Someone locked you out of your BIOS, never ferr.

Discussion in 'HP' started by mm, Oct 10, 2010.

  1. mm

    mm Guest

    I think a virus put a BIOS password in my friend's HP Mini 1000
    netbook. I know I didn't do it, and I know it had malware. I've read
    online several other stories from those who never set a password and
    are still stuck with one.

    I read about one repair shop that wanted 325 dollars to unlock the
    BIOS.

    Another website wanted $50,

    But Dogbert has programs to do it for free!

    For HP, Dell, Fujitsu, Samsung, Compaq, and all that use Phoenix
    bioses.

    Check it out.

    http://dogber1.blogspot.com/2009/05/table-of-reverse-engineered-bios.html

    Let's hear it for Dogbert! [enormous applause]

    I don't know if he says it, but the hash number to convert shows up
    after you enter the wrong password three times in a row.

    (add more newsgroups, had to split into 2 or more posts)
    microsoft.public.windowsxp.general,alt.comp.os.windows-xp,comp.sys.hp.misc,comp.sys.hp.hardware,
    comp.sys.laptops,alt.comp.virus,alt.comp.anti-virus

    And he gives his source code too. Actually everything is in the 3
    lines after the comments. Here they are for an HP netbook, for
    example, but you have to look at the page too:

    def decode(code):
    table = {'1': '3', '0': '1', '3': 'F', '2': '7', '5': 'Q',
    '4': 'V', '7': 'X', '6': 'G', '9': 'O', '8': 'U', 'a': 'C', 'c': 'E',
    'b': 'P', 'e': 'M', 'd': 'T', 'g': 'H', 'f': '8', 'i': 'Y', 'h': 'Z',
    'k': 'S', 'j': 'W', 'm': '4', 'l': 'K', 'o': 'J', 'n': '9', 'q': '5',
    'p': '2', 's': 'N', 'r': 'B', 'u': 'L', 't': 'A', 'w': 'D', 'v': '6',
    'y': 'I', 'x': '4', 'z': '0'}

    That is:
    '1': '3',
    '0': '1',
    '3': 'F',
    '2': '7',
    '5': 'Q',
    '4': 'V',
    '7': 'X',
    '6': 'G',
    '9': 'O',
    '8': 'U',
    'a': 'C',
    'c': 'E',
    'b': 'P',
    'e': 'M',
    'd': 'T',
    'g': 'H',
    'f': '8',
    'i': 'Y',
    'h': 'Z',
    'k': 'S',
    'j': 'W',
    'm': '4',
    'l': 'K',
    'o': 'J',
    'n': '9',
    'q': '5',
    'p': '2',
    's': 'N',
    'r': 'B',
    'u': 'L',
    't': 'A',
    'w': 'D',
    'v': '6',
    'y': 'I',
    'x': '4',
    'z': '0'

    Which for some reason is 18 pairs of numbers or letters and what
    character they should be converted to, each pair in reverse order from
    the normal order of numbers or letters. As in a, c, b, d, f, e.... Do
    you know why he did it that way? Anyhow, logically, if not
    programically, it is the same as what follows so you don't even need
    the program to do a mere 10 characters. Don't forget, this one is
    just HP netbooks.

    0: 1,
    1: 3,
    2: 7,
    3: F,
    4: V,
    5: Q,
    6: G,
    7: X,
    8: U,
    9: O,
    a: C,
    b: P,
    c: E,
    d: T,
    e: M,
    f: 8,
    g: H,
    h: Z,
    i: Y,
    j: W,
    k: S,
    l: K,
    m: 4,
    n: 9,
    o: J,
    p: 2,
    q: 5,
    r: B,
    s: N,
    t: A,
    u: L,
    v: 6,
    w: D,
    x: 4,
    y: I,
    z: 0

    Come to think of it, if the encoding is just simple replacement of one
    character with another, it would be easy in most cases to figure out
    the code. Just get a simlar computer, set a password for the BIOS
    using no character more than once, refuse to put the right password in
    until you get the hash code at the end, and record the mapping. Do it
    again with different passwords until you get all 36 characters. But
    Dogbert has done this for you for many many computers. Let's hear it
    for Dogbert! [thunderous applause]


    Yes, I'm sure the malware did it, maybe to keep a user from changing
    the boot order so that booting from the USB came first. Fortunately,
    I had changed it already (although the virus seems to have changed it
    back.) and also fortunately this HP unit has a separate, afaik
    non-password-protectable screen that allows a one-shot change in boot
    order.
     
    mm, Oct 10, 2010
    #1
    1. Advertisements

  2. mm

    liu Guest

    will taking the battery on motherboard out for a minute and put it
    back help?
     
    liu, Oct 10, 2010
    #2
    1. Advertisements



  3. No. A minute is almost never long enough. Typically 15 minutes or so
    is required. I'd leave it out for an hour to be sure.
     
    Ken Blake, MVP, Oct 10, 2010
    #3
  4. mm

    mm Guest

    I read online one guy who said doing that reset some of his bios info
    but not the password. This is unrelated to the page I cited, run by
    the author of the software

    Plus in this case, I'm fixing a friend's mini, and I don't want to
    fiddle with it any more than I have to.


    Googling on bios password removal battery gave me at least 10
    real hits, but now that my problem is solved, I just don't have the
    interest to read the anymore.
     
    mm, Oct 10, 2010
    #4
  5. mm

    choro Guest

    I wasn't aware that there was a BIOS battery on computers. What I know is
    that there is a Cmos battery and the Cmos needs to be discharged when
    certain changes are made to the computer. Is that the battery you are
    talking about? I certainly have seen or read about any other battery on
    computers apart from the batteries for laptop computers, obviously.

    The number of people who are fooled into buying new chips when all they need
    to do is to short the Cmos is amazing and nobody lets them cotton onto
    re-positioning the pin for a moment and then putting it back in its normal
    position. This is one of the great money spinners for computer parts
    sellers.
     
    choro, Oct 10, 2010
    #5
  6. mm

    mm Guest

    Because this is easier and though it might not work, it can't make
    things worse.

    To flash my bios I'd have to get a copy of the bios, hope that I got
    the same one, or that it doesn't change anything that works now, get
    the program that does the flashing, and hope there is no power failure
    in the middle of flashing. A laptop is likely to have a battery and
    wall current, but not always. A desktop might have a UPS but not
    always.

    It's not "all that". He offers a zip file with an .exe file and the
    source code. Just run the exe and put in the hash number and the
    answer comes back. Then enter the bios and remove the bios.
    But mine will work 100% of the time if you have the brand it's made
    for.
    That's good. This would work too. Next time you might want to try
    the software I posted about, or even just the 3 line tables. Once one
    has the table, it takes 2 or 3 minutes to look up 10 characters in it.

    I don't expect you to do things my way, but your opening made it clear
    you expecte me to do things your way.
     
    mm, Oct 11, 2010
    #6
  7. mm

    Dustin Guest

    Am I reading this correctly? Your reflashing a system bios and placing
    risk of turning the mainboard into a pile of parts to evade a cmos
    password? AND, you have people that let you do this?

    I am consistently amazed by some of the stories I read from so called,
    techs...
     
    Dustin, Oct 16, 2010
    #7
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.