7/23/2019 BDMaster GUIDE Extract Encapsulated Bios http://slidepdf.com/reader/full/bdmaster-guide-extract-encapsulated-bios 1/14 BDMaster ’s GUIDE to Extract Encapsulated BiosTo Extract original bios from encapsulated version You have to find "FLASH" string : Bios has normally a lenght of 4194304 bytes (0x400000) so count from here 4096Kb to get the end. Look as bios is : Encapsulated and Uncompressed ! If You run upgrade utility it will decompress bios and You'll find it as .bin or . rom or .fd file in %TEMP% folder and It could have a different size over 4096kb, but only cause It is encapsulated in a dos or windows .exe program. So look an example : Acer Aspire V3-771G bios v.2.23 VAGV223 Start 0x00000000 (MZ = Microsoft executable program)4D5A00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000B0000000 MZ.............................................................. Find for "FLASH" in HexEditor : (Remember if You use the decompressed bios file there will be 4 items, but in .exe there are 5, first one don’t count)
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
To Extract original bios from encapsulated version You have to find "FLASH" string :
Bios has normally a lenght of 4194304 bytes (0x400000) so count from here 4096Kb to get the end.
Look as bios is : Encapsulated and Uncompressed !
If You run upgrade utility it will decompress bios and You'll find it as .bin or . rom or .fd file in %TEMP% folder and It could have a different size over 4096kb,
but only cause It is encapsulated in a dos or windows .exe program.
So look an example : Acer Aspire V3-771G bios v.2.23 VAGV223
Start 0x00000000 (MZ = Microsoft executable program)
So to find Header in encapsulated bios You have to look the 2nd item = $_IFLASH_BIOSIMG and precisely $_IFLASH_BIOSIMG..@...@.
245F49464C4153485F42494F53494D470000 400000004000 (in Litt le Endian 00 00 40 = 40 00 00 = 0x400000 = Bios len !!! ) So We have the file End too !!!!!!!!$_IFLASH_BIOSIMG..@...@.
So 400000004000 is the end of Header and after it, start real bios to extract, so create block from last 00 to the first byte of file and cut it !
So $BID01433 = Real Bios End + 54(Dec) or 36(Hex) bytes coincides with second F4 FF, this is last byte of Real Bios and all comes after it, is the Footer.
So, select from next byte to last at end of file and cut it.
We have now bios extracted and pure, save and use it.But It’s not ended here . . .
Into Bios Insyde UEFI version 1.xx files, We have to do a different extraction for Bios Extraction :
We have to find this Marker 0x5AA5F00Fh (It’s Palindromic) and It’s positioned always to 0x00020000h offset, then select all from this offset to the SOF (Start of File)and cut all before 0x00020000h offset remaining 5120 KB (0x00051FE00h bytes), save It, and got the Bios Extracted (Firmware) . . .
.We have now bios extracted and pure, save and use it.But It’s not ended here .
We can extract the Bios Region chunk only from this file so We can use It to generalize a modify, as It is pure and don’t replace any variable in VSS (Variables Store) !So let get the Extracted file which We have got here and have to find a Bios Region Signature (5F5053575F00 = _PSW_.) this is the starting offset address then the endIt will be the EOF (end of file) look here :
How to extract Bios Region only to use in Generalized Bios Region Flash :
In Acer Bios File You have to Extract the Decapsulated bios before, then find the Bios Region Signature Bios Region Signature (5F5053575F00 = _PSW_.) or new(4143455241424354=ACERABCT ) to know the offsets address for all Bios Regions You have to use UEFI Tool by CodeRush !!!So for this one Acer Aspire V5-171G You'll find Bios Region start at offset 0x180000 and has a size 0x380000 and can copy that hex chunck in a new file,copy from offset address 0x180000 to 0x380000 and get Bios Region Pure to use by FPT tool to reflash as Generalized Bios for all laptops :FPT –f GenBios.bin –bios !!!