├── AddrInfo.pro ├── README.md ├── addrinfo.c └── bios.h /AddrInfo.pro: -------------------------------------------------------------------------------- 1 | TEMPLATE = app 2 | CONFIG += console 3 | CONFIG -= qt 4 | 5 | SOURCES += \ 6 | addrinfo.c 7 | 8 | HEADERS += \ 9 | bios.h 10 | 11 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | AddrInfo 2 | ======== 3 | 4 | Nothing interesting here, just a small utility for looking into ASUS BIOS files. 5 | -------------------------------------------------------------------------------- /addrinfo.c: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | #include 4 | #include "bios.h" 5 | 6 | #define ERR_OK 0 7 | #define ERR_ARGS 1 8 | #define ERR_INPUT_FILE 2 9 | #define ERR_OUTPUT_FILE 3 10 | #define ERR_MEMORY 4 11 | #define ERR_NO_ASUSBKP 5 12 | 13 | /* memmem - implementation of GNU memmem function using Boyer-Moore-Horspool algorithm */ 14 | unsigned char* memmem(unsigned char* string, size_t slen, const unsigned char* pattern, size_t plen) 15 | { 16 | size_t scan = 0; 17 | size_t bad_char_skip[256]; 18 | size_t last; 19 | 20 | if (plen == 0 || !string || !pattern) 21 | return NULL; 22 | 23 | for (scan = 0; scan <= 255; scan++) 24 | bad_char_skip[scan] = plen; 25 | 26 | last = plen - 1; 27 | 28 | for (scan = 0; scan < last; scan++) 29 | bad_char_skip[pattern[scan]] = last - scan; 30 | 31 | while (slen >= plen) 32 | { 33 | for (scan = last; string[scan] == pattern[scan]; scan--) 34 | if (scan == 0) 35 | return string; 36 | 37 | slen -= bad_char_skip[string[last]]; 38 | string += bad_char_skip[string[last]]; 39 | } 40 | 41 | return NULL; 42 | } 43 | 44 | /* find_free_space - finds free space between begin and end to insert new module. Returns alligned pointer to empty space or NULL if it can't be found. */ 45 | unsigned char* find_free_space(unsigned char* begin, unsigned char* end, size_t space_length, size_t allign) 46 | { 47 | size_t pos; 48 | size_t free_bytes; 49 | 50 | if (space_length == 0 || !begin || !end) 51 | return NULL; 52 | 53 | free_bytes = 0; 54 | for(pos = 0; pos < (size_t)(end - begin); pos++) 55 | { 56 | if(*(begin+pos) == (unsigned char)'\xFF') 57 | free_bytes++; 58 | else 59 | free_bytes = 0; 60 | if(free_bytes == space_length) 61 | { 62 | pos -= free_bytes; /* back at the beginning of free space */ 63 | if(allign > 1) 64 | pos += allign - pos%allign; /* alligning */ 65 | return begin + pos; 66 | } 67 | } 68 | return NULL; 69 | } 70 | 71 | int main(int argc, char* argv[]) 72 | { 73 | FILE* file; /* file pointer to work with input and output file */ 74 | char* inputfile; /* path to input file*/ 75 | char* outputfile; /* path to output file */ 76 | unsigned char* buffer; /* buffer to read input file into */ 77 | size_t filesize; /* size of opened file */ 78 | size_t read; /* read bytes counter */ 79 | size_t rest; /* rest of filesize to search in */ 80 | unsigned char* asusbkp; /* ASUSBKP header */ 81 | unsigned char* module; /* FD44 module header */ 82 | unsigned char* me; /* ME firmware header */ 83 | unsigned char* gbe; /* GbE firmware header */ 84 | unsigned char* s2lp; /* */ 85 | unsigned char* keys; /* */ 86 | unsigned char* freespace; /* */ 87 | unsigned char* msoa; /* */ 88 | ptrdiff_t asusbkp_start_address = -1; /* */ 89 | ptrdiff_t asusbkp_s2lp_address = -1; /* */ 90 | ptrdiff_t asusbkp_keys_address = -1; /* */ 91 | ptrdiff_t asusbkp_freespace_address = -1; /* ASUSBKP free space address*/ 92 | ptrdiff_t slic_s2lp_address = -1; /* */ 93 | ptrdiff_t slic_keys_address = -1; /* */ 94 | ptrdiff_t slic_freespace_address = -1; /* */ 95 | ptrdiff_t me_start_address = -1; /* ME start address */ 96 | ptrdiff_t gbe_start_address = -1; /* GbE start address */ 97 | ptrdiff_t bsa_adresses[MAX_FD44_MODULES]; /* BSA modules addresses*/ 98 | size_t bsa_count = 0; /* BSA modules count*/ 99 | 100 | if(argc < 3) 101 | { 102 | printf("AddrInfo v0.2.1\nThis program finds addresses of different BIOS structures of ASUS BIOS files and stores them to INI-formated file\n\n" 103 | "Usage: AddrInfo BIOSFILE INIFILE\n\n"); 104 | return ERR_ARGS; 105 | } 106 | 107 | inputfile = argv[1]; 108 | outputfile = argv[2]; 109 | 110 | /* Opening input file */ 111 | file = fopen(inputfile, "rb"); 112 | if (!file) 113 | { 114 | fprintf(stderr, "Can't open input file\n"); 115 | return ERR_INPUT_FILE; 116 | } 117 | 118 | /* Determining file size */ 119 | fseek(file, 0, SEEK_END); 120 | filesize = ftell(file); 121 | fseek(file, 0, SEEK_SET); 122 | 123 | /* Allocating memory for buffer */ 124 | buffer = (unsigned char*)malloc(filesize); 125 | if (!buffer) 126 | { 127 | fprintf(stderr, "Can't allocate memory for input buffer\n"); 128 | return ERR_MEMORY; 129 | } 130 | 131 | /* Reading whole file to buffer */ 132 | read = fread((void*)buffer, sizeof(char), filesize, file); 133 | if (read != filesize) 134 | { 135 | fprintf(stderr, "Can't read input file\n"); 136 | return ERR_INPUT_FILE; 137 | } 138 | 139 | /* Searching for ASUSBKP */ 140 | asusbkp = memmem(buffer, filesize, ASUSBKP_HEADER, sizeof(ASUSBKP_HEADER)); 141 | if(!asusbkp) 142 | { 143 | fprintf(stderr, "ASUSBKP signature not found in BIOS file. Nothing to do\n"); 144 | return ERR_NO_ASUSBKP; 145 | } 146 | 147 | /* Storing ASUSBKP address */ 148 | asusbkp_start_address = asusbkp - buffer; 149 | 150 | /* Finding free space in ASUSBKP, alligned to 4 */ 151 | freespace = find_free_space(asusbkp, buffer + filesize - 1, ASUSBKP_FREE_SPACE_LENGTH, 4); 152 | if(!freespace) 153 | { 154 | fprintf(stderr, "No space left in ASUSBKP to insert data\n"); 155 | return ERR_NO_ASUSBKP; 156 | } 157 | 158 | /* Storing free space address */ 159 | asusbkp_freespace_address = freespace - buffer; 160 | 161 | /* Searching for S2LP in ASUSBKP */ 162 | rest = freespace - asusbkp; 163 | s2lp = memmem(asusbkp, rest, ASUSBKP_S2LP_HEADER, sizeof(ASUSBKP_S2LP_HEADER)); 164 | if(s2lp) 165 | asusbkp_s2lp_address = s2lp - buffer; 166 | 167 | /* Searching for KEYS in ASUSBKP */ 168 | keys = memmem(asusbkp, rest, ASUSBKP_KEYS_HEADER, sizeof(ASUSBKP_KEYS_HEADER)); 169 | if(keys) 170 | asusbkp_keys_address = keys - buffer; 171 | 172 | /* Searching for ME firmware address*/ 173 | me = memmem(buffer, filesize, ME_HEADER, sizeof(ME_HEADER)); 174 | if(me) 175 | me_start_address = me - buffer; 176 | 177 | /* Searching for GbE firmware address*/ 178 | gbe = memmem(buffer, filesize, GBE_HEADER, sizeof(GBE_HEADER)); 179 | if(gbe) 180 | gbe_start_address = gbe + GBE_MAC_OFFSET - buffer; 181 | 182 | /* Searching for MSOA module*/ 183 | msoa = memmem(buffer, filesize, MSOA_MODULE_HEADER, sizeof(MSOA_MODULE_HEADER)); 184 | if(msoa) 185 | { 186 | rest = filesize - (msoa - buffer); 187 | 188 | /* Searching for S2LP module*/ 189 | s2lp = memmem(msoa, rest, SLIC_S2LP_HEADER, sizeof(SLIC_S2LP_HEADER)); 190 | if(s2lp) 191 | slic_s2lp_address = s2lp - buffer; 192 | 193 | /* Searching for KEYS module*/ 194 | keys = memmem(msoa, rest, SLIC_KEYS_HEADER, sizeof(SLIC_KEYS_HEADER)); 195 | if(keys) 196 | slic_keys_address = keys - buffer; 197 | 198 | /* Finding free space and alligning it to 8*/ 199 | freespace = find_free_space(msoa, buffer + filesize - 1, SLIC_FREE_SPACE_LENGTH, 8); 200 | if (freespace) 201 | slic_freespace_address = freespace - buffer; 202 | } 203 | 204 | /* Searching for module header */ 205 | module = memmem(buffer, filesize, FD44_MODULE_HEADER, sizeof(FD44_MODULE_HEADER)); 206 | if(module) 207 | { 208 | /* Looking for BSA_ module */ 209 | rest = filesize - (module - buffer); 210 | while(module) 211 | { 212 | /* If one found, storing the address of it */ 213 | if (!memcmp(module + FD44_MODULE_HEADER_BSA_OFFSET, FD44_MODULE_HEADER_BSA, sizeof(FD44_MODULE_HEADER_BSA))) 214 | { 215 | module = module + FD44_MODULE_HEADER_LENGTH; 216 | bsa_adresses[bsa_count++] = module - buffer; 217 | } 218 | 219 | module = memmem(module + FD44_MODULE_HEADER_LENGTH, rest, FD44_MODULE_HEADER, sizeof(FD44_MODULE_HEADER)); 220 | rest = filesize - (module - buffer); 221 | } 222 | } 223 | 224 | /* Closing input file */ 225 | fclose(file); 226 | 227 | /* Creating output file*/ 228 | file = fopen(outputfile, "w"); 229 | 230 | /* Writing data to output file */ 231 | fprintf(file, "[ASUSBKP]\n"); 232 | asusbkp_start_address > 0 ? fprintf(file,"START=0x%08X\n", asusbkp_start_address) : fprintf(file,"START=NOT_FOUND\n"); 233 | asusbkp_keys_address > 0 ? fprintf(file,"KEYS=0x%08X\n", asusbkp_keys_address) : fprintf(file,"KEYS=NOT_FOUND\n"); 234 | asusbkp_s2lp_address > 0 ? fprintf(file,"S2LP=0x%08X\n", asusbkp_s2lp_address) : fprintf(file,"S2LP=NOT_FOUND\n"); 235 | asusbkp_freespace_address > 0 ? fprintf(file,"FREESPACE=0x%08X\n", asusbkp_freespace_address) : fprintf(file,"FREESPACE=NOT_FOUND\n"); 236 | 237 | fprintf(file, "\n[SLIC]\n"); 238 | slic_keys_address > 0 ? fprintf(file,"KEYS=0x%08X\n", slic_keys_address) : fprintf(file,"KEYS=NOT_FOUND\n"); 239 | slic_s2lp_address > 0 ? fprintf(file,"S2LP=0x%08X\n", slic_s2lp_address) : fprintf(file,"S2LP=NOT_FOUND\n"); 240 | slic_freespace_address > 0 ? fprintf(file,"FREESPACE=0x%08X\n", slic_freespace_address) : fprintf(file,"FREESPACE=NOT_FOUND\n"); 241 | 242 | fprintf(file, "\n[ME]\n"); 243 | me_start_address > 0 ? fprintf(file, "START=0x%08X\n", me_start_address) : fprintf(file,"START=NOT_FOUND\n"); 244 | 245 | fprintf(file, "\n[GBE]\n"); 246 | gbe_start_address > 0 ? fprintf(file, "START=0x%08X\n", gbe_start_address) : fprintf(file,"START=NOT_FOUND\n"); 247 | 248 | if(bsa_count) 249 | { 250 | int i; 251 | fprintf(file, "\n[BSA]\n"); 252 | for(i = 0; i < bsa_count; i++) 253 | { 254 | fprintf(file, "START%i=0x%08X\n", i, bsa_adresses[i] - FD44_MODULE_HEADER_LENGTH); 255 | fprintf(file, "DATA%i=0x%08X\n", i, bsa_adresses[i]); 256 | } 257 | } 258 | 259 | /* Closing output file */ 260 | fclose(file); 261 | 262 | /* Freeing buffer */ 263 | free(buffer); 264 | 265 | return ERR_OK; 266 | } 267 | -------------------------------------------------------------------------------- /bios.h: -------------------------------------------------------------------------------- 1 | #ifndef BIOS_H 2 | #define BIOS_H 3 | 4 | /* ASUSBKP */ 5 | const unsigned char ASUSBKP_HEADER[] = {'A','S','U','S','B','K','P','$'}; 6 | const unsigned char ASUSBKP_S2LP_HEADER[] = {'S','2','L','P','R','\x01','\x00','\x00'}; 7 | const unsigned char ASUSBKP_KEYS_HEADER[] = {'K','E','Y','S','\x1C','\x00','\x00','\x00'}; 8 | #define ASUSBKP_FREE_SPACE_LENGTH 64 9 | 10 | /* ME */ 11 | static const unsigned char ME_HEADER[] = {'\x20','\x20','\x80','\x0F','\x40', 12 | '\x00','\x00','\x10','\x00','\x00', 13 | '\x00','\x00','\x00','\x00','\x00', 14 | '\x00'}; 15 | 16 | /* GbE */ 17 | const unsigned char GBE_HEADER[] = {'\xFF','\xFF','\xFF','\xFF','\xFF', 18 | '\xFF','\xFF','\xFF','\xC3','\x10'}; 19 | #define GBE_MAC_OFFSET (-12) 20 | 21 | /* SLIC */ 22 | const unsigned char MSOA_MODULE_HEADER[] = {'\xB9','\x2A','\x90','\xA1','\x94', 23 | '\x53','\xF2','\x45','\x85','\x7A', 24 | '\x12','\x82','\x42','\x13','\xEE', 25 | '\xFB'}; 26 | const unsigned char SLIC_S2LP_HEADER[] = {'\xFB','\xEB','\xFF','\xCD','\xDC', 27 | '\x17','\xBC','\x46','\x9B','\x75', 28 | '\x59','\xB8','\x61','\x92','\x09', 29 | '\x13'}; 30 | #define SLIC_S2LP_LENGTH 366 31 | const unsigned char SLIC_KEYS_HEADER[] = {'\x58','\x44','\x63','\x15','\xA4', 32 | '\xE8','\x6D','\x43','\xAC','\x2F', 33 | '\x57','\xE3','\x3E','\x53','\x4C', 34 | '\xCF'}; 35 | #define SLIC_KEYS_LENGTH 56 36 | #define SLIC_FREE_SPACE_LENGTH 3096 37 | 38 | /* MODULE */ 39 | const unsigned char FD44_MODULE_HEADER[] = {'\x0B','\x82','\x44','\xFD','\xAB', 40 | '\xF1','\xC0','\x41','\xAE','\x4E', 41 | '\x0C','\x55','\x55','\x6E','\xB9', 42 | '\xBD'}; 43 | #define FD44_MODULE_HEADER_BSA_OFFSET 28 44 | const unsigned char FD44_MODULE_HEADER_BSA[] = {'B', 'S', 'A', '_'}; 45 | #define FD44_MODULE_HEADER_LENGTH 36 46 | #define FD44_MODULE_LENGTH 552 47 | #define MAX_FD44_MODULES 10 48 | 49 | #endif /* BIOS_H */ 50 | --------------------------------------------------------------------------------