Badcaps Forums

Badcaps Forums (https://www.badcaps.net/forum/index.php)
-   BIOS Requests ONLY! (https://www.badcaps.net/forum/forumdisplay.php?f=40)
-   -   AMITSESetup Decryptor (https://www.badcaps.net/forum/showthread.php?t=102275)

EineWildeStehlampe 01-06-2022 02:21 AM

AMITSESetup Decryptor
 
1 Attachment(s)
As a lot of older firmware images use the well known, incredibly secure AMI XOR key to encode the supervisor password in the firmware image, I wrote a small Python tool to automate the process of searching through the image and decrypting the key. It is far from perfect but works well enough for me to share.

The tool uses UEFIExtract to dump the entire image, naively search for a folder ending in "AMITSEDecrypt", iterate through the body.bin to find all possible hashes stored in there, decrypt them with the XOR key, remove every second byte, then convert to ASCII.

Usage: python3 AMITSEDecrypt <Path/to/image.bin>

Hope it'll be of use to someone and excuse my horrible Python skills.

crowntoy99 01-06-2022 02:27 AM

Re: AMITSESetup Decryptor
 
good jobe

Maxpower3 01-06-2022 06:32 PM

Re: AMITSESetup Decryptor
 
good job, untested for the moment, thanks

Ghamidi 01-07-2022 02:23 PM

Re: AMITSESetup Decryptor
 
great job thank you

EineWildeStehlampe 01-10-2022 12:07 PM

Re: AMITSESetup Decryptor
 
Quote:

Originally Posted by EineWildeStehlampe (Post 1096562)
The tool uses UEFIExtract to dump the entire image, naively search for a folder ending in "AMITSEDecrypt", iterate through the body.bin to find all possible hashes stored in there, decrypt them with the XOR key, remove every second byte, then convert to ASCII.

I meant "AMITSESetup" obviously.

Ghamidi 01-10-2022 01:05 PM

Re: AMITSESetup Decryptor
 
Quote:

Originally Posted by EineWildeStehlampe (Post 1097702)
I meant "AMITSESetup" obviously.

I tested work perfect

thank you so much

EineWildeStehlampe 01-10-2022 05:12 PM

Re: AMITSESetup Decryptor
 
Glad it's of use to someone. I'd love to keep a list of devices using the AMITSESetup variable if only I could find out how to edit my posts :spin:

Maxpower3 01-10-2022 07:48 PM

Re: AMITSESetup Decryptor
 
Quote:

Originally Posted by EineWildeStehlampe (Post 1097779)
Glad it's of use to someone. I'd love to keep a list of devices using the AMITSESetup variable if only I could find out how to edit my posts :spin:

see with a moderator to modify your first post.

LatinMcG 01-12-2022 08:38 AM

Re: AMITSESetup Decryptor
 
this works with some of the Panasonic laptops.. not all tho.

EineWildeStehlampe 01-21-2022 07:34 PM

Re: AMITSESetup Decryptor
 
Confirmed to work with at least those devices, will add more when I have some in:
- Microsoft Surface (Pro) 3
- Advantech MIO-5251
- Medion Lifetab P8912
- ASUS Vivobook Flip 14 TP412

I've noticed there's also a few AMI implementations storing the password in cleartext instead of scancodes, I'll probably add something to parse those aswell. And then there's some that look like SHA1 hashes, so I might at least add some functionality to detect those.

onizzbox 01-21-2022 08:01 PM

Re: AMITSESetup Decryptor
 
Quote:

Originally Posted by EineWildeStehlampe (Post 1101417)
Confirmed to work with at least those devices, will add more when I have some in:
- Microsoft Surface (Pro) 3
- Advantech MIO-5251
- Medion Lifetab P8912
- ASUS Vivobook Flip 14 TP412

I've noticed there's also a few AMI implementations storing the password in cleartext instead of scancodes, I'll probably add something to parse those aswell. And then there's some that look like SHA1 hashes, so I might at least add some functionality to detect those.

@EineWildeStehlampe
Similar to this here?
I'm finishing the script in C++ to make it faster, I'll post it in Badcaps next week.

Maxpower3 01-21-2022 08:29 PM

Re: AMITSESetup Decryptor
 
Quote:

Originally Posted by onizzbox (Post 1101424)
@EineWildeStehlampe
Similar to this here?
I'm finishing the script in C++ to make it faster, I'll post it in Badcaps next week.

nice job as usual onizzbox :group:

onizzbox 01-21-2022 08:41 PM

Re: AMITSESetup Decryptor
 
Quote:

Originally Posted by Maxpower3 (Post 1101436)
nice job as usual onizzbox :group:

Thanks! Maxpower3
Would you like to anticipate the release?

Maxpower3 01-21-2022 09:04 PM

Re: AMITSESetup Decryptor
 
Quote:

Originally Posted by onizzbox (Post 1101440)
Thanks! Maxpower3
Would you like to anticipate the release?

no need, I already know your work and you have already shared a lot of knowledge and tools with me

onizzbox 01-21-2022 09:57 PM

Re: AMITSESetup Decryptor
 
Quote:

Originally Posted by onizzbox (Post 1101424)
@EineWildeStehlampe
Similar to this here?
I'm finishing the script in C++ to make it faster, I'll post it in Badcaps next week.

@SMDFlea
I forgot to remove my credentials in the attached video, I can't edit the post anymore. Could you please remove it? :trashcan:

onizzbox 01-21-2022 11:14 PM

Re: AMITSESetup Decryptor
 
Quote:

Originally Posted by Maxpower3 (Post 1101445)
no need, I already know your work and you have already shared a lot of knowledge and tools with me

Thank you Max!
Helping users on the forums or outside of them has always been a hobby, I don't depend on it for a living. I've always liked to share my knowledge, that's the only way we can evolve.

SMDFlea 01-22-2022 03:14 AM

Re: AMITSESetup Decryptor
 
Quote:

Originally Posted by onizzbox (Post 1101452)
@SMDFlea
I forgot to remove my credentials in the attached video, I can't edit the post anymore. Could you please remove it? :trashcan:

removed.

BootLoader1 01-22-2022 12:49 PM

Re: AMITSESetup Decryptor
 
1 Attachment(s)
I wrote small software for decrypt AMI BIOS Password. Software can read Admin and Boot password, just open file or drag and drop a file.
Enjoy.

onizzbox 01-22-2022 03:01 PM

Re: AMITSESetup Decryptor
 
1 Attachment(s)
Quote:

Originally Posted by BootLoader1 (Post 1101634)
I wrote small software for decrypt AMI BIOS Password. Software can read Admin and Boot password, just open file or drag and drop a file.
Enjoy.

@BootLoader1
Very cool, but it doesn't work!!
Needs repairs...

BootLoader1 01-23-2022 05:16 AM

Re: AMITSESetup Decryptor
 
1 Attachment(s)
Working, working, but I forgot about this case. Now fixed and working well.


All times are GMT -6. The time now is 11:59 PM.

Powered by vBulletin ®
Copyright ©2000 - 2022, Jelsoft Enterprises Ltd.