We will start by looking at how the reverse was started and the different kinds of passwords in the firmware, before having a more in depth look at two of them: the Power-On Password and the Bios Passwords. In this blogpost the goal is to explain how I started looking at the Lenovo password. The handling of passwords is specific to each constructor, which means the code explained here is specific to Lenovo and more precisely to a few ThinkPad (this is mostly common to three different ThinkPad versions, so most of this will probably stay the same). A few publications exist 1 2 3, but I was interested to look at it from a software point of view and was not actually sure it was the same implementation (in practice it is the same). At that time I got curious about how the UEFI passwords, which in particular are used to protect the BIOS interface, are handled. In my last blogpost I spoke about a vulnerability in the System Management Mode (SMM) code of my Lenovo ThinkPad.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |