Coder Social home page Coder Social logo

ikarius6 / pwgen-for-bios Goto Github PK

View Code? Open in Web Editor NEW

This project forked from cryptolok/pwgen-for-bios

0.0 2.0 0.0 117 KB

Console password generator for BIOS

Home Page: http://bios-pw.org/

License: GNU General Public License v3.0

JavaScript 100.00%

pwgen-for-bios's Introduction

Console Pwgen For BIOS

About

This code is based on python programs from Dogbert's Blog and research by Asyncritus, which is itself a fork.

It can calculate recovery password for bios from a service tag hash.

Supported BIOS types:

  • Compaq - 5 decimal digits
  • Dell - serial number for series -595B, -D35B. -2A7B and -1D3B
  • Fujitsu-Siemens - 5 decimal digits, 8 hexadecimal digits, 5x4 hexadecimal digits, 5x4 decimal digits
  • Hewlett-Packard - 5 decimal digits, 10 characters
  • Insyde H20 (generic) - 8 decimal digits
  • Phoenix (generic) - 5 decimal digits
  • Sony - 7 digit serial number
  • Samsung - 12 hexadecimal digits

The main difference for the fork is that it can be ran from console directly :

Linux

node biosPwd.js 07088120410C0000

Windows

node.exe biosPwd.js 07088120410C0000

In order to get the code/serial, either the BIOS itself will provide it, or you can try the PC's serial number written somewhere on the caseback.

You will need Node.js for that:

Linux

sudo aptitude install nodejs || echo 'you know what to do'

Windows

Mitigation

Even if your model doesn't have a backdoor/escrow password, it can still be reset by disconnecting CMOS battery.

One of the mitigations is to use NVRAM to store BIOS/UEFI passwords (already implemented for top HP/Dell models), but it can still be bypassed by short-circuiting associated jumpers (can burn motherboard), plus your password have to be strong.

A sure way to at least detect such tampering is to use TPM (Trusted Platform Module).

Finally, you shouldn't rely on BIOS for your security.

pwgen-for-bios's People

Contributors

bacher09 avatar cryptolok avatar a-syncritus avatar dandar3 avatar

Watchers

James Cloos avatar Mr.Jack avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.