Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Extracting blobs/ROM image from original Lenovo (Phoenix) FL2 files #77

Open
tlaurion opened this issue Mar 13, 2020 · 5 comments
Open

Extracting blobs/ROM image from original Lenovo (Phoenix) FL2 files #77

tlaurion opened this issue Mar 13, 2020 · 5 comments
Labels
enhancement question

Comments

@tlaurion
Copy link

tlaurion commented Mar 13, 2020
edited
Loading

@theopolis : As specified here, trying to do a PoC to be able to extract ME related regions from original Lenovo bios updates (hopefully 8MB rom image) from Lenovo FL2 file, and nothing extracted matches me_cleaner expected file format:

wget https://download.lenovo.com/pccbbs/mobiles/g2uj31us.exe && innoextract ~/g2uj31us.exe && echo -e "\n\n EXTRACTING FL1\n\n\n" && /usr/bin/python2.7 /usr/local/bin/uefi-firmware-parser ./app/G2ETB5WW/\$01D3000.FL1 -e && echo -e "\n\n\n EXTRACTING FL2 \n\n\n" && /usr/bin/python2.7 /usr/local/bin/uefi-firmware-parser ./app/G2ETB5WW/\$01D3000.FL2 -e --superbrute && echo -e "\n\n\n Testing me_cleaner against all extracted files.... output given only on successful files... \n\n\n" && find ./pfheader* ./capsule-Capsule/ ./volume-0/ -type f | while read filename; do python ~/me_cleaner/me_cleaner.py $filename &>/dev/null; if [ $? -eq 0 ]; then echo $filename; fi; done;

Output of code snippet: none.

Meaning: no file extracted from FL1 (expected) nor FL2 (not expected) matches extracted ME region, nor 8MB raw region. Also, note that FL2 regions needed to be extracted with --superbrute, a simple -e reporting unsupported format, same result with --brute.

Any advice?
@tlaurion tlaurion changed the title Extracting blobs/ROM image from original Lenovo FL2 files Extracting blobs/ROM image from original Lenovo (Phoenix) FL2 files Mar 13, 2020
@tlaurion
Copy link
Author

tlaurion commented Mar 13, 2020
edited
Loading

I would have thought #53 permitted this.

chipsec doesn't produce me_cleaner regions either to be able to extract blobs directly from Heads CIs from original firmware images.

@theopolis @anatol @andreiw @thops @iROOT : How to accomplish this?

@tlaurion tlaurion mentioned this issue Mar 13, 2020
Closed
@theopolis
Copy link
Owner

It looks like you found a way forward in discussion on the heads project. I'm on leave right now but I can take a look at adding (or fixing) extraction within uefi-firmware-parser in a few months when I return. 😄

@tlaurion
Copy link
Author

tlaurion commented Mar 15, 2020
edited
Loading

It looks like you found a way forward in discussion on the heads project. I'm on leave right now but I can take a look at adding (or fixing) extraction within uefi-firmware-parser in a few months when I return. smile

@theopolis: yeah, not perfect though. Would be better if it was possible to extract the ME ROM region correctly and apply me_cleaner directly on the full image. IFD descriptor still has to be extracted from an already flashed image.

@tlaurion tlaurion mentioned this issue Mar 15, 2020
Closed
5 tasks
@theopolis
Copy link
Owner

Ok, I'll read though all of the dev/debugging in the related issues and try to come up with the step-by-step for extracting and see if it can be done with this parser/extractor.

@tlaurion
Copy link
Author

You can read chipsec/chipsec#870 (comment) and close this issue!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tlaurion @theopolis