mereportertmp12432
commented
7 years ago any suggestions for one of those hipster vulnerability names? i'll throw "UpDateME" and "Sleeper Hold" in the room for starters.
EDIT: Decided to call it "Sleeping Pill" as a homage to the much much more sophisticated Blue and Red Pills. (Hi Joanna: Thx for Qubes! btw, needs better screensaver protection, just a gut feeling)
archfan
hi, i have a pansonic cf19mk6 with qm77 chipset and this is the story of how I was able to corrupt - and hopefully disable - my ME using fwupdlcl and the integrated programmer, so it may inspire future "research" (e.g. a one-click mecleaner.exe would be like totally friggin awesome).
me config
Local FWUpdate: Enabled BIOS Config Lock: Enabled Host Read Access to ME: Disabled Host Write Access to ME: Disabled
behaviour for fwupdlcl with me_cleaned ME.bin
https://filebin.ca/3ZorKoSiEbI2/MEREG-muchdisable.bin C:\UpdateMeFirmware\Data801>FWUpdLcl64.exe -oemid D6B09D64-DA23-49A9-8888-F663BE603389 -allowsv -f "MEREG-muchdisable.bin" Intel (R) Firmware Update Utility Version: 8.1.40.1456 Copyright (C) 2007 - 2013, Intel Corporation. All rights reserved. Communication Mode: MEI Checking firmware parameters... Warning: Do not exit the process or power off the machine before the firmware update process ends. Sending the update image to FW for verification: [ COMPLETE ] FW Update: [ 15% (Stage: 4 of 19) (-)] Error 8741: FW Update Failed. Error 8707: Firmware update failed due to an internal error
partially update OEM stock ME.bin
https://filebin.ca/3ZoqtxiQEx5m/ME.bin C:\UpdateMeFirmware\Data801>FWUpdLcl.exe -oemid D6B09D64-DA23-49A9-8888-F663BE603389 -allowsv -f "ME.bin" Intel (R) Firmware Update Utility Version: 8.1.40.1456 Copyright (C) 2007 - 2013, Intel Corporation. All rights reserved. Communication Mode: MEI Checking firmware parameters... Warning: Do not exit the process or power off the machine before the firmware update process ends. Sending the update image to FW for verification: [ COMPLETE ] FW Update: [ 35% (Stage: 13 of 19) (-)]
HIBERNATE, after being in Stage13 for 2-3 seconds ... last seen "50%" and Stage 14/19
^C Update: [ 0% (Stage: 0 of 19) (|)])]
RESUME, now see 0%, program hangs, so ctrl-c && hijack session with me_cleaned ME.bin
https://filebin.ca/3ZorKoSiEbI2/MEREG-muchdisable.bin C:\UpdateMeFirmware\Data801>FWUpdLcl.exe -oemid D6B09D64-DA23-49A9-8888-F663BE603389 -allowsv -f "MEREG-muchdisable.bin" Intel (R) Firmware Update Utility Version: 8.1.40.1456 Copyright (C) 2007 - 2013, Intel Corporation. All rights reserved. Communication Mode: MEI Checking firmware parameters... Warning: Do not exit the process or power off the machine before the firmware update process ends. Sending the update image to FW for verification: [ COMPLETE ] FW Update: [ 35% (Stage: 13 of 19) (-)]
it directly jumps to Stage 13 35% ... cool?
FW Update: [ 100% (Stage: 19 of 19) (-)] FW Update is complete and a reboot will run the new FW.
results
other oem strings @ panasonic pcinfo http://picpaste.com/diff-pcinfo.png PRE-BOOT and other ME-Name @ meinfo http://picpaste.com/diff-meinfo.png Recovery state and two wiped registers @ http://picpaste.com/diff-intelmetool.png fwupdlcl -fwver shows version, but -save and -f just hang memanuf reports some error ctrl-p reports "FW Status Recovery Error" and then just boots no issues so far, doesnt powercycle after 30 min or anything. seems good to me, especially the "pre-boot" thingy ... but what the heck do i know