
if that doesnt work I could clean dump innitialize txe (if thats even possible)
I havent tried me anylizer on the txe (no me onboard)
so you guys doing whitelist removals/password whatnots
How are you flashing back moded bios and how are you taking these bios dumps requests supplied, using them for what exactly? and then flashingback? You guys trully impress me and I hope someone can help
I cant put another unfinished project back on the shelf
thanks for reading my book
I usually prefer to do the work myself but to0 many impossible projects calling my name-Im having trouble getting nvme support for this lenovo insyde biios laptop B40-30-any moddying=brick-Ive unlocked all the register with direct hex edit to signed bios which didnt break the bios amazingly, signed the oem flashing tool and the bios (fptw allows full dump but no write back)to what I thought was success: no warnings fully flashed and then=brick
I cant try the sleep bug trick as I need 9ccn30ww.exe which somebody here provided but only the full rom not .exe-Im certain an additional intergrity check stops even a hardware programmed insyde bios-officla intel doc confirms this-If the chip is locked a certain way even blanking chip not guarantee success and I am unclear on is if the sleep bug trick also prepares the mod bios for passing boot check maybe a hidden fptw switch inserting the encrypted signature right before flash, fptw is the backing tool for h20fft flashing tool after all and since this thiong has TXE not ME there is -mfg manufacturing mode switch instead of the -disable me switch on later fptw packages-Im using 1.14 version lol
it is also possible I bungled the nvme module insertion?
I discovered an smmdxe dual driver for nvme in a newer insyde bios-my laptop has mulitple dual drivers so I followed suit-extracting it with uefi tool and h20 and then comparing the module revealed it diffd by one byte so Im unsure which saved from UEFI tool27, 28, Ispillmydrink's insyde tool version to use and where to put it or if I ended up creating dependancies by not updating some config list by just inserting it letting bios sort out smm hand off-I havent tried nvme.ffs insert as either being added breaks the sig anyway-someone mentioned on another forum unrelated at the time
that using target computer when launching insyde h20 loads the de-encryted bios into ram and winhex can open the active ram, download, hex edit, save back then sign flasher & bin -f back to chip but my puter having trouble "speaking" to the low level h20 tool that runs the webbrowser tool
the same forum had another great idea where you can flash just a snippet back to bios at a certain offset maybe outside locked ranges so I tried to see the specific starting offset by comparing oem and my dumped bios diff between nvme add or without but failed as any tool used to change something changes the size and the file scructure so it cant locate the just inserted nvme module code offset as its scrambled-it appears the weird diff in sizing between oem 9.2mb and direct dump 8mb is oem pkg contains sig and me and they are all mixed in so remaing feasable options are
1. locate 9ccn30ww.exe here at badcaps as all other searchs exhausted- hope sleep bug fixes boot sanity check-another forum member said b40-30 and B50-30 not moddible but wouldnt elaborate
2. get guidance on what nvme module smmdxe combo or nvme5.ffs small, compressed to use and where to put it?
*new idea just popped in*
compare already secure 9ccn30ww rom file with hardware dump
determining security updates that closed the sleep bug trick
screwing self maintainers in the name of so called security
Have you heard of a single person ever getting meltdown or spectre?
add small .ffs to hardware dumped using h20 at the end of FV#3 (the smmdxe combo lives there) so bios will see it and once selected as boot, bios should arrange/rearange things to handoff to os and since past bootguard in process it should do it blindly-then sign the modded dumped bios and hardware flash that back in-I found a resigning tool that replaces rsa cert with mine-I still believe the secret is using oem package resigned and repacked will nullify bios boot check but then Im back to finding 9ccn30ww.exe oem (last known sleep bug)
if that doesnt work I could clean dump innitialize txe (if thats even possible)
I havent tried me anylizer on the txe (no me onboard)
so you guys doing whitelist removals/password whatnots
How are you flashing back moded bios and how are you taking these bios dumps requests supplied, using them for what exactly? and then flashingback? You guys trully impress me and I hope someone can help
I cant put another unfinished project back on the shelf
thanks for reading my book
Comment