search

coderobe / VBiosFinder

Extract embedded VBIOS from (almost) any BIOS Update
GNU Affero General Public License v3.0
129 stars 21 forks source link

HP pavilion power 15 cb006ng #17

Open ghost opened 5 years ago

ghost commented 5 years ago

Hello. Trying to extract vbio for gpu passthrough (Error 43). Arch based system My laptop https://support.hp.com/my-en/drivers/selfservice/hp-pavilion-power-15-cb000-laptop-pc/15551388/model/17104409

Bios: https://ftp.hp.com/pub/softpaq/sp96501-97000/sp96680.exe Dependencies installed. VBiosFinder ├── 3rdparty │   ├── rom-parser │   └── UEFIExtract ├── Gemfile ├── Gemfile.lock ├── _init.rb ├── LICENSE.txt ├── output ├── README.md ├── sp96680.exe ├── src │   ├── cli.rb │   ├── extract-7z.rb │   ├── extract-innosetup.rb │   ├── extraction.rb │   ├── extract-polyglot.rb │   ├── extract-uefi.rb │   ├── extract-upx.rb │   ├── extract-zlib.rb │   ├── methods.rb │   └── utils.rb ├── vbiosfinder └── vendor └── bundle

Get output... ~/.../roms/VBiosFinder >>> ./vbiosfinder extract /home/user/vm/roms/VBiosFinder/sp96680.exe ±[●][master] output will be stored in '/home/user/vm/roms/VBiosFinder/tmp-vbiosfinder' checking for ruby... yes

checking for innoextract... yes checking for upx... yes checking for 7z... yes trying to extract ./sp96680.exe found zlib archive wrong guess :( extracting uefi data trying to extract ./mkmf.log found UEFIExtract archive trying to extract ./sp96680.exe found UEFIExtract archive filtering for modules... got 2 modules finding vbios no candidates found :( input contains uefi data but no vbios could be found the vbios might not be baked into the input! Cleaning up garbage

What is "wrong guess :(" ? Thank you

coderobe commented 5 years ago

What is "wrong guess :(" ?

VBiosFinder uses heuristics to determine whether or not the file contains compressed data, this is not perfectly accurate, so when the heuristic matches it attempts to unpack any data - when this fails, we know it didn't find zlib compressed data. That's a wrong guess

That's probably unrelated to the failure you're seeing though, i'll investigate and report back with what i can find.

coderobe commented 5 years ago

It does look like there's compressed data of some form. I disassembled the executable, and it is using lzexpand to inflate data from somewhere. Couldn't find the exact details just yet, as i don't have much time at the moment.

ghost commented 5 years ago

I installed this package in windows VM and compressed temp application folder. https://drive.google.com/file/d/1wSwaijOZC3U61Szg4d1M0Wwi1pEfdv0e/view?usp=sharing Folder contains bin files with similar name like subvendor id of gpu (PCI\VEN_10DE&DEV_1C8D&SUBSYS_836B103C&REV_A1). Tried directly provide bin for kvm or your soft, but no result.