Here it will be the last one from me, i’m still curious lol.
Same here
My apologies for assuming.
@vkvishnu @dmedina09 could one of you provide me some older working bios from early 2017 and 2016, on newer bios it might be already got patched in Bios Region.
xps112.zip (3.1 MB)
It is not a full dump but it is the bios region, version 1.1.2
1 Like
Sorry for taking so long. I was digging into my main device before it died (EEPROM) and ended up making things worse while trying to fix it (dead motherboard) 
.
You can replace the Bios Region from the complete image I provided earlier with the old one using UEFITool 25/27/28.
I noticed some differences between the older and newer versions—there were several changes in the cyan area (UEFITool NE). This means we can modify that section if we manage to fix the Computed IBB Hash and Boot Policy Signature using the correct decompression and compression method for LZMA (this is still just my assumption though).
Is there no way we can extract the hash? It’s only through the manufacturer right?
It’s only through the manufacturer right?
Yes, vendor private key.
Would deguard work? Or is this at the Southbridge/chipset level?
It is chipset level. I tried to use deguard, but I do not know how to 
Would deguard work?
It works by making the device run in CSM mode and disabling ME.
but I do not know how to
The Readme.md already pretty much clear what you have to do.
Change the value at offset 0x102 to 93 (HAP and DCI bit enabled) with hex editor. This should be under the flash descriptor. Then, use the output ME from Deguard to perform clean dump.
1 Like
Hi, the offset 0x102 that I need to change, is from the 4KB file “Descriptor Region.bin” ? Here this offset is set to 90 (this is a download bios file)
With my dump.bin the offset 0x102 is set to 91 on the file flashregion_0_flashdescriptor.bin that I extracted using ifdtool, and then I ran the command “ifdtool -p sklkbl -M 1 flashregion_0_flashdescriptor.bin” but the output file is identical, so the value 91 is the disabled option (enabling changes to 90, disabling again changes to 91)?
Then I have the folders extracted using “generatedelta.py --input --output data/delta/”
My main goal here is to use a i3 9100 on my dell 3050 SFF, I was able to change and disable ME and apply the microcodes using coffetime, but every other modification made the system unbootable, with the front case led’s throwing me the error “Bios Checksum Failure”
So, back to running the scripts, running the final script “./finalimage.py --delta data/delta/dellbackup --version 11.8.77.3664 --pch H --sku 5M --fake-fpfs data/fpfs/zero --input 11.8.77.3664_COR_H_DA_PRD_RGN.bin --output patched-11.8.77.3664_COR_H_DA_PRD_RGN.bin” gave me some errors, and by viewing the exploit.py I found the issue, only the ME version 11.6.0.1126, with the combinations pch type and sku “H, 2M”, “LP, 2M” and “LP, 5M” are supported by this exploit, and my current desktop should be “H, 5M”, right?
So I will try using the provided ME donor images in the libreboot/deguard and after generating the new me file do I need to use this guide Clean Dumped Intel Engine or is there a easier way?
After several failed attempts I decided to compile libreboot to extract the ME.
The ME extracted from the file “seagrub_dell3050micro_vfsp_16mb_libgfxinit_corebootfb_usqwerty.rom” is at the start address 1000 with length 006FF000, I replaced this ME in the original_full_dump.bin, also in this same file at the offset 0x102 I changed to 93, and the system booted.
Changing the VBIOS and GOP didn’t cause the error “Bios Checksum Failure” anymore, but still no image, does anyone have any other ideas?
Where did you get the CFL binary configuration .BSF file, for transferring original vbios settings to newer vbios? Coffetime tool…?
1 Like
I just followed this tutorial [Guide] CoffeeLake CPUs on Skylake and KabyLake mainboards - #2 by elisw
When I tried replacing the VBIOS in CoffeeTime, nothing happened, it continued to show the old version. I also tried replacing the vbios with UBU, but still, no image
Edit: The VBIOS files I obtained are in a file called “Intel_VBIOS_and_BSF_r3.7z”, and it also contains several other files such as “BMPv2_67PV_External.zip”, “Intel_RST(e)_r20.7z”, among others. I don’t remember where I found it on this forum, but inside it is the folder “SKLKBLCFLAML” and the VBIOS 1062 that I used.
Edit2: Trying to change the VBIOS in Coffetime using the original_full_dump.bin doesn’t work, but the program is able to change the vbios in the other bios that I had already updated to version 1062.
Testing with a G4560, the image appears and I can access the BIOS, but after the Dell logo the screen goes black. I can restart with Ctrl+Alt+Del, which means the operating system hasn’t started. When accessing diagnostic mode using F12, the screen also goes black. When running the BIOS update, the screen remains black with the mouse cursor stuck in the middle of the screen.
Changing some settings in the BIOS, the message “headless operation active” starts appearing in the corner, but the behavior remains the same.
I’m not sure if this could be a BIOS corruption or another problem. The BIOS file I’m using is a system dump (which contains the service number, among other things), so I’ll try with a BIOS dump obtained from dell.exe to see if the behavior is different.