xehqter Posted September 19, 2006 Posted September 19, 2006 (edited) Putting the word “Gateway” @ F000:E840 in my VirtualPC BIOS activates A04597C6 & C86378C7 OEMBIOS files.F000:E830 00 00 ..F000:E840 47 61 74 65 77 61 79 00-00 00 00 00 00 00 00 00 Gateway.........Update:With allot of trail and error I found that you can put the word 'Gateway' anywhere between F000:E840 and F000:E85F and it will activate with C86378C7 and A04597C6. Edited September 19, 2006 by xehqter
Siginet Posted September 19, 2006 Posted September 19, 2006 Yeah I think that both Gateway filesets will activate most gateway machines. But it is my understanding that each set contains at least 2 specific instances of Gateway that are found in a different section of the bios which is specific to each fileset. We need to find out what Gateway computers are specific to that area and make sure that our tools know to look in those specific areas for those specific filesets. That's why I think the Gateway/EMACHINES fileset should be the one we use for now... until we come across a Gateway that does not activate and we record the area of the bios it is found in.
Bezalel Posted September 19, 2006 Author Posted September 19, 2006 Putting the word “Gateway” @ F000:E840 in my VirtualPC BIOS activates A04597C6 & C86378C7 OEMBIOS files.F000:E830 00 00 ..F000:E840 47 61 74 65 77 61 79 00-00 00 00 00 00 00 00 00 Gateway.........Update:With allot of trail and error I found that you can put the word 'Gateway' anywhere between F000:E840 and F000:E85F and it will activate with C86378C7 and A04597C6.From the fact that you started at F000:E840 leads me to beleive that it wasn't just trial and error.
xehqter Posted September 19, 2006 Posted September 19, 2006 (edited) @BezalelIn my previous post I listed all the instances of "gateway" on a gateway system. I individually inserted gateway into all the addresses on a VirtualPC bios. Only F000:E840 activated. From there I started at E800 and worked my way up in 16byte increments and then @ F000:E83F.. nothing worked till I reached F000:E840.. then went from F000:E8F0 down. So allot of trail and error to get that range.@SiginetSounds reasonable but until I start seeing users complaining about specific OEMBIOS files not activating & providing detailed info I’m not too worried. Using the Gateway, Emachine OEMBIOS is the most logical (that’s what I use @ work) I’ve seen older dells not activate, but I’d like to believe those dells didn’t have an SLP bios because it’s an older system. The main reason I created my program was for Compaq / HP systems, since I’ve seen Compaq Branded Laptops using “HP Pavilion” OEMBIOS files and visa versa. Maybe to rephrase, if it works 98% of the time I’m happy, and so far I haven’t encountered any problems with my utility @ work.I like your new app, would it be possible to also do a dump of the address range to possibly give a hint towards the area it’s located. Ie: bios header, DMI, etc. Maybe subtracting 20h from the address. IE: Gateway @ F000:E840 run 'D F000:E820' in debug. It’s not critical.@EveryoneI’m curious what the project goals are now. They seemed to have strayed a bit. If it’s to have a system to make an automated multi manufacture CD I think we’ve succeeded. Are we now trying to figure out why Gateway (and maybe other) OEMBIOS files are picky about the address used? Is it necessary? How many users does it really effect? If that’s the case we should have a dedicated post we can refer to with the info like FreeStylers 202 post to list our conclusions? Is there another utility besides MGADiag that’s being used to figure out SLP Strings? How are you guys coming up with these longer then 4 id’s SLP’s?. Edited September 19, 2006 by xehqter
Randy Rhoads Posted September 19, 2006 Posted September 19, 2006 (edited) Update:With allot of trail and error I found that you can put the word 'Gateway' anywhere between F000:E840 and F000:E85F and it will activate with C86378C7 and A04597C6.Great. Now that i see how your doing it i will get going on the Dell. Edited September 19, 2006 by Randy Rhoads
FreeStyler Posted September 19, 2006 Posted September 19, 2006 (edited) @allSome here are ahead of you with some stuff, but it looks like they are holding information, think they want to delay the project until Vista Sp1 comes out found some stuff in the public domain that might shine some light on things, With a little help from babelfish you should find your wayhttp://www.crfans.com/Software/Catalog59/1961.htmlhttp://blogxp.org/ArticleShow/81255http://bios.net.cn/Article/wzpd/BIOSJS/bio...0060608978.htmlI like your new app, would it be possible to also do a dump of the address range to possibly give a hint towards the area it’s located. Ie: bios header, DMI, etc. Maybe subtracting 20h from the address. IE: Gateway @ F000:E840 run 'D F000:E820' in debug. It’s not critical.@xehqterThats not really needed, we seem to be able to find the exact range for specific slp locations (check the chinese sites above)@xehqterCan you help Siginet to makes his tool pass wintrust as well?LG added thx, nadav [fs] Edited September 19, 2006 by FreeStyler
vpn-user Posted September 19, 2006 Posted September 19, 2006 @Bezalel: I am asking about the rapidshare folder because you are also missing some common files. At least "Acer Travelmate" notebooks are sold very well and widely spread but your repository misses the files.I have all non-obsolete filesets in my RapidShare folder. I will upload obsolete files upon request (if nobody downloads them, RapidShare will drop the files).Ah that explains it, thank you! And also thank you for re-uploading some files
Siginet Posted September 19, 2006 Posted September 19, 2006 @xehqterCan you help Siginet to makes his tool pass wintrust as well?I think it would be a good idea for us to team up and put our ideas together. So the wintrust... this will actually make it so the files are protected by WFP? @Everyone can someone with the ability to read chinese grab that OEM XP tool and begin recording the areas of the bios that we need for each manufacturer? Then maybe post your findings somewhere to help us out? BTW Why would someone want to wait for vista before releasing something like this? Were you kidding FreeStyler? Or are you serious? lol. We need a tool like this asap. My job is so much easier now that I don't have to activate over the phone so much.
xehqter Posted September 19, 2006 Posted September 19, 2006 @SiginetAs best I can see OEM XP Tool saves an image of the BIOS (0xF0000-0xFFFFF), Display’s your XP CD KEY / Product ID, and gives you a list of known OEMBIOS Address lists. It doesn’t detect the address OEMBIOS uses. Then again I can’t read Chinese. I’ll PM you the list. Is AutoIT capable of making Win32 API Calls?
FreeStyler Posted September 19, 2006 Posted September 19, 2006 (edited) @xehqterUse Button #1 [1aAT1/4o+-o] (first button, first tab) and select each one of your OEMBIOS.SI_ or OEMBIOS.SIG files.For the LG set it returned some chinese characters which after using babelfish read something like: LG OEM, BIOS E000 - E200 'LG Electronics'It only seems to recognize oembios sets which it already knows the values for, seems hardcoded So the wintrust... this will actually make it so the files are protected by WFP?Yes, this wil fix issue with sfc /scannow & wfp, even better....there is no trace in "setuperr.log" after installation, xehqter great job! Edited September 19, 2006 by FreeStyler
severach Posted September 19, 2006 Posted September 19, 2006 (edited) >So allot of trail and error to get that range.You're insane, Goldmember!What a devilishly clever divide and conquer technique that makes the range clear in a fairly short time.>So the wintrust... this will actually make it so the files are protected by WFPThese files are all trusted on one system or another so they definitely can be protected by WFP. Somehow you need to twiddle the API to get the new ones trusted before copying them like a service pack or hotfix does. To prevent crashes from damaged media, bad, hacked, or mismatched sets, you could check if the files are trusted before copying.http://support.microsoft.com/kb/222193/ Edited September 19, 2006 by severach
xehqter Posted September 19, 2006 Posted September 19, 2006 (edited) These files are all trusted on one system or another so they definitely can be protected by WFP. Somehow you need to twiddle the API to get the new ones trusted before copying them like a service pack or hotfix does. To prevent crashes from damaged media, bad, hacked, or mismatched sets, you could check if the files are trusted before copying.http://support.microsoft.com/kb/222193/twiddling the API WinTrust.DLLCryptCATAdminAcquireContextCryptCATAdminAddCatalogCryptCATAdminReleaseCatalogContextCryptCATAdminReleaseContextGot it from disassembling / on demand debugging signtool.exe Edited September 19, 2006 by xehqter
Bezalel Posted September 19, 2006 Author Posted September 19, 2006 What methods are you all using to read from the BIOS. I'm keep getting an Access Voilation error with the following code.int CmpStrToMem(char* Str,char* Mem){ int i; if(!*Str) return 0; if(!isprint(*Mem)) return 2; /* This line is causing the Access Violation */ if(tolower(*Str)-tolower(*Mem)) return 1; i=CmpStrToMem(Str++,Mem++); if(i>1) i++; return i;}
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now