ME Analyzer: Intel Engine Firmware Analysis Tool Discussion

Thank you for the report, I saw it a few days ago and it has been added in the next MEA database. As for the issue, there is already a specific thread and any help from someone interested will be posted there.

In BIOS update, hidden inside sp136320 from hp ftp

086FB.RAR (5.55 MB)

╔═══════════════════════════════════════════╗
║ ME Analyzer v1.270.0 r270 ║
╚═══════════════════════════════════════════╝

Error: ME Analyzer v1.270.0 crashed, please report the following:

Traceback (most recent call last):
File “MEA.py”, line 12992, in <module>
elif sku_bytes in (0x60A0,0x004D,0x9C64) : pos_sku_ker = ‘LP’ # 0x004D,0x9C64 for 11.0.0.1100,11.0.0.1109
File “MEA.py”, line 6061, in ext_anl
TypeError: argument of type ‘NoneType’ is not iterable

File/ME dump from [Request] Dell Precision 5510 BIOS flash using CH341 Seems a little unclear if it’s a valid dump

FIT (from r44) doesn’t open this dump either but gives unspecific error

Yeah, it must be badly corrupt based on that output. So not an issue with MEA or FIT.

Confirmed, 4 "backups", all 4 different, 3 crash MEA, one is readable.

Hello,

is it possible to dump a BIOS EEPROM using a programmer, and then analyze the dump-file with ME Analyzer? Or is a "stock" Rom from the motherboard vendor necessary?

BR,
Lebedev

I just tried it. I made a dump of the BIOS EEPROM using a ch341a_spi programmer.
I dropped the file into ME Analyer, and got this result:



It’s an Atom based C2xxx Plattform, so it should have a (CS)SPS…

If it says that, the dump does not contain Engine firmware. Maybe bad/wrong/incomplete dump. Check it manually with a hex editor first.

I am pretty sure, the dump is valid and intact. I made 3 separate dumps (re-attached the SOIC-clamp every time). All 3 dumps have the same hash value. The EEPROM chip was known by flashrom. The validation of flashrom was also successful every time.

Is there a guide on howto check the file with a hex editor? What do i have to look for?
Maybe use UEFITool to see if there’s a ME area?

I am able to open the dump using UEFITool. I can browse everything, see all modules, drivers, etc.
But there’s no ME Region, like in other Bios files. Looks like that Bios indeed has no Management Engine.

Post a link to/attach the file.

original_dump.bin sha256: 69f9646b87a141474296df6dd92063b11b32e410e2152e5faf87a10b0782e260

Complete firmware, but empty pad where ME should be and almost empty FD:

Nice! I’m glad, i don’t have that shitty thing in my firewall.
What is “FD”?

@ plutomaniac ME Analyzer v1.274.0 r277 not working on windows 7 x86 x64.
even latest dell pfs extractor version 4.9 above not working.
while previous version of dell pfs extractor from 4.9 working ok.
me analyzer v1220 .0 DB r265 working ok.
i change latest DB version DB r286 with v1220 .0 DB r265
now its showing v1220 .0 DB r286 & working ok with old bios but not with latest bios.
when i try to use v1.274.0 r277 not working with DBr286 too.
i am uploading .exe bios of dell inspiron 7506 for checking.
please check on windows 7 x86 or x64 plateform for batter understang.
i reformate pc windows with latest iso & install .net latest version with paython 3.7 with all coloroma & plt tables …but not successed.
please check dell exe latest bios here
https://www.dell.com/support/home/en-in/drivers/driversdetails?driverid=ncw6p&oscode=wt64a&productcode=inspiron-15-7506-2-in-1-laptop

@earth007 here u go Inspiron_7506_1.13.0.exe_extracted.rar - Google Drive

@Koekieezz i do not need its extracted files. i said in my previous post that me analyzer & dell pfs extractor latest version do not support windows 7 x64 or x86 os while its previous version done.
but with win 10 its working okay.
so need support to run these softwares on windows 7.

You got the same error with missing DLL ?

2022-09-04_18-31-08_32371120×780 19.3 KB

Read C2 (GitHub - platomav/MEAnalyzer: Intel Engine & Graphics Firmware Analysis Tool)