Don't ask how to hack password. (BIOS Passwords)
#51148 by stripwax
Sat Nov 29, 2008 6:48 pm
Using some insyde/systemsoft decompression code I managed to split out the BIOS for my Benq laptop (dead from a failed bios flash), and it includes a CRISIS.ROM

Dissasembling that a bit, it looks for a file named BIOS.ROM on a connected floppy drive, reads in something like 64KB of the file, and then executes some code to jump to a flash utility

It turns out that you can enter the Insyde bootblock recovery process on my laptop by turning it off, holding down the backtick key ( the ` key with ¬ and ¦ on it on my UK keyboard just below the ESC key) and turning the laptop on with this key still held down. It will take a few seconds, but if you have a USB floppy drive connected while you turn the laptop on in this way, and that floppy disk contains a file named BIOS.ROM, then the floppy will be accessed on boot, and then the laptop shows the flashing text:

"Loading Flash Utility
Please Wait..."


Unfortunately ... after that it seems to do nothing, just please waits forever. My guess is BIOS.ROM cannot be a regular rom bios update (I took the bios update from Benq's website, put it on a floppy and renamed it to BIOS.ROM). But given that the bios code only seems to load 64KB from my rough IDA disassembly, that doesn't seem right, so my guess is that BIOS.ROM is actually some flash utility provided by Insyde


Does anyone have any information on what files must go onto the Insyde crisis recovery floppy here? What should the BIOS.ROM file be and/or do I need to put additional files on the floppy to actually kick off the emergency re-flashing processes?