HP Sure Start RSA signature protection theory of Zbooks

Also BIOS ROM contain TPM firmware and connected to that IC.



https://arstechnica.com/gadgets/2021/08/…-in-30-minutes/


https://www.youtube.com/watch?v=NFQ22SBlejk

Found another utility driver to dump ram

https://github.com/SamuelTulach/EfiDump

This will help to analyze what’s parts of bios is in ram.

https://github.com/SamuelTulach/EfiDump

After short ram dump I was able to identify many pei drivers and programs from bios. Also parts of EC firmware are actually x86 subprograms, so EC firmware becomes more easier to understand.

Still need help with capturing spi bios rom readings from two sequences: ac plug in, poweron with healthy bios and non healthy.

There is 100 MHz analyzer need.

Also need help with reverse engineering of arm programs and possibly soon we will return modding ability to bios

Bless this fucking man for giving HP and DRM crippleware the middle finger! Say no to encrypted/locked down BIOSes!

That good article:

https://habr.com/ru/post/185764/

ProductionSignedBiosSmm / ProductionSignedBiosDxe



ENTIRE BIOS:
The BIOS begin from adress 700000h






RSA SIGN KEYS BASED ON ZBOOK G3 153 BIOS UPDATE
(HP Notebook System BIOS 01.53 Rev.A)

Zitat

---

KEY 01 (BOOTLOADER?)

Offset at update: 47C184
Offset at update (second): 701184

Offset at ENTIRE BIOS: B7C184
Offset at ENTIRE BIOS:(second): E01184

1
 

24A24812CBF4F9A9BF6A8D000C123BB77196BD2660EF1FB875A208690B05C9B75351AA16D92B08C622D35DD63E112DA1DE7F8368A2A240EA9883FADECBE917EE5A4D72F3B5E8EC479D57B3186F9BE6DEBE446F372324F2B9FFDA974F2A1409012D097740C5648D52BF1BC071216069E8A9779C92239176DB9DD60ED15718AA9358003AFD966A1486A54F684D7C28D1300EA2618335956B951BAD5E2C4FC06597FE32DB40201F02BFCE03887ADEE35ADFC8B3EA8757EEF43BA6653C8E60F57F42BFFE5D3C677A0F73E23474D7F052ED15669C4D92C5A09817B7465085D8BE7C7354C29F3EF8BD50B583B3ED801E366E3E10E11B39EAD803F0A3238945C798F01E
 

KEY 02 (EC FIRMWARE)

Offset at update: 43C208
Offset at update (second): 6C1208

Offset at ENTIRE BIOS: B3C208
Offset at ENTIRE BIOS:(second): DC1208

1
 

610AF5E7782CACA10507CB5A83188660D3900089EB1854C8214DB38A28B303649EDC041C2907BCD255A51A242B00285777605243EAD4D594E31209CB4EB0ABE012E5460312C6D1DB1F2A8C27DA7DF21BBA68C7E32F3FDE7FC4DA1AEEE486917D5826DFBFA0719DB4C770F05E2FE5F23B0B41B57CFAC212D74A9BA2B7376BF3D42CE0CC44217E1DBE2B42EADA431D0F984366A2DC48C6B1A824F013FE5F699ADE624F5BCEB7D2B6900783A953875DBF500044752874241C2AEF0B53F5B89015E84ED61F801D91C83225C36E9042EA10EFED16AB7D07199109DAB3A4B45474EF7F3C36EA8DB8A4F407A033797E7BD7C192702E5AB4A0073224759A72970702D04C
 

KEY 03 (Padding1_Volumes)

Offset at update: 48030
Offset at update (second):

Offset at ENTIRE BIOS: 48030 + 700000 = 748030
Offset at ENTIRE BIOS:(second):

1
 

46F89A6E0ACD180527B4F496636C661D5CACA13A9C64D0B07EE0EFE7904ED9EC78529839F4B48E13EF6A11EB652A1816C742462A433096DD58CECE3FE7257C868A16C9086C1E914A2118FF0D10C63B89C5F01E91A1801406D39E89449F38C67F07336F5C87FB3605D50A3CCFE7EA5DED835D1F1C5E347B75C87B2477EF5FCC40A39A0532B30C4BA36C45AB2B28506D10D5F90ADDE2814C25EACF93BCE462982DE91E78CE19DAA0E8E44F137605A0740BF8DF32A026A64589BF43C01418048B6929B537A49D2E006C99C8277357BBAEE8AA947736A2D8D77A58E92B36A174627D6E329EF95C1C415680D307209BB25A8C40F2BABF197F84A52D6E51E339DDFE74
 

KEY 04 (Padding1_Volumes)

Offset at update: 48378
Offset at update (second):

Offset at ENTIRE BIOS: 748378
Offset at ENTIRE BIOS:(second):

1
 

ECD06CFED26C4FD60D01C248E7234AC9569B6B00B24AB209F163DFBDAAB340573FCF9F95E3F6DEBC4A051241D4C1A3947D1DD84DB767E2EFDC92AE141ED1D5D7241E986B0B8364E3C4135FC37C40FEC5E36378229A4352E2EA607FFEA8B26DADE15CBAD26F7164B2CEC717C8D537999A32D773CB5E8F91733D9C1D8ABEBE1E1345037380F766735FC493BFD348D460826668F8ED8F8615B5ED1291D1C7B00476DA0403E2832885497065E9A0E9BD1E2F07F70D24ED4A105F53311584DBD03C8A92CAB9926D9BA1059D58527BC6BE130878A4CF9310C525FD94A569E1541AE607F5B8DE9AF86BB18CC59FA8DFABE996C5B8D34FBCF474CCC9217D94D52F267574
 

KEY 05 (Padding1_Volumes)
(Appears more than one time)

Offset at update: 48478
Offset at update (second):

Offset at ENTIRE BIOS: 748478
Offset at ENTIRE BIOS:(second):

1
 

953691FD3661B5C4BA1CEE79F576E196C7FB703861C50E09999F19CCB27D39335F49E317D9BD9A41935292C9CFD81E42F4067505F2219C7ABD9E27D19A41E38E1006C47DBBAE62CACC4A569CDE7DB21273B46BD684CB80DCA74B72FA1E8440FFD668345C197DD636F18B3C623E7D7FF1916A40BD14627F1831862BDFDC37F1EB50D1151C2E68753BF8B7330148E749506D80610D5F316AFEDB783A8B522A1AEFB90556F3AC367699BD0ADB692303829D6DDBD4735AE4DACB8FDAA60B1044364C07F16EDEE7D670989BADEC08E703ACD17FDAD0494FB3EFAAFCADE9999163FFD397A8E71AF343A2FA063677A3B23F2D8C25E0C0A9A937CB212A9E30DC1D25C426
 

KEY 06 (Padding1_Volumes)

Offset at update: 48578
Offset at update (second):

Offset at ENTIRE BIOS: 748578
Offset at ENTIRE BIOS:(second):

1
 

4038C6D1CFBF588B83B4B29A33DE4EDDA86CC0C366081AF001A3AFF211CADE6874E831D5EB2E387C2453202D06833E9ADF85AEC4231A4A93C01EB88337AEB324900C9FF4D03B25AC7E457E2B33AEE28899EF35621354DC5423AA32318BC7F6587A23572F87505F5C33D4D655BB391A44B6646765F6EFCC48B1FA257C46F2AB6130109EFEB645BEF8F99F6915AD3FAC1A076766E649190CDA8DB8320F457CB08B1776F45F73E924E8B907C81C1A44D117800FEF1918FE761BA15ACE1F2C0CE6BBC00D006EB5DB2DA6D6326184935805F00A01CF881BEF9EB114065773ED9DFDD91D0E86866648C8C0FB472B3751AE713D13A3F8CFCA849981294A479ED63FA2A1
 

KEY 07 (Padding2_Volumes)

Offset at update: 3F4030
Offset at update (second): 679030

Offset at ENTIRE BIOS: AF4030
Offset at ENTIRE BIOS:(second): D79030

1
2
 

5F2121D54EA52FD299565F285DA55E5063543CFB536392BB974D298F180E8115F05EEA0D134446CFAF30E9C493AE6E9EDC4B78617C21E318D06E4566E9D0E58A141B48ACAB3DC9E8EBE7C274AE0888BB7EEEBA7AECCBEA9433B6987FB2ABFB91E0C1A511531C50047F8BF4E7F567776981B469ADBB93BE0A394B576F720947C4E807B3D1ADE1A46771F3B3F1D1AC79542C4921CA438E0D20F5D1360B9044F59FA03502467165718231EB7D92A72EBE1B96E230CD626A6D78962539E9420B56CC94F38AB0E0D5FE1B6D33314AAEF7A75C56A02F8ECECF83A3CA6A04D71D0A4DA42233882D0F3EE6B0C90C52883300340657CC52AAECC4F1C72CF671AFDEB80108
 
 

KEY 08 (Padding2_Volumes)

Offset at update: 3F4130
Offset at update (second): 679130

Offset at ENTIRE BIOS: 3F4130
Offset at ENTIRE BIOS:(second): D79130

1
2
 

D9931A7AB3B09EC1237387740E4CF42448794ACC27AE401955A78FAFE796AA569E167DA027439D23C8B0F62B04A5561E940B5C7CC3C7F52E30B23CF0861D7B93E5E8F9F03038700C0D9084CD955A68DDE8927854DE78D81C3DB47705E6D83C9FF70348B3157B74659265833F67334AEFF5ED464E67265C65439C8A6F5FF9DE496066A7D279416B723F82373A85542F528234AAB88264741E59657F6032B3A1D632911330274DBC2DA7CE9825444B8C747D58709CB1448FA5CEF4E5831957EBF98F541A9B35C1CB457217BC983F24805B52A94EB4D154DA94540C77004731DB3DF279EBD4D48F17ECE6CCEBBF6A700FC3F77DCCF69AE7D80ED42B37C828000A9E
 
 

KEY 09 (Padding2_Volumes)

Offset at update: 3F4378
Offset at update (second): 679378

Offset at ENTIRE BIOS: AF4378
Offset at ENTIRE BIOS:(second): D79378

1
 

00843D038A0EAEC2F0A2AF935CC99C713A6250152640544743B553FD59F36B75346914073EC5881EC4349E59961B3AE6D78CC379E1128E0463602F91ACCE07E2F7D5DCDFDCEE14A7F06749B1A17DC1CE449CFBF13D937D773A6DBD36298ADBC656C5EDA0DCCF21185CEAB465B0C65AADAFCEF7920FB759A8F5D53FDDE10534AF0675A109AE3E3A844CCE3C7897ABA1A7EA4F907819552320999AA90AF74A2B9E1FD0E3ADC0E70525FE36BB1A6624C2FFBEF92811DF0A99FBB9BD4003351784B089E6AD3CAB353622C143B9B53CA9DD23007C2776966A5A78671409667796630A4CB6911710275058672F1618B7C0C4F105CB3C5604A76372A2E8CC164F5E0875
 

KEY 10 (Padding2_Volumes) (Appears second time)

Offset at update (first): 48478
Offset at update (second): 3F4478
Offset at update (third): 679478

Offset at ENTIRE BIOS(first): 748478
Offset at ENTIRE BIOS(second): AF4478
Offset at ENTIRE BIOS(third): D79478

1
2
 

953691FD3661B5C4BA1CEE79F576E196C7FB703861C50E09999F19CCB27D39335F49E317D9BD9A41935292C9CFD81E42F4067505F2219C7ABD9E27D19A41E38E1006C47DBBAE62CACC4A569CDE7DB21273B46BD684CB80DCA74B72FA1E8440FFD668345C197DD636F18B3C623E7D7FF1916A40BD14627F1831862BDFDC37F1EB50D1151C2E68753BF8B7330148E749506D80610D5F316AFEDB783A8B522A1AEFB90556F3AC367699BD0ADB692303829D6DDBD4735AE4DACB8FDAA60B1044364C07F16EDEE7D670989BADEC08E703ACD17FDAD0494FB3EFAAFCADE9999163FFD397A8E71AF343A2FA063677A3B23F2D8C25E0C0A9A937CB212A9E30DC1D25C426
 
 

KEY 11 (Padding2_Volumes)

Offset at update (first): 3F4578
Offset at update (second): 43C008
Offset at update (third): 679578
Offset at update (forth): 6C1008

ALSO AT FILE: Section_PE32_image_492522E7-FE60-4361-A463-A237A5A5F397_0292

Offset at ENTIRE BIOS(first): AF4578
Offset at ENTIRE BIOS(second): B3 C008
Offset at ENTIRE BIOS(third): D79578
Offset at ENTIRE BIOS(forth): DC1008

1
 

0913013D819ACCC69A5E5FA22DB6F05D28CB37505BD8E1C629BBDBDD6DCB271FB4A3CF5147ECA29D08167324EA08DBCDC8BA0A5054DE97A1B4490896778ED095C010F646E933F2C3766A57D6C7A1701890FA6608C4BC442DB59FB4A5C8580B17058F68732AC1ACB08C208C8D1F6F3B7928A365490A05803E76523C58B7D830B5C6E45DB71B57487C155D951E430898CA9122400A40D3568BDF1C20F472FA0E69C6F786BB5526A0C62B59F1A18505228D366B28A5D36F56553AD8DCEF694C2EC700C67BAA0679F5B4E9D04E4B1832FB218ACAE741E71FEE87A7B9AD72668E34FEE14A2A95461BBE2E5D7F18BFB34134ECA062BDDD6D4A28381E1693B01C6819A2
 

---

N81_0153.zip (4.95 MB)

just a thought, bigguygeo , have you tried to contact or coordinate with Coreboot community?
IIRC they made some progress about EliteBook/ZBook s’ embedded controller to enable that open sources firmware running on them.
you are doing something meaningful but pretty hard,what a man!

Hi! Sorry for late response. Most of time I’m on techpowerup forum, wx4150 vbios modding.


By the way, I have found some interesting stuff:

I made connection to Embedded controller with proper bios which is original and cut ChipSelect pin at motherboard. The trick is: Embedded controller will check signatures on fake original spi rom, but hacked rom will be connected to pch. And here is results:
- only one oem installed spi rom with wrong signature - results are next: no powering of cpu, pch powering is jumping. Embedded controller is trying to reflash spi, but it is writing same damaged bios and results are loop boot.
- if there is fake rom added, the system will power on properly, all voltages are okay but something is executed and check signatures again. Anyway there is no image or messages on screen to know which bios module to rewrite.

So that’s a method to bypass embedded controller but also need to bypass some pei modules which will hold system execute. Also I have noticed that pcie interface is hold. So system is stopped

After a lot of time spent on this project, still have no positive results. So will close project.

By the way, Binary Ninja can properly disassemble Embedded controller firmware as arm v7 thumb2. Everything is correct. But embedded controller firmware is also protected by rsa. But some code has links to rsa signatures but I have no idea how to work with arm type disassembly

I was trying to build my custom bios for Zbook 17 G3 and came across this signature.
I just wanted to integrate the old Intel microcode before the meltdown/spectre patches into the latest BIOS.
I’m wondering what my options are?

Hi! You can rollback a bios if you want with bios update utility.

I didn’t found the way to bypass security. Also one part of security protection program is on second EC copy of bios at first pad image of recovery.

I do suspect that all bios images are protected, by calculating 256 bit checksum, but some checksums are calculating checksums from checksums and on the top of all, is checksum of every checksum. Every checksum could have its own algorithm. But where the algorithms are located?

Also Check should be made on stage when EC controller started. So a short part of code must be executed to check if this code is correct, then check if EC firmware is correct. After EC firmware is loaded the whole check of bios will start. But even when this bypass as correctly, on boot pei program will check the signatures again, or some signatures are only for cpu check. They are much easier to track by offsets at bios and ram. So I think that is what HP call SureStart

Godspeed my friend May you surely succeed in the process. I cannot mod my bios too due to this HP bullsh*it

The first two steps are to hack EC firmware and the part of security device code in one of pads, this part of code is also internal secured by sure start sign. As this code can’t be decompiled, I think that this part of code is loaded only after EC firmware. And I think that the code is using some additional encryption, like virtual execution or part of codethat is algorithmic compresses.

Maybe you have already read this, but i’ll just link it here HP Developers Portal | Secure BIOS with HP Sure Admin and CMSL - (Upd 2/9/2021)
Btw did anyone try to find any interesting stuff from ftp.hp.com Its a foolish idea still, don’t wanna miss out on any hidden opportunities

No, I have never read this article! Thanks for provided link. Will read it carefully. As I do understand that this is not a manual of how to unlock a bios?

No, this tells us how they’ve implemented things, but i’m not quite sure if these articles are from a business laptops standpoint or stuffs in general. You can find more interesting stuffs in their developer blogs I’m reading them now lol

EDIT: Fortunately/Unfortunately almost all of these fancy things don’t apply to my laptop as checked with HP Developers Portal | Client Management Script Library
But its interesting to note that HP’s tool could modify the “Setup” varstore (Only from what’s already visible under bios) from userspace while all other methods failed like grub shell, RU.

image985×185 23.7 KB

Quick update: Managed to activate “Manufacturing Programming Mode” which unlocked the ability to edit “Setup” varstore (here is my case [REQUEST] HP Laptop 15s-gr0009au InsydeH2O BIOS unlock help needed - #4 by x0rzavi ,changes are not getting saved though) Can you try this on ur laptop too, maybe will give some unrestricted access to flashing mods?
Download this NbDmiFit-2.13.rar - Google Drive, put on a FAT32 formatted drive, launch u.nsh from EFI/Boot/ folder. I prefer to skip that startup.nsh (Idk what it exactly does)

Hi! Sure, but it seems, like your laptop isn’t SureStart

Can you send me an updated list of all keys you found?