{"id":2283,"date":"2019-06-11T01:59:27","date_gmt":"2019-06-11T01:59:27","guid":{"rendered":"http:\/\/www.incredigeek.com\/home\/?p=2283"},"modified":"2019-06-11T02:02:17","modified_gmt":"2019-06-11T02:02:17","slug":"chipsec-notes","status":"publish","type":"post","link":"https:\/\/www.incredigeek.com\/home\/chipsec-notes\/","title":{"rendered":"CHIPSEC notes"},"content":{"rendered":"\n<p>The following is some quick notes on using CHIPSEC to compare the EFI whitelist on your current machine with the BIOS Dell provides<\/p>\n\n\n\n<p>Quick notes.<\/p>\n\n\n\n<ol class=\"wp-block-list\"><li>Install prerequisites (Uses python 2)<\/li><li>Git clone Chipsec<\/li><li>Install (Had to use a -i option, is in the manual)<\/li><li>Run (Use spaces like below)<\/li><\/ol>\n\n\n\n<p><strong>Extract Bios ROM from Dell EXE<\/strong> <br>Use the BIOS exe to output a .rom file that you can use in Linux.  Run the following command from Windows command prompt, accept the security request.  Change the EXE to the BIOS you downloaded.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">Alienware_17_R2_1.5.0.EXE \/writeromfile<\/pre>\n\n\n\n<p>The BIOS rom is named dell.rom in the following commands<\/p>\n\n\n\n<p><strong>Get list of Computer ROM<\/strong><\/p>\n\n\n\n<p>Should create fw.bin file and efilist.json file from local machine<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">sudo python chipsec_main.py -m tools.uefi.whitelist<\/pre>\n\n\n\n<p><strong>Get list from Dell rom<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">sudo python chipsec_main.py -m tools.uefi.whitelist -a generate efilist.json dell.rom<br><\/pre>\n\n\n\n<p><strong>Compare the current ROM against the one downloaded from Dell<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">sudo python chipsec_main.py -m tools.uefi.whitelist -a check efilist.json fw.bin<\/pre>\n\n\n\n<p><em>For some reason Ubuntu was not recognizing the last three options after the -a as individual options unless there was a space in between them.\u00a0 All the examples online show that they had commas between them.\u00a0 Which should work, so wonder if it was an environment variable problem or something.<\/em><\/p>\n\n\n\n<p>The tell tell sign was the [*] Module arguments Line only shows 1 argument, needs 3.<\/p>\n\n\n\n<p><strong>Other links<\/strong><\/p>\n\n\n\n<p>Install instructions here.<br><a href=\"https:\/\/github.com\/chipsec\/chipsec\/wiki\/Installing-CHIPSEC-in-Linux\">https:\/\/github.com\/chipsec\/chipsec\/wiki\/Installing-CHIPSEC-in-Linux<\/a><\/p>\n\n\n\n<p>LUV Linux download <br><a href=\"https:\/\/01.org\/linux-uefi-validation\">https:\/\/01.org\/linux-uefi-validation<\/a><\/p>\n\n\n\n<p>Manual<br><a href=\"https:\/\/github.com\/chipsec\/chipsec\/blob\/master\/chipsec-manual.pdf\">https:\/\/github.com\/chipsec\/chipsec\/blob\/master\/chipsec-manual.pdf<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The following is some quick notes on using CHIPSEC to compare the EFI whitelist on your current machine with the BIOS Dell provides Quick notes. Install prerequisites (Uses python 2) Git clone Chipsec Install (Had to use a -i option, &hellip; <a href=\"https:\/\/www.incredigeek.com\/home\/chipsec-notes\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[309,651,653,320,330,652,650],"class_list":["post-2283","post","type-post","status-publish","format-standard","hentry","category-linux","tag-alienware","tag-bios","tag-chipsec","tag-dell","tag-efi","tag-rom","tag-uefi"],"_links":{"self":[{"href":"https:\/\/www.incredigeek.com\/home\/wp-json\/wp\/v2\/posts\/2283","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.incredigeek.com\/home\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.incredigeek.com\/home\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.incredigeek.com\/home\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.incredigeek.com\/home\/wp-json\/wp\/v2\/comments?post=2283"}],"version-history":[{"count":6,"href":"https:\/\/www.incredigeek.com\/home\/wp-json\/wp\/v2\/posts\/2283\/revisions"}],"predecessor-version":[{"id":2478,"href":"https:\/\/www.incredigeek.com\/home\/wp-json\/wp\/v2\/posts\/2283\/revisions\/2478"}],"wp:attachment":[{"href":"https:\/\/www.incredigeek.com\/home\/wp-json\/wp\/v2\/media?parent=2283"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.incredigeek.com\/home\/wp-json\/wp\/v2\/categories?post=2283"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.incredigeek.com\/home\/wp-json\/wp\/v2\/tags?post=2283"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}