summaryrefslogtreecommitdiffstats
path: root/cmospwd.c
diff options
context:
space:
mode:
Diffstat (limited to 'cmospwd.c')
-rw-r--r--cmospwd.c771
1 files changed, 356 insertions, 415 deletions
diff --git a/cmospwd.c b/cmospwd.c
index 72ba76c..58e9657 100644
--- a/cmospwd.c
+++ b/cmospwd.c
@@ -102,38 +102,38 @@
#define IOCTL_IOPL CTL_CODE( FILE_DEVICE_UNKNOWN, 0xA01, METHOD_BUFFERED, FILE_ANY_ACCESS )
struct ioperm_data {
- unsigned long from;
- unsigned long num;
- int turn_on;
+ unsigned long from;
+ unsigned long num;
+ int turn_on;
};
struct iopl_data {
- int value;
+ int value;
};
int ioperm( unsigned long from, unsigned long num, int turn_on )
{
- HANDLE h;
- struct ioperm_data ioperm_data;
- DWORD BytesReturned;
- BOOL r;
- h = CreateFile( "\\\\.\\ioperm", GENERIC_READ, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL );
- if (h == INVALID_HANDLE_VALUE) {
- errno = ENODEV;
- return -1;
- }
+ HANDLE h;
+ struct ioperm_data ioperm_data;
+ DWORD BytesReturned;
+ BOOL r;
+ h = CreateFile( "\\\\.\\ioperm", GENERIC_READ, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL );
+ if (h == INVALID_HANDLE_VALUE) {
+ errno = ENODEV;
+ return -1;
+ }
- ioperm_data.from = from;
- ioperm_data.num = num;
- ioperm_data.turn_on = turn_on;
+ ioperm_data.from = from;
+ ioperm_data.num = num;
+ ioperm_data.turn_on = turn_on;
- r = DeviceIoControl( h, IOCTL_IOPERM, &ioperm_data, sizeof ioperm_data, NULL, 0, &BytesReturned, NULL );
- if (!r)
- errno = EPERM;
+ r = DeviceIoControl( h, IOCTL_IOPERM, &ioperm_data, sizeof ioperm_data, NULL, 0, &BytesReturned, NULL );
+ if (!r)
+ errno = EPERM;
- CloseHandle( h );
+ CloseHandle( h );
- return r ? 0 : -1;
+ return r ? 0 : -1;
}
#endif
@@ -205,46 +205,10 @@ FILE *cmos_fd;
#define VAL_NON_STOP 256
#define VAL_STOP 257
#define VAL_UNK 258
-int get32(int position, const uint8_t *data_src);
-void aff_hexa(const unsigned char*buffer,const unsigned int lng);
-void aff_result(const unsigned int *src, const unsigned int lng);
-void table2val(unsigned int*dst, const uint8_t *src, const unsigned int lng, const unsigned int *table);
-int check_crcadd(int position, int size, int pos_crc);
-int check_filled(const unsigned int*value, const unsigned int lng, const unsigned int filled_value);
-void award_backdoor(void);
-void generic_acer(unsigned int *dst, const unsigned int lng);
-int generic_ami(unsigned int *data, const unsigned int lng, const int methode);
-void generic_award6(unsigned int *value, const unsigned int lng);
-void generic_basic(const unsigned int offset, const unsigned int lng, const int algo,const unsigned int val_stop,const int mode_aff, const uint8_t *data_src);
-void generic_compaq(unsigned int *value, const unsigned int lng);
-void generic_crc(int algo, int position, const uint8_t *data_src);
-void generic_dtk(unsigned int*value, const unsigned int lng);
-void generic_packard(unsigned int *value, const unsigned int lng);
-void generic_phoenix_add(unsigned int *value, const unsigned int lng);
-void generic_phoenix_shift(unsigned int *value, const unsigned int lng);
-void generic_phoenix_xor(unsigned int *value, const unsigned int lng);
-void generic_unknown(unsigned int*value, const unsigned int lng);
-void generic_table(unsigned int *value, const unsigned int lng, const int algo,const unsigned int val_stop,const int mode_aff);
-
-void convert_scancode2ascii(unsigned int*dst, const unsigned int lng);
-uint8_t scan2ascii(uint8_t);
-unsigned char filtre(unsigned char);
-void dumpcmos(const int cmos_size, const int scancode);
-int ask_YN(const char*);
-uint8_t parity_test(uint8_t val);
-uint16_t rol(uint16_t);
-uint8_t rcl8(uint8_t);
-uint8_t rcl8n(uint8_t, unsigned int);
-uint8_t brute_awa(uint16_t, uint16_t, uint8_t);
-uint8_t brute_award(uint16_t);
-void set_permissions(void);
-void unset_permissions(void);
-uint16_t do_tosh(uint16_t, uint8_t);
-uint8_t brute_tosh(uint16_t, uint16_t, uint8_t);
-uint8_t brute_toshiba(uint16_t);
-void keyb_mem();
+
#define m_acer "\nAcer/IBM "
#define m_ami_old "\nAMI BIOS "
+#define m_ami_2005 "\nAMI BIOS 2005 "
#define m_ami_winbios "\nAMI WinBIOS (12/15/93) "
#define m_ami_winbios25 "\nAMI WinBIOS 2.5 "
#define m_ami_unk "\nAMI ? "
@@ -261,6 +225,7 @@ void keyb_mem();
#define m_ibm_thinkpad_765_380z "\nThinkpad 765/380z EEPROM "
#define m_ibm_thinkpad_560x "\nThinkpad 560x EEPROM "
#define m_ibm_thinkpad_x20_570_t20 "\nThinkpad x20/570/t20 EEPROM "
+#define m_insyde "\nInsyde "
#define m_packardbell "\nPackard Bell Supervisor/User "
#define m_phoenixa08 "\nPhoenix A08, 1993 "
#define m_phoenix "\nPhoenix 1.00.09.AC0 (1994) "
@@ -277,60 +242,6 @@ void keyb_mem();
#define m_samsung_P25 "\nSamsung P25 "
#define m_Sony_Vaio "\nSony Vaio EEPROM "
#define m_Keyb_Mem "\nKeyboard BIOS memory "
-void acer(void);
-void ami_old(void);
-void ami_winbios(void);
-void ami_winbios2(void);
-void ami_unk(void);
-void award(void);
-void award_medallion(void);
-void award6(void);
-void compaq(void);
-void compaq2(void);
-void compaq_deskpro(void);
-void dtk(void);
-void phoenixa08(void);
-void ibm(void);
-void ibm_thinkpad(void);
-void ibm_thinkpad2(void);
-void ibm_300(void);
-void packardbell(void);
-void phoenix(void);
-void phoenix_1_04(void);
-void phoenix_1_10(void);
-void phoenix4(void);
-void phoenix_40_r_60(void);
-void phoenix_1_03(void);
-void phoenix405(void);
-void phoenix406(void);
-void gateway_ph(void);
-void toshiba(void);
-void zenith_ami(void);
-void samsung(void);
-void sony_vaio(void);
-void keyb_mem(void);
-void (*tbl_func[])(void)={acer,
- ami_old,ami_winbios,ami_winbios2,ami_unk,
- award, award_medallion, award6,
- compaq,compaq_deskpro,compaq2,
- dtk,
- ibm,ibm_thinkpad,ibm_thinkpad2,ibm_300,
- packardbell,
- phoenix,phoenix_1_03,phoenix_1_04,phoenix_1_10,phoenix4,phoenix_40_r_60,phoenix405,phoenix406,
- phoenixa08,
- gateway_ph,
- samsung,
- sony_vaio,
- toshiba,
- zenith_ami,
- keyb_mem};
-#define nbr_func sizeof(tbl_func)/sizeof(*tbl_func)
-int kill_cmos(const int cmos_size);
-int load_cmos(const int cmos_size);
-int restore_cmos(const int cmos_size,const int choix);
-int load_backup(const char*);
-int save_backup(const int cmos_size, const char* name);
-unsigned int get_table_pb(unsigned int val);
typedef struct s_cmos_f t_cmos_f;
typedef struct s_cmos_l t_cmos_l;
@@ -375,16 +286,16 @@ static __inline__ uint8_t inportb(uint16_t port)
#endif
enum {KEYB_US,KEYB_FR, KEYB_DE};
-int keyb=KEYB_US;
-uint8_t cmos[TAILLE_CMOS_MAX];
+static int keyb=KEYB_US;
+static uint8_t cmos[TAILLE_CMOS_MAX];
-int get32(int position, const uint8_t *data_src)
+static int get32(int position, const uint8_t *data_src)
{
return ((data_src[position+1] <<8) | data_src[position]);
}
/* CONVERTION ET FILTRAGE */
-uint8_t scan2ascii(uint8_t car)
+static uint8_t scan2ascii(uint8_t car)
{
static const uint8_t tbl_fr[255]=
{ ' ',' ','1','2','3','4','5','6',
@@ -441,59 +352,58 @@ uint8_t scan2ascii(uint8_t car)
return ' ';
}
-unsigned char filtre(unsigned char lettre)
+static unsigned char filter(const unsigned char c)
{
- if ((lettre>=32) && (lettre <=125))
- return lettre;
- else
- switch(lettre)
- {
- case(131):
- case(132):
- case(133):
- case(134):
- case(160):
- return 'a';
- case(130):
- case(136):
- case(137):
- case(138):
- return 'e';
- case(139):
- case(140):
- case(141):
- case(161):
- return 'i';
- case(164):
- return 'n';
- case(147):
- case(148):
- case(149):
- case(162):
- return 'o';
- case(150):
- case(151):
- case(163):
- return 'u';
- case(152):
- return 'y';
- case(142):
- case(143):
- return 'A';
- case(144):
- return 'E';
- case(165):
- return 'N';
- case(153):
- return 'O';
- case(154):
- return 'U';
- default:
- return ' ';
- }
+ if (c>=32 && c <=125)
+ return c;
+ switch(c)
+ {
+ case(131):
+ case(132):
+ case(133):
+ case(134):
+ case(160):
+ return 'a';
+ case(130):
+ case(136):
+ case(137):
+ case(138):
+ return 'e';
+ case(139):
+ case(140):
+ case(141):
+ case(161):
+ return 'i';
+ case(164):
+ return 'n';
+ case(147):
+ case(148):
+ case(149):
+ case(162):
+ return 'o';
+ case(150):
+ case(151):
+ case(163):
+ return 'u';
+ case(152):
+ return 'y';
+ case(142):
+ case(143):
+ return 'A';
+ case(144):
+ return 'E';
+ case(165):
+ return 'N';
+ case(153):
+ return 'O';
+ case(154):
+ return 'U';
+ default:
+ return ' ';
+ }
}
-unsigned int get_table_pb(unsigned int val)
+static unsigned int get_table_pb(unsigned int val)
{
switch(val)
{
@@ -520,16 +430,16 @@ unsigned int get_table_pb(unsigned int val)
return VAL_UNK;
}
-void dump(const void *data_original, const unsigned int*data_processed,unsigned int lng)
+static void dump(const void *data_original, const unsigned int*data_processed,unsigned int lng)
{
unsigned int i,j;
unsigned int nbr_line;
unsigned char car;
nbr_line=(lng+0x10-1)/0x10;
- for (i=0; (i<nbr_line); i++)
+ for (i=0; i<nbr_line; i++)
{
- printf("%03X: ",i*0x10);
- for(j=0; j< 0x10;j++)
+ printf("%03X: ", i*0x10);
+ for(j=0; j< 0x10; j++)
{
if(i*0x10+j<lng)
{
@@ -545,7 +455,7 @@ void dump(const void *data_original, const unsigned int*data_processed,unsigned
if(i*0x10+j<lng)
{
car=data_processed[i*0x10+j];
- printf("%c", filtre(car));
+ printf("%c", filter(car));
}
else
printf(" ");
@@ -554,16 +464,8 @@ void dump(const void *data_original, const unsigned int*data_processed,unsigned
}
}
-
-void aff_hexa(const unsigned char*buffer,const unsigned int lng)
-{
- int i;
- for(i=0;i<lng;i++)
- printf("%02X ",buffer[i]);
-}
-
/* test et manipulation binaire */
-uint8_t parity_test(uint8_t val)
+static uint8_t parity_test(uint8_t val)
{
int res=0;
int i;
@@ -576,12 +478,12 @@ uint8_t parity_test(uint8_t val)
return res;
}
-uint8_t rcl8(uint8_t num)
+static uint8_t rcl8(uint8_t num)
{
return (num<<1)|(num >> 7);
}
-uint8_t rcl8n(uint8_t num, unsigned int n)
+static uint8_t rcl8n(uint8_t num, unsigned int n)
{
unsigned int i;
uint8_t res=num;
@@ -591,7 +493,7 @@ uint8_t rcl8n(uint8_t num, unsigned int n)
return res;
}
-uint16_t rol(uint16_t n)
+static uint16_t rol(uint16_t n)
{
return (n<<2)| ((n & 0xC000) >> 14);
}
@@ -615,30 +517,30 @@ enum { ALGO_AMI_F0, ALGO_AMI, ALGO_AMI_80, ALGO_UNKNOW, ALGO_AWARD, ALGO_AWARD6,
enum { AFF_SCAN,AFF_ASCII};
-void table2val(unsigned int*dst, const uint8_t *src, const unsigned int lng, const unsigned int *table)
+static void table2val(unsigned int*dst, const uint8_t *src, const unsigned int lng, const unsigned int *table)
{
int i;
- for(i=0;i<lng;i++)
+ for(i=0; i<lng; i++)
{
dst[i]=src[table[i]];
}
}
-void aff_result(const unsigned int*src, const unsigned int lng)
+static void aff_result(const unsigned int*src, const unsigned int lng)
{
unsigned int i;
putchar('[');
- for(i=0;(i<lng) && (src[i]!=VAL_STOP);i++)
+ for(i=0; i<lng && src[i]!=VAL_STOP; i++)
{
if(src[i]==UNKNOWN_CAR)
putchar('?');
else
- putchar(filtre(src[i]));
+ putchar(filter(src[i]));
}
putchar(']');
}
-int generic_ami(unsigned int*dst, const unsigned int lng, const int methode)
+static int generic_ami(unsigned int*dst, const unsigned int lng, const int methode)
{
int pos;
unsigned char ah,al;
@@ -649,7 +551,7 @@ int generic_ami(unsigned int*dst, const unsigned int lng, const int methode)
case ALGO_AMI_80: al=0x80; break;
default: printf("Bad AMI ALGO"); return 1;
}
- for(pos=1;pos<lng;pos++)
+ for(pos=1; pos<lng; pos++)
{
unsigned int i;
if (dst[pos]==VAL_STOP)
@@ -674,10 +576,10 @@ int generic_ami(unsigned int*dst, const unsigned int lng, const int methode)
return 0;
}
-void generic_acer(unsigned int *dst, const unsigned int lng)
+static void generic_acer(unsigned int *dst, const unsigned int lng)
{
int i;
- for(i=0;(i<lng)&&(dst[i]!=VAL_STOP);i++)
+ for(i=0; i<lng && dst[i]!=VAL_STOP; i++)
{
dst[i]=dst[i]>>1; /* ibm_1 */
}
@@ -686,25 +588,26 @@ void generic_acer(unsigned int *dst, const unsigned int lng)
*/
}
-void generic_award6(unsigned int *dst, const unsigned int lng)
+static void generic_award6(unsigned int *dst, const unsigned int lng)
{
int i;
- for(i=0;(i<lng)&&(dst[i]!=VAL_STOP);i++)
+ for(i=0; i<lng && dst[i]!=VAL_STOP; i++)
dst[i]=rcl8n(dst[i],i);
}
-void generic_unknown(unsigned int*dst, const unsigned int lng)
+static void generic_unknown(unsigned int*dst, const unsigned int lng)
{
int i;
- for(i=0;(i<lng)&&(dst[i]!=VAL_STOP);i++)
+ for(i=0; i<lng && dst[i]!=VAL_STOP; i++)
dst[i]=UNKNOWN_CAR;
}
-int check_filled(const unsigned int*value, const unsigned int lng, const unsigned int filled_value)
+#if 0
+static int check_filled(const unsigned int*value, const unsigned int lng, const unsigned int filled_value)
{
int i;
int etat=0;
- for(i=0;i<lng;i++)
+ for(i=0; i<lng; i++)
{
switch(etat)
{
@@ -719,129 +622,30 @@ int check_filled(const unsigned int*value, const unsigned int lng, const unsigne
}
return 0;
}
+#endif
-void generic_phoenix_shift(unsigned int *value, const unsigned int lng)
+static void generic_phoenix_shift(unsigned int *value, const unsigned int lng)
{
unsigned int i;
- for(i=0;(i<lng)&&(value[i]!=VAL_STOP);i++)
+ for(i=0; i<lng && value[i]!=VAL_STOP; i++)
value[i]=rcl8n(value[i],i+1);
}
-void generic_phoenix_xor(unsigned int *value, const unsigned int lng)
+static void generic_phoenix_xor(unsigned int *value, const unsigned int lng)
{
unsigned int i;
- for(i=0;(i<lng)&&(value[i]!=VAL_STOP);i++)
+ for(i=0; i<lng && value[i]!=VAL_STOP; i++)
value[i]=(value[i] ^ 0xF0) + i;
}
-void generic_phoenix_add(unsigned int *value, const unsigned int lng)
+static void generic_phoenix_add(unsigned int *value, const unsigned int lng)
{
unsigned int i;
- for(i=0;(i<lng)&&(value[i]!=VAL_STOP);i++)
+ for(i=0; i<lng && value[i]!=VAL_STOP; i++)
value[i]+=0x20;
}
-void generic_basic(const unsigned int offset, const unsigned int lng, const int algo,const unsigned int val_stop,const int mode_aff, const uint8_t *data_src)
-{
- unsigned int i;
-#if defined(__MSDOS__) || defined(WIN32)
- unsigned int value[10];
-#else
- unsigned int value[lng];
-#endif
- for(i=0;i<lng;i++)
- value[i]=data_src[offset+i];
- generic_table(value, lng, algo, val_stop, mode_aff);
-}
-
-void generic_table(unsigned int *value, const unsigned int lng, const int algo,const unsigned int val_stop,const int mode_aff)
-{
- {
- unsigned int i;
- for(i=0;i<lng;i++)
- if(value[i]==val_stop && algo!=ALGO_COMPAQ)
- value[i]=VAL_STOP;
- }
- switch(algo)
- {
- case ALGO_AMI_F0:
- case ALGO_AMI:
- case ALGO_AMI_80:
- generic_ami(value,lng,algo);
- break;
- case ALGO_UNKNOW:
- generic_unknown(value,lng);
- break;
- case ALGO_ACER:
- generic_acer(value,lng);
- break;
- case ALGO_AWARD6:
- generic_award6(value,lng);
- break;
- case ALGO_PACKARD:
-// check_filled(value,lng,val_stop);
- generic_packard(value,lng);
- break;
- case ALGO_NONE:
- break;
- case ALGO_PHOENIX_SHIFT:
- generic_phoenix_shift(value,lng);
- break;
- case ALGO_PHOENIX_XOR:
- generic_phoenix_xor(value,lng);
- break;
- case ALGO_PHOENIX_ADD:
- generic_phoenix_add(value,lng);
- break;
- case ALGO_DTK:
- generic_dtk(value,lng);
- break;
- case ALGO_COMPAQ:
- generic_compaq(value,lng);
- break;
- default:
- printf("BAD ALGO\n");
- return;
- }
- if(mode_aff==AFF_SCAN)
- convert_scancode2ascii(value,lng);
- aff_result(value,lng);
-}
-
-/* ================================================================= */
-int check_crcadd(int position, int size, int pos_crc)
-{
- int i;
- int crc=0;
- for(i=position;i<position+size;i++)
- crc+=cmos[i];
- return ((crc & 0xFF) == cmos[pos_crc]);
-}
-
-void generic_packard(unsigned int *value, const unsigned int lng)
-{
- int i;
- for(i=1;(i<lng)&&(value[i]!=VAL_STOP);i++) /* Ecrase le "CRC ?" */
- {
- value[i-1]=get_table_pb(value[i]);
- }
- value[i-1]=VAL_STOP;
-}
-
-void generic_crc(int algo, int position, const uint8_t *data_src)
-{
- switch(algo)
- {
- case ALGO_AWARD:
- brute_award(get32(position,data_src));
- break;
- case ALGO_TOSHIBA:
- brute_toshiba(get32(position,data_src));
- break;
- }
-}
-
-void generic_compaq(unsigned int *value, const unsigned int lng)
+static void generic_compaq(unsigned int *value, const unsigned int lng)
{
unsigned int i,j;
#if defined(__MSDOS__)||defined(WIN32)
@@ -943,7 +747,7 @@ void generic_compaq(unsigned int *value, const unsigned int lng)
value2[4*i+3]=value[4*i+2]&0x7F;
}
}
- for(i=0;i<lng;i++)
+ for(i=0; i<lng; i++)
{
if(value2[i]==0)
value[i]=VAL_STOP;
@@ -952,7 +756,7 @@ void generic_compaq(unsigned int *value, const unsigned int lng)
}
}
-void generic_dtk(unsigned int *value, const unsigned int lng)
+static void generic_dtk(unsigned int *value, const unsigned int lng)
{
unsigned int i;
#if defined(__MSDOS__)||defined(WIN32)
@@ -960,7 +764,7 @@ void generic_dtk(unsigned int *value, const unsigned int lng)
#else
unsigned int value2[lng];
#endif
- for(i=0;i<lng;i++)
+ for(i=0; i<lng; i++)
{
int b;
switch(i%4)
@@ -978,7 +782,7 @@ void generic_dtk(unsigned int *value, const unsigned int lng)
else
value2[i]=b-1+'A';
}
- for(i=0;i<lng;i++)
+ for(i=0; i<lng; i++)
{
if(value2[i]==0)
value[i]=VAL_STOP;
@@ -987,7 +791,8 @@ void generic_dtk(unsigned int *value, const unsigned int lng)
}
}
-void generic_7bit(unsigned int *value, const unsigned int lng)
+#if 0
+static void generic_7bit(unsigned int *value, const unsigned int lng)
{
unsigned int i;
#if defined(__MSDOS__)||defined(WIN32)
@@ -1003,7 +808,7 @@ void generic_7bit(unsigned int *value, const unsigned int lng)
value2[5]=(((value2[2]<<5)&0xff)|(value[3]>>3))&0x7f;
value2[6]=(((value2[1]<<6)&0xff)|(value[2]>>2))&0x7f;
value2[7]=(((value2[0]<<7)&0xff)|(value[1]>>1))&0x7f;
- for(i=0;i<lng;i++)
+ for(i=0; i<lng; i++)
{
if(value2[i]==0)
value[i]=VAL_STOP;
@@ -1011,74 +816,172 @@ void generic_7bit(unsigned int *value, const unsigned int lng)
value[i]=value2[i];
}
}
+#endif
+
+static void generic_packard(unsigned int *value, const unsigned int lng)
+{
+ int i;
+ for(i=1; i<lng && value[i]!=VAL_STOP; i++) /* Ecrase le "CRC ?" */
+ {
+ value[i-1]=get_table_pb(value[i]);
+ }
+ value[i-1]=VAL_STOP;
+}
+
+static void convert_scancode2ascii(unsigned int*dst, const unsigned int lng)
+{
+ unsigned int i;
+ for (i=0; i<lng && dst[i]!=VAL_STOP; i++)
+ if(dst[i]!=VAL_UNK)
+ dst[i]=scan2ascii(dst[i]);
+}
+
+
+static void generic_table(unsigned int *value, const unsigned int lng, const int algo,const unsigned int val_stop,const int mode_aff)
+{
+ {
+ unsigned int i;
+ for(i=0; i<lng; i++)
+ if(value[i]==val_stop && algo!=ALGO_COMPAQ)
+ value[i]=VAL_STOP;
+ }
+ switch(algo)
+ {
+ case ALGO_AMI_F0:
+ case ALGO_AMI:
+ case ALGO_AMI_80:
+ generic_ami(value,lng,algo);
+ break;
+ case ALGO_UNKNOW:
+ generic_unknown(value,lng);
+ break;
+ case ALGO_ACER:
+ generic_acer(value,lng);
+ break;
+ case ALGO_AWARD6:
+ generic_award6(value,lng);
+ break;
+ case ALGO_PACKARD:
+// check_filled(value,lng,val_stop);
+ generic_packard(value,lng);
+ break;
+ case ALGO_NONE:
+ break;
+ case ALGO_PHOENIX_SHIFT:
+ generic_phoenix_shift(value,lng);
+ break;
+ case ALGO_PHOENIX_XOR:
+ generic_phoenix_xor(value,lng);
+ break;
+ case ALGO_PHOENIX_ADD:
+ generic_phoenix_add(value,lng);
+ break;
+ case ALGO_DTK:
+ generic_dtk(value,lng);
+ break;
+ case ALGO_COMPAQ:
+ generic_compaq(value,lng);
+ break;
+ default:
+ printf("BAD ALGO\n");
+ return;
+ }
+ if(mode_aff==AFF_SCAN)
+ convert_scancode2ascii(value,lng);
+ aff_result(value,lng);
+}
+
+static void generic_basic(const unsigned int offset, const unsigned int lng, const int algo,const unsigned int val_stop,const int mode_aff, const uint8_t *data_src)
+{
+ unsigned int i;
+#if defined(__MSDOS__) || defined(WIN32)
+ unsigned int value[10];
+#else
+ unsigned int value[lng];
+#endif
+ for(i=0; i<lng; i++)
+ value[i]=data_src[offset+i];
+ generic_table(value, lng, algo, val_stop, mode_aff);
+}
+
+
+/* ================================================================= */
+static int check_crcadd(int position, int size, int pos_crc)
+{
+ int i;
+ int crc=0;
+ for(i=position; i<position+size; i++)
+ crc+=cmos[i];
+ return ((crc & 0xFF) == cmos[pos_crc]);
+}
/* Brute force Award */
-int awa_pos;
-char awa_res[9];
+static int awa_pos;
+static char awa_res[9];
-uint8_t brute_awa(uint16_t but, uint16_t somme, uint8_t lng)
+static uint8_t brute_awa(uint16_t but, uint16_t somme, uint8_t lng)
{
uint8_t p;
static uint8_t const tbl_car[]={'0','1','2','3','4','5','6'};
-
if (lng==0)
return (but==somme);
- else
- for (p=0;p<4;p++)
- if (brute_awa(but, rol(somme) + tbl_car[p], lng-1))
- {
- awa_res[awa_pos++]=tbl_car[p];
- return 1;
- }
+ for (p=0; p<4; p++)
+ {
+ if (brute_awa(but, rol(somme) + tbl_car[p], lng-1))
+ {
+ awa_res[awa_pos++]=tbl_car[p];
+ return 1;
+ }
+ }
return 0;
}
-uint8_t brute_award(uint16_t but)
+static uint8_t brute_award(uint16_t but)
{
int i;
uint8_t res;
awa_pos=0;
- for(i=0;i<9;i++)
+ for(i=0; i<9; i++)
awa_res[i]='\0';
- for (i=1;i<=8;i++)
+ for (i=1; i<=8; i++)
{
res=brute_awa(but, 0,i);
if (res) break;
}
#ifndef TEST
printf("[");
- for (i=awa_pos-1;i>=0;i--) printf("%c", awa_res[i]);
+ for (i=awa_pos-1 ;i>=0; i--) printf("%c", awa_res[i]);
printf("]");
#endif
return res;
}
/* Brute force Toshiba */
-uint16_t do_tosh(uint16_t valcrc, uint8_t car)
-{
- register uint8_t ah,al,dh,dl;
- al=(uint8_t)valcrc;
- ah=valcrc>>8;
- ah^=car; /* xor ah,[bx] */
- dl=ah; /* mov dl,ah */
- dl<<=4; /* shl dl,4 C0 E2 04 */
- ah^=dl; /* xor ah,dl 32 E2 */
- dl=ah; /* mov dl,ah 8A D4 */
- dl>>=5; /* shl dl,5 */
- dl^=ah; /* xor dl,ah */
- dh=ah;
- ah<<=3;
- ah^=al;
- dh>>=4;
- ah^=dh;
- al=dl;
- return (ah<<8)|al;
-}
-
-int tosh_pos;
-char tosh_res[11];
-
-uint8_t brute_tosh(uint16_t but, uint16_t valcrc, uint8_t lng)
+static uint16_t do_tosh(uint16_t valcrc, uint8_t car)
+{
+ register uint8_t ah,al,dh,dl;
+ al=(uint8_t)valcrc;
+ ah=valcrc>>8;
+ ah^=car; /* xor ah,[bx] */
+ dl=ah; /* mov dl,ah */
+ dl<<=4; /* shl dl,4 C0 E2 04 */
+ ah^=dl; /* xor ah,dl 32 E2 */
+ dl=ah; /* mov dl,ah 8A D4 */
+ dl>>=5; /* shl dl,5 */
+ dl^=ah; /* xor dl,ah */
+ dh=ah;
+ ah<<=3;
+ ah^=al;
+ dh>>=4;
+ ah^=dh;
+ al=dl;
+ return (ah<<8)|al;
+}
+
+static int tosh_pos;
+static char tosh_res[11];
+
+static uint8_t brute_tosh(uint16_t but, uint16_t valcrc, uint8_t lng)
{
unsigned int p;
static uint8_t const tbl_car[]={0x10,0x11,0x12,0x13,0x14,0x20};
@@ -1091,7 +994,7 @@ uint8_t brute_tosh(uint16_t but, uint16_t valcrc, uint8_t lng)
}
else
{
- for (p=0;p<sizeof(tbl_car);p++)
+ for (p=0; p<sizeof(tbl_car); p++)
if (brute_tosh(but, do_tosh(valcrc,tbl_car[p]), lng-1))
{
tosh_res[tosh_pos++]=tbl_car[p];
@@ -1101,7 +1004,7 @@ uint8_t brute_tosh(uint16_t but, uint16_t valcrc, uint8_t lng)
return 0;
}
-uint8_t brute_toshiba(uint16_t but)
+static uint8_t brute_toshiba(uint16_t but)
{
int i;
uint8_t res;
@@ -1111,9 +1014,9 @@ uint8_t brute_toshiba(uint16_t but)
printf("[KEY floppy]");
return 1;
}
- for(i=0;i<10;i++)
+ for(i=0; i<10; i++)
tosh_res[i]='\0';
- for (i=1;i<=10;i++)
+ for (i=1; i<=10; i++)
{
res=brute_tosh(but, 0,i);
if (res) break;
@@ -1121,7 +1024,7 @@ uint8_t brute_toshiba(uint16_t but)
if(res)
{
putchar('[');
- for (i=tosh_pos-1;i>=0;i--)
+ for (i=tosh_pos-1 ;i>=0; i--)
putchar(scan2ascii(tosh_res[i]));
putchar(']');
}
@@ -1130,26 +1033,40 @@ uint8_t brute_toshiba(uint16_t but)
return res;
}
-void acer() /* ACER */
+static void generic_crc(int algo, int position, const uint8_t *data_src)
+{
+ switch(algo)
+ {
+ case ALGO_AWARD:
+ brute_award(get32(position,data_src));
+ break;
+ case ALGO_TOSHIBA:
+ brute_toshiba(get32(position,data_src));
+ break;
+ }
+}
+
+
+static void acer() /* ACER */
{
printf(m_acer);
generic_basic(0x27, 7, ALGO_ACER,0,AFF_SCAN,cmos);
generic_basic(0x100, 7, ALGO_ACER, 0,AFF_ASCII,cmos);
}
-void ami_old() /* AMI */
+static void ami_old() /* AMI */
{
printf(m_ami_old);
generic_basic(0x37, 1+6, ALGO_AMI_F0,0,AFF_ASCII,cmos);
}
-void ami_winbios()
+static void ami_winbios()
{
printf(m_ami_winbios);
generic_basic(0x37, 1+6, ALGO_AMI,0,AFF_SCAN,cmos);
}
-void ami_winbios2()
+static void ami_winbios2()
{
printf(m_ami_winbios25);
generic_basic(0x37, 1+6, ALGO_AMI_80,0,AFF_SCAN,cmos);
@@ -1161,7 +1078,14 @@ void ami_winbios2()
}
-void ami_unk()
+static void ami_2005()
+{
+ /* wasta */
+ printf(m_ami_2005);
+ generic_basic(0x84, 1+6, ALGO_AMI_80,0,AFF_SCAN,cmos);
+}
+
+static void ami_unk()
{
/* Philippe Biondi */
printf(m_ami_unk);
@@ -1174,7 +1098,7 @@ void ami_unk()
generic_basic(0x50, 1+7, ALGO_AMI_80,0,AFF_SCAN,cmos);
}
-void samsung()
+static void samsung()
{
printf(m_samsung_P25);
generic_basic(0xE3,7,ALGO_NONE,0,AFF_SCAN,cmos);
@@ -1182,7 +1106,7 @@ void samsung()
generic_basic(0xF8,7,ALGO_NONE,0,AFF_SCAN,cmos);
}
-void sony_vaio()
+static void sony_vaio()
{
printf(m_Sony_Vaio);
generic_basic(0x00,7,ALGO_ACER,0,AFF_ASCII,cmos);
@@ -1207,7 +1131,7 @@ void sony_vaio()
/* AMI @art.fr CRC+Crypted adm pwd at 38-3F, filled with 00
* user pwd at 0x40-47 */
-void zenith_ami()
+static void zenith_ami()
{
printf(m_zenith_ami);
generic_basic(0x38+1, 7, ALGO_UNKNOW,0,AFF_ASCII,cmos);
@@ -1218,7 +1142,7 @@ void zenith_ami()
/* AWARD */
-void award()
+static void award()
{
printf(m_award);
generic_crc(ALGO_AWARD,0x1C,cmos);
@@ -1231,7 +1155,7 @@ void award()
generic_crc(ALGO_AWARD,0x3E,cmos); /* User slug(at)navigator.lv */
}
-void award_medallion()
+static void award_medallion()
{
/* Pencho Penchev <ppencho@hotmail.com>
Hewllett Packard Brio system
@@ -1243,7 +1167,7 @@ void award_medallion()
generic_crc(ALGO_AWARD,0x71,cmos); /* Lewis DH */
}
-void award6()
+static void award6()
{
printf(m_award6);
/* Tompa Lorand-Mihaly, april 2003 */
@@ -1257,13 +1181,13 @@ void award6()
}
/* COMPAQ */
-void compaq()
+static void compaq()
{
printf(m_compaq);
generic_basic(0x38, 8, ALGO_NONE,0,AFF_SCAN,cmos);
}
-void compaq2()
+static void compaq2()
{
printf(m_compaq2);
generic_basic(0x51, 7, ALGO_NONE,0,AFF_SCAN,cmos); /* setup */
@@ -1271,7 +1195,7 @@ void compaq2()
}
-void compaq_deskpro()
+static void compaq_deskpro()
{
printf(m_compaq_deskpro);
/* - Luka "The /\/\ighty \/\/izzy"
@@ -1286,20 +1210,20 @@ void compaq_deskpro()
/* IBM */
-void ibm()
+static void ibm()
{
printf(m_ibm);
generic_basic(0x48, 7, ALGO_NONE,0,AFF_SCAN,cmos);
generic_basic(0x38, 7, ALGO_NONE,0,AFF_SCAN,cmos);
}
-void ibm_thinkpad()
+static void ibm_thinkpad()
{
printf(m_ibm_thinkpad);
generic_basic(0x38, 7, ALGO_NONE,0,AFF_SCAN,cmos); /* pwd boot */
}
-void ibm_thinkpad2()
+static void ibm_thinkpad2()
{
printf(m_ibm_thinkpad_x20_570_t20);
generic_basic(0x338, 7, ALGO_NONE,0,AFF_SCAN,cmos);
@@ -1312,13 +1236,19 @@ void ibm_thinkpad2()
generic_basic(0x40, 7, ALGO_NONE,0,AFF_SCAN,cmos);
}
-void ibm_300()
+static void ibm_300()
{
printf(m_ibm_300);
generic_basic(0x48, 7, ALGO_NONE,0,AFF_SCAN,cmos);
}
-void packardbell() /* PACKARD BELL */
+static void insyde(void)
+{
+ printf(m_insyde);
+ /* HP DV7T-6100 Quad Edition */
+}
+
+static void packardbell() /* PACKARD BELL */
{
printf(m_packardbell);
generic_basic(0x38, 1+7, ALGO_PACKARD,0xFF,AFF_ASCII,cmos);
@@ -1326,7 +1256,7 @@ void packardbell() /* PACKARD BELL */
generic_basic(0x40, 1+7, ALGO_PACKARD,0xFF,AFF_ASCII,cmos);
}
-void phoenix() /* PHOENIX */
+static void phoenix() /* PHOENIX */
{
static const int tbl_phoenix[8]={0x39,0x3C,0x3B,0x3F,0x38,0x3E,0x3D,0x3A};
unsigned int value[8];
@@ -1338,7 +1268,7 @@ void phoenix() /* PHOENIX */
printf("[");
for (i=0;i<7 && value[i]!=0;i++)
{
- printf("%c",filtre(res[i]));
+ printf("%c",filter(res[i]));
res[i]=(value[i] ^ 0xF0) + i;
crc+=res[i];
}
@@ -1347,7 +1277,7 @@ void phoenix() /* PHOENIX */
printf(" CRC pwd err");
}
-void phoenix_1_03()
+static void phoenix_1_03()
{
printf(m_phoenix_1_03);
if(((cmos[0x60]==0)||(cmos[0x60]==1))&&(cmos[0x61]<=7))
@@ -1360,14 +1290,14 @@ void phoenix_1_03()
* */
}
-void phoenix_1_04()
+static void phoenix_1_04()
{
printf(m_phoenix_1_04);
generic_basic(0x50, 7, ALGO_NONE,0,AFF_SCAN,cmos); /* setup */
generic_basic(0x48, 7, ALGO_NONE,0,AFF_SCAN,cmos);
}
-void phoenix_1_10()
+static void phoenix_1_10()
{ /* Phoenix Bios V1.10 A03 / Dell GXi */
printf(m_phoenix_1_10);
if(!check_crcadd(0x1D,7,0x1D+7) || !check_crcadd(0x38,7,0x38+7))
@@ -1379,13 +1309,13 @@ void phoenix_1_10()
generic_basic(0x38, 7, ALGO_NONE,0,AFF_SCAN,cmos);
}
-void phoenix4()
+static void phoenix4()
{
printf(m_phoenix4);
generic_basic(0x35, 7, ALGO_NONE,0,AFF_SCAN,cmos); /* user */
}
-void phoenix405()
+static void phoenix405()
{
static const int tbl[8]={0x45,0x52,0x4b,0x4a,0x50,0x4F,0x4D,0x48};
static const int tbl2[8]={0x4c,0x51,0x49,0x54,0x53,0x47,0x46,0x4E};
@@ -1397,12 +1327,12 @@ void phoenix405()
generic_table(value, 8, ALGO_NONE,0,AFF_SCAN);
}
-void phoenix406()
+static void phoenix406()
{
printf(m_phoenix406);
generic_basic(0x45, 8, ALGO_NONE,0,AFF_SCAN,cmos);
}
-void phoenix_40_r_60()
+static void phoenix_40_r_60()
{
printf(m_phoenix_40_r_60);
generic_basic(0x35, 7, ALGO_PHOENIX_SHIFT,0,AFF_SCAN,cmos);
@@ -1412,7 +1342,7 @@ void phoenix_40_r_60()
generic_basic(0x98, 8, ALGO_PHOENIX_SHIFT,0,AFF_SCAN,cmos);
}
-void dtk()
+static void dtk()
{
printf(m_dtk);
generic_basic(0x38,4,ALGO_DTK,0,AFF_ASCII,cmos);
@@ -1420,21 +1350,21 @@ void dtk()
}
-void gateway_ph()
+static void gateway_ph()
{ /* Gateway Solo */
printf(m_gateway_ph);
generic_basic(0x40, 7, ALGO_NONE,0,AFF_SCAN,cmos);
generic_basic(0x47, 7, ALGO_NONE,0,AFF_SCAN,cmos);
}
-void phoenixa08()
+static void phoenixa08()
{
printf(m_phoenixa08);
generic_basic(0x23, 7, ALGO_NONE,0,AFF_SCAN,cmos);
generic_basic(0x42, 7, ALGO_NONE,0,AFF_SCAN,cmos);
}
-void toshiba()
+static void toshiba()
{
printf(m_toshiba);
generic_crc(ALGO_TOSHIBA,0x35,cmos);
@@ -1442,7 +1372,7 @@ void toshiba()
}
-void set_permissions()
+static void set_permissions()
{
#if defined(__linux__)
if (ioperm(PORT_CMOS_0,4*2,IO_READ|IO_WRITE))
@@ -1511,7 +1441,7 @@ HANDLE h;
#endif
}
-void unset_permissions()
+static void unset_permissions()
{
#ifdef __linux__
ioperm(PORT_CMOS_0,4*2,0);
@@ -1521,7 +1451,7 @@ void unset_permissions()
}
uint8_t read_cmos(const unsigned int cell);
-void write_cmos(const unsigned int cell, const uint8_t value);
+static void write_cmos(const unsigned int cell, const uint8_t value);
uint8_t read_cmos(const unsigned int cell)
{
if(cell<128)
@@ -1549,7 +1479,7 @@ uint8_t read_cmos(const unsigned int cell)
return 0;
}
-void write_cmos(const unsigned int cell, const uint8_t value)
+static void write_cmos(const unsigned int cell, const uint8_t value)
{
if(cell<128)
{
@@ -1577,7 +1507,7 @@ void write_cmos(const unsigned int cell, const uint8_t value)
}
}
-int kill_cmos(const int cmos_size)
+static int kill_cmos(const int cmos_size)
{
int i;
char car;
@@ -1605,7 +1535,7 @@ int kill_cmos(const int cmos_size)
return 0;
}
-int load_cmos(const int cmos_size)
+static int load_cmos(const int cmos_size)
{
int i;
set_permissions();
@@ -1615,7 +1545,7 @@ int load_cmos(const int cmos_size)
return 0;
}
-int restore_cmos(const int cmos_size,const int choix)
+static int restore_cmos(const int cmos_size,const int choix)
{
int i;
char car='2';
@@ -1643,7 +1573,7 @@ int restore_cmos(const int cmos_size,const int choix)
return 0;
}
-int load_backup(const char* name)
+static int load_backup(const char* name)
{
FILE *fb;
unsigned char buffer[TAILLE_BUFFER+1];
@@ -1921,7 +1851,7 @@ int load_backup(const char* name)
return cmos_size;
}
-int save_backup(const int cmos_size, const char* name)
+static int save_backup(const int cmos_size, const char* name)
{
FILE *fb;
fb=fopen(name,"wb");
@@ -1940,7 +1870,7 @@ int save_backup(const int cmos_size, const char* name)
}
#ifdef __linux__
-void award_backdoor()
+static void award_backdoor()
{
int i;
char car;
@@ -1953,14 +1883,14 @@ void award_backdoor()
for(i=0;i<8;i++)
{
fread(&car,1,1,fb);
- putchar(filtre((car<<5)|(car>>5)|(car&0x18)));
+ putchar(filter((car<<5)|(car>>5)|(car&0x18)));
}
fclose(fb);
printf("]\n");
}
#endif
-void keyb_mem()
+static void keyb_mem()
{
#ifdef __linux__
FILE *fb;
@@ -1975,34 +1905,46 @@ void keyb_mem()
printf(m_Keyb_Mem);
printf("[");
for(i=0;i<sizeof(mem) && mem[i]!=0;i+=2)
- printf("%c", filtre(scan2ascii(mem[i])));
+ printf("%c", filter(scan2ascii(mem[i])));
printf("]\n");
#endif
}
-void wait_key()
+static void wait_key()
{
printf("\nPress Enter key to continue");
fflush(stdout);
getchar();
}
-void convert_uchar2uint(unsigned int *dst, const unsigned char *src, const unsigned int cmos_size)
+static void convert_uchar2uint(unsigned int *dst, const unsigned char *src, const unsigned int cmos_size)
{
unsigned int i;
for(i=0;i<cmos_size;i++)
dst[i]=src[i];
}
-void convert_scancode2ascii(unsigned int*dst, const unsigned int lng)
-{
- unsigned int i;
- for (i=0;i<lng && dst[i]!=VAL_STOP;i++)
- if(dst[i]!=VAL_UNK)
- dst[i]=scan2ascii(dst[i]);
-}
+static void (*tbl_func[])(void)=
+{
+ acer,
+ ami_old, ami_2005, ami_winbios, ami_winbios2, ami_unk,
+ award, award_medallion, award6,
+ compaq,compaq_deskpro,compaq2,
+ dtk,
+ ibm,ibm_thinkpad,ibm_thinkpad2,ibm_300,
+ insyde,
+ packardbell,
+ phoenix,phoenix_1_03,phoenix_1_04,phoenix_1_10,phoenix4,phoenix_40_r_60,phoenix405,phoenix406,
+ phoenixa08,
+ gateway_ph,
+ samsung,
+ sony_vaio,
+ toshiba,
+ zenith_ami,
+ keyb_mem
+};
+#define nbr_func sizeof(tbl_func)/sizeof(*tbl_func)
-/* MAIN PROGRAM */
int main(int argc, char *argv[])
{
int arg_load_filename=-1;
@@ -2011,7 +1953,8 @@ int main(int argc, char *argv[])
int do_dump=0;
int cmos_size=TAILLE_CMOS;
enum {MODE_NORM,MODE_HELP,MODE_LOAD, MODE_SAVE, MODE_KILL, MODE_RESTORE, MODE_RESTORE_FORCE} mode=MODE_NORM;
- printf("CmosPwd - BIOS Cracker 5.1, Februar 2008, Copyright 1996-2008\n"
+
+ printf("CmosPwd - BIOS Cracker 5.2, November 2012, Copyright 1996-2012\n"
"GRENIER Christophe, grenier@cgsecurity.org\n"
"http://www.cgsecurity.org/\n");
memset(cmos, 0, sizeof(cmos));
@@ -2198,9 +2141,7 @@ int main(int argc, char *argv[])
dump(cmos,cmos_processed,cmos_size);
free(cmos_processed);
}
-#ifndef __MSDOS__
printf("\n");
fflush(stdout);
-#endif
return 0;
}