Possible to extract usable DELL .exe from Packaged/efi BIOS?

Hello All,

Found my way into your world of experts after weeks or scouring the web over this.

I acquired a couple decommed google search appliances from work and have been turning them into flashed and functional servers following the various guides out there.

Worked great for the r720s because DELL includes an executable/non-package BIOS that I can flash onto them.

However, the r730xd DELL page (https://www.dell.com/support/home/us/en/…?driverid=t9yx9) only includes a Hard-Drive .efi BIOS file and Update Package for Windows 64-bit in the form of an exe that can’t be used. I did try side loading this onto a Win Server 2012 and running update over command line but it didn’t take the BIOS update after rebooting.

So I assume there’s a means to convert/extract the proper R730-020901.exe from the Packaged Update? Or convert the .efi into an .exe? I’m not very familiar with .efi files to begin with so maybe I’m confused but from some other threads here it appears it’s possible to convert.

Would anyone be able to point me in the right direction so I can turn this paperweight into a powerhouse?

Thanks for any assistance

Download “BIOS_T9YX9_WN64_2.9.1.exe”, open it with 7-zip, go to “payload” folder, extract “R730-020901C.hdr”, remove the $RBU header (0x54), remove some junk from the end (0x108) and you’ll have a full 16MB (0x1000000) SPI image.

Thank you very much, time to get started learning that.

Just needed to know it can be done!

plutomaniac - Is this HDR cut method is only valid for this particular case, or maybe "Some" other HDR, but not always valid for all HDR in general, correct?

The “hdr” within the “payload” folder of such blue executables are normal SPI images with some junk at the beginning and end, as explained above. They are not related to the HDR from the icon-less executables, which require Dell HDR Module Extractor. The “cap” within the “payload” folder of such blue executables require the steps I outlined here.

Hello again,

I’ve been messing with this for a few days and wanted to come back with a few questions.

I’ve scoured this thread for some extra info (How to extract contents of this Dell BIOS package?) and am at a point where I’m not sure what I’m doing anymore.

1. I grabbed the BIOS_T9YX9_WN64_2.9.1.exe from the dell link above
2. I extracted the HDR file. From there I spent some hours messing with python and the PFSExtractor, this was the output. It did create a C:\Python27\R730-020901C.hdr.extracted folder but there was no contents.

c:\Python27>PFSExtractor R730-020901C.hdr
PFS File Header:
Signature: 301025455425224
Version: 79706F43
DataSize: 68676972

pfs_extract: invalid PFS header signature

3. I decided to 7zip into the hdr file and found folders "9E21FD93, EE46C7C1, and a file FFFFFFFF"

There’s all kinds of files in these but when it comes to trimming the $RBU Header and the other junk you mentioned, I’m not sure what that means. Is this hex editing I’m dealing with?

Seems like the thread I scoured was for different types of files and in this case I don’t even need to run the python scrypt or the PFSExtractor as I can get the files right out of the HDR provided in the original BIOS package from Dell?

Hate to be a bother, I’m always up for learning but I could use a pointer or two. Seems I’m closer than ever to getting a workable bios to flash this box so I greatly appreciate your feedback.

Read my previous reply to understand why the python script and PFSExtractor have nothing to do with your specific case. Open the “hdr” from within “payloads” folder with a hex editor (i.e. HxD) and follow these instructions to end up with the full 16MB SPI/BIOS image for your system.

Thanks for the response. I did grab HxD and removed 01010100 from 54, which appears to be the T at the end of $RBU as well as the 2 entries of 01101100 at 6C and 6C which appear to be the L L under dell from the header.

Re-saved the file.

Any pointers at how to convert this file format to a usable executable? Some googling around only seems to reflect extraction of HDR from .exe guides but not the other way around. I may be in over my head here not knowing the basics but if this is impossible I’ll leave you guys be :slight_smile:

I’m not sure I understand what you want to do. Why would you want to extract the pure SPI/BIOS image out an exe only to put it back at an exe again?

Here is what you need to remove to get a proper SPI/BIOS image out of that “hdr” file:

Capture1.PNG



Capture2.PNG



The resulting 16MB (0x1000000) image is now ready to be flashed on a target system using a hardware SPI chip programmer or generic software SPI flashers such as Intel Flash Programming Tool, flashrom, AMI AFU etc.

R730-020901C.rar (5.29 MB)

Well thank you for some more pointers and even the produced file.

As to what I’m trying to do, I was trying to get an executable version of this BIOS out of the original link. As mentioned in the original post, the only way I’m able to convert this box is to sideload the .exe while piggy backing it onto a win server 2012 install and forcing it via command line.

It’s the same process I used for the dell R720 boxes I acquired that had .exe format BIOS updates on dells site, however, this r730 is only provided as packaged executable. So, I came here trying to determine if there was a way to extract the R730-020901 from the packaged version in order to sideload that and flash this box.

I’ve even asked Dell but they seem to be avoiding answering whether or not they will ever provide a non-packaged BIOS update for this and keep suggesting alternate ways to update the BIOS that center around using LC or Idrac which are inaccessible due to the passwords on the system.

These aren’t standard servers, they’re decommed google search appliances which is why the original modified BIOS has such password restrictions and requires all kinds of workarounds.

As far as I can see, the R720 models have the exact same BIOS update executable with “payload” folder containing “hdr” so I can’t see the difference. Since you can’t update it via the official executable for some reason but do have the full SPI/BIOS image, you can do it manually by using software SPI flashers, such as FPT, to rewrite the entire chip. You would need read/write access to the SPI which means an unlocked Flash Descriptor as explained at [Guide] Unlock Intel Flash Descriptor Read/Write Access Permissions for SPI Servicing. Usually such systems do have motherboard jumpers which enable read/write access for servicing purposes (FDO - Flash Descriptor Override or similar).

This link is the non-packaged executable I used on the 720s (https://downloads.dell.com/FOLDER0482573…720-020601C.exe) They don’t provide a Non-Packaged .exe for the r730. Just the Update package with the payload contained within that we have been messing with here.

Are you saying this R720-020601C.exe would be an acceptable usage over the R730-020901C payload? I hadn’t considered using the 720 bios but will give it a shot tonight.

I’ll have to read up on the flashing tools as it still may be the only way to reconstitute this box. I’m unable to use idrac or LC methods of updating due to a setup password being held on the BIOS from google, these systems in question are decommissioned Google Search Appliances and only google can unlock them unless you flash over a proper Dell BIOS to regain use of LC/iDrac. So my only means to update them is to load the executable BIOS during a command line prompt on a win server 2012 iso.


No I never said that, don’t try it.


Read the FD guide and try to find any motherboard jumpers which might be relevant such as FDO or similar. If these exist, you can simply re-flash from windows using software flashers. No need to use weird Dell executables.

I misinterpreted your response about the r720/r730 bios’s, apologies.

I hadn’t considered messing with anything beyond the standard NVRAM_clr and PASSWD_en jumpers but this might be a route to go, especially if it’d let me load in the .bin file.

Thanks for all your help. If I ever get this working, i’ll report back with the process it took. It might be impossible in this instance due to googles custom bios and a lack of a true dell BIOS out there as even payload extracted from the r730 BIOS is still recognized as a GSA bios. Being that the system is OEMR there might be no alternative beyond the setup password with nothing the replace it with.

Dell does provide OEMR BIOS for the R730 as you can see here (search for R730). The .efi should be the same as the .exe you were talking about with the only difference that you need to run it from an EFI environment. If you can boot into an EFI shell from the BIOS/UEFI then you can use that .efi executable.