Notifications

Clear all

Imaging BIOS tool

mattpenrose · 2012-03-22T12:58:08Z

Does anyone have any tool recommendations for imaging and investigating the bios of a PC?I need to investigate data which is stored on the bios which will not be shown in the usual "F2 on boot" screen.I read in previous posts the tool ProDiscover can be used. Are there any other tools which are now preferred?What would be the best tool to analyse the data once imaged? Any input would be very much appreciated

Page 2 / 2 Prev

General (Technical, Procedural, Software, Hardware etc.)

Last Post by jackblack 12 years ago

15 Posts

10 Users

0 Reactions

2,013 Views

RSS

questnz

(@questnz)

Eminent Member

Joined: 17 years ago

Posts: 34

23/03/2012 5:12 am

Agree with jaclaz, not sure what you want to acheive, but you can try SIW software for bit more info ,
if you want walk thru a POST codes you need Diagnostic POST card, also contact Ultra x and have a look can they help you with anything www.uxd.com their Quick Tech Pro software will give you more info about BIOS than anything I know of, but it will definately not let you "image" BIOS

Chris

ReplyQuote

trewmte

(@trewmte)

Noble Member

Joined: 19 years ago

Posts: 1877

23/03/2012 11:28 am

A COMPARATIVE ANALYSIS OF ROOTKIT DETECTION TECHNIQUES the researcher comments

2.6 Hardware-Based
The fourth and final type of rootkit operates independently of the OS, but is
extremely hardware dependent. These rootkits typically use hardware
virtualization and chipset exploits to operate in the BIOS or PCI expansion
cards [41]. At this time the hardware-specific rootkits are not very prevalent
in the wild, and are more “proof of concept” techniques. Techniques to
detect these types of rootkits are likewise very sparse [41].

Bibliography reference [41] Sparks S, Embleton S, and Zou C, Windows Rootkits
- A Game of Hide and Seek. In Handbook of Security and Networks, World
Scientific Press, 201

However, NIST SP 800-147 April 2011 in their publication BIOS Protection Guidelines under Executive Summary states

Unauthorized modification of BIOS firmware by malicious software constitutes a significant threat because of the BIOS’s unique and privileged position within the PC architecture. A malicious BIOS modification could be part of a sophisticated, targeted attack on an organization—either a permanent denial of service (if the BIOS is corrupted) or a persistent malware presence (if the BIOS is implanted with malware). The move from conventional BIOS implementations to implementations based on the Unified Extensible Firmware Interface (UEFI) may make it easier for malware to target the BIOS in a widespread fashion, as these BIOS implementations are based on a common specification.

and in the 'Presentation to Linux Users of Victoria on LUV's Policy on UEFI' (2011) it highlights similar concerns.

There is a lot more research besides that mentioned above.

ReplyQuote

jinx800

(@jinx800)

New Member

Joined: 16 years ago

Posts: 2

31/07/2013 8:49 pm

Bump.

Anyone???

ReplyQuote

jaclaz

(@jaclaz)

Illustrious Member

Joined: 18 years ago

Posts: 5133

31/07/2013 11:14 pm

Bump.

Anyone???

Anyone WHAT? 😯 ?

jaclaz

ReplyQuote

jackblack

(@jackblack)

New Member

Joined: 12 years ago

Posts: 2

19/11/2013 8:36 am

You want Copernicus

http//www.mitre.org/capabilities/cybersecurity/overview/cybersecurity-blog/copernicus-question-your-assumptions-about

It dumps the BIOS from a bunch of systems, but requires Windows 7 32/64 bit.

ReplyQuote

Page 2 / 2 Prev

8 Forums
15.7 K Topics
92.3 K Posts
192 Online
41.1 K Members

Forum Icons: Forum contains no unread posts Forum contains unread posts

Topic Icons: Not Replied Replied Active Hot Sticky Unapproved Solved Private Closed