• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

AMIBIOS Source Code and AMI's UEFI Signing Key Leaked

btarunr

Editor & Senior Moderator
Staff member
Joined
Oct 9, 2007
Messages
46,201 (7.69/day)
Location
Hyderabad, India
System Name RBMK-1000
Processor AMD Ryzen 7 5700G
Motherboard ASUS ROG Strix B450-E Gaming
Cooling DeepCool Gammax L240 V2
Memory 2x 8GB G.Skill Sniper X
Video Card(s) Palit GeForce RTX 2080 SUPER GameRock
Storage Western Digital Black NVMe 512GB
Display(s) BenQ 1440p 60 Hz 27-inch
Case Corsair Carbide 100R
Audio Device(s) ASUS SupremeFX S1220A
Power Supply Cooler Master MWE Gold 650W
Mouse ASUS ROG Strix Impact
Keyboard Gamdias Hermes E2
Software Windows 11 Pro
An FTP server in Taiwan that could be publicly accessed, leaked the source code of AMI Aptio UEFI BIOS, including AMI's unique UEFI signing test key. The utterly irresponsible act of holding such sensitive data on public FTPs is suspected to be committed by motherboard vendor Jetway. In doing so, the company may have compromised security of every motherboard (across vendors) running AMI Aptio UEFI BIOS. Most socket LGA1155 and FM2 motherboards, and some socket AM3+ motherboards run AMI Aptio.

Among the leaked bits of software include the source code of AMI BIOS, Aptio, and AMI's UEFI test signing key, which is used by all its clients to sign their BIOS updates. Signing ensures that BIOS updating software verifies the update is genuine, and coming from the motherboard manufacturer. With this key out, malware developers can develop malicious BIOS updates, hack motherboard vendors' customer support websites, and replace legitimate BIOS updates with their malicious ones. Control over the system BIOS could then give hackers access to most ring-0 OS functions.



"By leaking this key and the firmware source, it is possible (and simple) for others to create malicious UEFI updates that will be validated & installed for the vendor's products that use this firmware. If the vendor used this same key for other products - the impact could be even worse," writes Adam Caudill, who along with Brandon Wilson, discovered the open FTP server. "This kind of leak is a dream come true for advanced corporate espionage or intelligence operations. The ability to create a nearly undetectable, permanent hole in a system's security is an ideal scenario for covert information collection," he added.

View at TechPowerUp Main Site
 
Last edited:

FordGT90Concept

"I go fast!1!11!1!"
Joined
Oct 13, 2008
Messages
26,255 (4.66/day)
Location
IA, USA
System Name BY-2021
Processor AMD Ryzen 7 5800X (65w eco profile)
Motherboard MSI B550 Gaming Plus
Cooling Scythe Mugen (rev 5)
Memory 2 x Kingston HyperX DDR4-3200 32 GiB
Video Card(s) AMD Radeon RX 6800 XT
Storage Samsung 980 Pro, Seagate Exos X12 TB 7200 RPM
Display(s) Nixeus NX-EDG274K (3840x2160@144 DP) + Samsung SyncMaster 906BW (1440x900@60 HDMI-DVI)
Case Coolermaster HAF 932 w/ USB 3.0 5.25" bay
Audio Device(s) Realtek ALC1150, Micca OriGen+
Power Supply Enermax Platimax 850w
Mouse SteelSeries Sensei RAW
Keyboard Tesoro Excalibur
Software Windows 10 Home 64-bit
Benchmark Scores Faster than the tortoise; slower than the hare.
Look on the bright side: this may mean BIOS can be updated to eliminate secure boot (aka DRM).
 
Last edited:
Joined
Dec 16, 2010
Messages
1,662 (0.34/day)
Location
State College, PA, US
System Name My Surround PC
Processor AMD Ryzen 9 7950X3D
Motherboard ASUS STRIX X670E-F
Cooling Swiftech MCP35X / EK Quantum CPU / Alphacool GPU / XSPC 480mm w/ Corsair Fans
Memory 64GB (2 x 32 GB) G.Skill DDR5-6000 CL30
Video Card(s) MSI NVIDIA GeForce RTX 4090 Suprim X 24GB
Storage WD SN850 2TB, 2 x 512GB Samsung PM981a, 4 x 4TB HGST NAS HDD for Windows Storage Spaces
Display(s) 2 x Viotek GFI27QXA 27" 4K 120Hz + LG UH850 4K 60Hz + HMD
Case NZXT Source 530
Audio Device(s) Sony MDR-7506 / Logitech Z-5500 5.1
Power Supply Corsair RM1000x 1 kW
Mouse Patriot Viper V560
Keyboard Corsair K100
VR HMD HP Reverb G2
Software Windows 11 Pro x64
Benchmark Scores Mellanox ConnectX-3 10 Gb/s Fiber Network Card
I guess people with Samsung laptops can now finally use them with operating systems other than Windows.
 

cdawall

where the hell are my stars
Joined
Jul 23, 2006
Messages
27,680 (4.29/day)
Location
Houston
System Name All the cores
Processor 2990WX
Motherboard Asrock X399M
Cooling CPU-XSPC RayStorm Neo, 2x240mm+360mm, D5PWM+140mL, GPU-2x360mm, 2xbyski, D4+D5+100mL
Memory 4x16GB G.Skill 3600
Video Card(s) (2) EVGA SC BLACK 1080Ti's
Storage 2x Samsung SM951 512GB, Samsung PM961 512GB
Display(s) Dell UP2414Q 3840X2160@60hz
Case Caselabs Mercury S5+pedestal
Audio Device(s) Fischer HA-02->Fischer FA-002W High edition/FA-003/Jubilate/FA-011 depending on my mood
Power Supply Seasonic Prime 1200w
Mouse Thermaltake Theron, Steam controller
Keyboard Keychron K8
Software W10P
Joined
May 4, 2011
Messages
633 (0.13/day)
System Name Smooth-Operator
Processor AMD Ryzen 7 3800x
Motherboard Asrock x570 Taichi
Cooling AMD Wraith Prism
Memory 2x16GB 3200MHz CL16@CL14 DDR4
Video Card(s) Sapphire Radeon RX 580 8GB NITRO+
Storage 2x4TB WD HGST 7K6 7200RPM 256MB
Display(s) Samsung S24E370DL 24" IPS Freesync 75Hz
Case Fractal Design Focus G Window Blue
Audio Device(s) Creative X-Fi Titanium PCIe x1
Power Supply Corsair HX850 80+ Platinum
Mouse Gigabyte Aorus M3
Keyboard Zalman ZM-K300M
Software Windows 10 x64 Enterprise/Ubuntu Budgie amd64
"Malicous firmware/bios/uefi" a.k.a. firmware/bios/uefi allowing user to do with bought device anything user wish to.
 

Frick

Fishfaced Nincompoop
Joined
Feb 27, 2006
Messages
18,914 (2.87/day)
Location
Piteå
System Name Black MC in Tokyo
Processor Ryzen 5 5600
Motherboard Asrock B450M-HDV
Cooling Be Quiet! Pure Rock 2
Memory 2 x 16GB Kingston Fury 3400mhz
Video Card(s) XFX 6950XT Speedster MERC 319
Storage Kingston A400 240GB | WD Black SN750 2TB |WD Blue 1TB x 2 | Toshiba P300 2TB | Seagate Expansion 8TB
Display(s) Samsung U32J590U 4K + BenQ GL2450HT 1080p
Case Fractal Design Define R4
Audio Device(s) Line6 UX1 + some headphones, Nektar SE61 keyboard
Power Supply Corsair RM850x v3
Mouse Logitech G602
Keyboard Cherry MX Board 1.0 TKL Brown
VR HMD Acer Mixed Reality Headset
Software Windows 10 Pro
Benchmark Scores Rimworld 4K ready!
"Malicous firmware/bios/uefi" a.k.a. firmware/bios/uefi allowing user to do with bought device anything user wish to.

Or, you know, allowing people to install serious malware.
 
Joined
Feb 8, 2008
Messages
2,665 (0.45/day)
Location
Switzerland
Processor i9 9900KS ( 5 Ghz all the time )
Motherboard Asus Maximus XI Hero Z390
Cooling EK Velocity + EK D5 pump + Alphacool full copper silver 360mm radiator
Memory 16GB Corsair Dominator GT ROG Edition 3333 Mhz
Video Card(s) ASUS TUF RTX 3080 Ti 12GB OC
Storage M.2 Samsung NVMe 970 Evo Plus 250 GB + 1TB 970 Evo Plus
Display(s) Asus PG279 IPS 1440p 165Hz G-sync
Case Cooler Master H500
Power Supply Asus ROG Thor 850W
Mouse Razer Deathadder Chroma
Keyboard Rapoo
Software Win 10 64 Bit
So maybe the virus now can be inside the motherboard not anymore on HardDisk ?

And then how you clean the motherboard bios ? Buying new one ?
 
Joined
Apr 16, 2010
Messages
3,452 (0.68/day)
Location
Portugal
System Name LenovoⓇ ThinkPad™ T430
Processor IntelⓇ Core™ i5-3210M processor (2 cores, 2.50GHz, 3MB cache), Intel Turbo Boost™ 2.0 (3.10GHz), HT™
Motherboard Lenovo 2344 (Mobile Intel QM77 Express Chipset)
Cooling Single-pipe heatsink + Delta fan
Memory 2x 8GB KingstonⓇ HyperX™ Impact 2133MHz DDR3L SO-DIMM
Video Card(s) Intel HD Graphics™ 4000 (GPU clk: 1100MHz, vRAM clk: 1066MHz)
Storage SamsungⓇ 860 EVO mSATA (250GB) + 850 EVO (500GB) SATA
Display(s) 14.0" (355mm) HD (1366x768) color, anti-glare, LED backlight, 200 nits, 16:9 aspect ratio, 300:1 co
Case ThinkPad Roll Cage (one-piece magnesium frame)
Audio Device(s) HD Audio, RealtekⓇ ALC3202 codec, DolbyⓇ Advanced Audio™ v2 / stereo speakers, 1W x 2
Power Supply ThinkPad 65W AC Adapter + ThinkPad Battery 70++ (9-cell)
Mouse TrackPointⓇ pointing device + UltraNav™, wide touchpad below keyboard + ThinkLight™
Keyboard 6-row, 84-key, ThinkVantage button, spill-resistant, multimedia Fn keys, LED backlight (PT Layout)
Software MicrosoftⓇ WindowsⓇ 10 x86-64 (22H2)
So maybe the virus now can be inside the motherboard not anymore on HardDisk?
Yes, it WILL be in the motherboard, not the HDD.
And then how you clean the motherboard bios ? Buying new one ?
No. You just have to remove the infected chip out and install a clean one, or just reprogram (with an external programmer) the infected one, just like in the CIH days.
 
Joined
Mar 10, 2010
Messages
11,878 (2.32/day)
Location
Manchester uk
System Name RyzenGtEvo/ Asus strix scar II
Processor Amd R5 5900X/ Intel 8750H
Motherboard Crosshair hero8 impact/Asus
Cooling 360EK extreme rad+ 360$EK slim all push, cpu ek suprim Gpu full cover all EK
Memory Corsair Vengeance Rgb pro 3600cas14 16Gb in four sticks./16Gb/16GB
Video Card(s) Powercolour RX7900XT Reference/Rtx 2060
Storage Silicon power 2TB nvme/8Tb external/1Tb samsung Evo nvme 2Tb sata ssd/1Tb nvme
Display(s) Samsung UAE28"850R 4k freesync.dell shiter
Case Lianli 011 dynamic/strix scar2
Audio Device(s) Xfi creative 7.1 on board ,Yamaha dts av setup, corsair void pro headset
Power Supply corsair 1200Hxi/Asus stock
Mouse Roccat Kova/ Logitech G wireless
Keyboard Roccat Aimo 120
VR HMD Oculus rift
Software Win 10 Pro
Benchmark Scores 8726 vega 3dmark timespy/ laptop Timespy 6506
Joined
Nov 18, 2010
Messages
7,096 (1.46/day)
Location
Rīga, Latvia
System Name HELLSTAR
Processor AMD RYZEN 9 5950X
Motherboard ASUS Strix X570-E
Cooling 2x 360 + 280 rads. 3x Gentle Typhoons, 3x Phanteks T30, 2x TT T140 . EK-Quantum Momentum Monoblock.
Memory 4x8GB G.SKILL Trident Z RGB F4-4133C19D-16GTZR 14-16-12-30-44
Video Card(s) Sapphire Pulse RX 7900XTX + under waterblock.
Storage Optane 900P[W11] + WD BLACK SN850X 4TB + 750 EVO 500GB + 1TB 980PRO[FEDORA]
Display(s) Philips PHL BDM3270 + Acer XV242Y
Case Lian Li O11 Dynamic EVO
Audio Device(s) Sound Blaster ZxR
Power Supply Fractal Design Newton R3 1000W
Mouse Razer Basilisk
Keyboard Razer BlackWidow V3 - Yellow Switch
Software FEDORA 39 / Windows 11 insider
good news... I hated that thing... DRM is double edged sword that is implemented in very wrong fashion... shoo shoo get lost... I want to really own the device I buy, not just lend it...
 
Joined
Jul 5, 2008
Messages
272 (0.05/day)
System Name WorkStation
Processor Intel i7 3770k @ 4.4GHz
Motherboard ASRock Z77 Extreme6
Cooling Corsair H110 Water Cooler AIO
Memory Corsair Vengeance 8GB DDR3 1600MHz
Video Card(s) MSI GTX680 Twin Frozr III OC
Storage WD 1TB Sata III
Display(s) Samsung 22-inch LED 1080p
Case Corsair Carbide Air 540
Audio Device(s) Onboard Realtek 898 HD
Power Supply Corsair CS750M Gold
Software Windows 8.1 Pro x64

Rebel333

New Member
Joined
Jan 12, 2011
Messages
29 (0.01/day)
This might excellent news, does this mean we are going to see more customizable bios, such as adding memory timings, overclocking CPU, GPU, changing voltages, etc in Samsung laptops?
 

cadaveca

My name is Dave
Joined
Apr 10, 2006
Messages
17,232 (2.63/day)
This might excellent news, does this mean we are going to see more customizable bios, such as adding memory timings, overclocking CPU, GPU, changing voltages, etc in Samsung laptops?

Nope.


I've got AMI UEFI editing tools. I posted I had them many months ago.


When you go to update BIOS, the BIOS is checked if it is "official" BIOS. This is the mechanism that prevents you from flashing BIOS from a different product to your board.


So, now, someone could write "I LOVE SPAGETTINI" a billion times, and your board would flash it to the BIOS chip, thinking it was a BIOS.


And I got my softwares off of Jetway's FTP as well. This is hardly new news, honestly, Jetway's FTP was open for a long long time(literally years), as was ASUS's(again, years, you can find lots of posts about it), and several other board makers. Today, all these FTP's are blocked from open public access.


Seems like Adam Caudill was just looking for some traffic! Publically leaking that key and other infos is very much a dick move.
 
Joined
Aug 17, 2009
Messages
1,585 (0.30/day)
Location
Los Angeles/Orange County CA
System Name Vulcan
Processor i6 6600K
Motherboard GIGABYTE Z170X UD3
Cooling Thermaltake Frio Silent 14
Memory 16GB Corsair Vengeance LPX 16GB (2 x 8GB)
Video Card(s) ASUS Strix GTX 970
Storage Mushkin Enhanced Reactor 1TB SSD
Display(s) QNIX 27 Inch 1440p
Case Fractal Design Define S
Audio Device(s) On Board
Power Supply Cooler Master V750
Software Win 10 64-bit
Well I guess no other hum had done something incredibly insanely stupid today.

Someone had to step up and do it.

That's the problems with the keys and certificates and stuff. Good in theory, but you've got to consider the weakest link in the chain.

Depresses that I too am a member of this ignoble group.

Ok, rant over. Have a nice day.
 
Joined
Sep 4, 2005
Messages
658 (0.10/day)
there are some leaked tools out there already that will allow you to flash boards with a BIOS not for that board. However this is great, because now vendors will have to one up their security, i mean do you guys think their security was so low that any motherboard maker could hack eath other's UEFI? Some vendors don't allow such easy access to their UEFI's as they have ot make up their own modules, for instance memory OC profiles is a custom module, as is UEFI profile sharing, and other stuff like that. I mean sure there are some vendors who don't use much security, some very big ones too, but other vendors can put on good security, which will probably become even greater with this.

I am sure AMI with their nice monopoly will do something about it.
 
Joined
Apr 6, 2011
Messages
700 (0.15/day)
Location
Pensacola, FL, USA, Earth
The vendor had the following to say:

 

hkbeta

New Member
Joined
Apr 8, 2013
Messages
3 (0.00/day)
great article... or not

Let me tell you something else. On a public FTP there is the source code for Windows 8. And on the same *public* FTP there is the complete source code for World of Warcraft (all of them). And on another public ftp you can find a program that let's you decrypt any encrypted ZIP and RAR file. And of course there's a FTP where you can find... nevermind, I think you got the point.

So techpowerup editors please start and write about all of the above, no need for a link to the FTP, if I tell you it's true, then it's true. Or should I write this on a blog to believe me?
 

W1zzard

Administrator
Staff member
Joined
May 14, 2004
Messages
26,936 (3.72/day)
Processor Ryzen 7 5700X
Memory 48 GB
Video Card(s) RTX 4080
Storage 2x HDD RAID 1, 3x M.2 NVMe
Display(s) 30" 2560x1600 + 19" 1280x1024
Software Windows 10 64-bit
Let me tell you something else. On a public FTP there is the source code for Windows 8. And on the same *public* FTP there is the complete source code for World of Warcraft (all of them). And on another public ftp you can find a program that let's you decrypt any encrypted ZIP and RAR file. And of course there's a FTP where you can find... nevermind, I think you got the point.

So techpowerup editors please start and write about all of the above, no need for a link to the FTP, if I tell you it's true, then it's true. Or should I write this on a blog to believe me?

You can find the leaked AMI source code yourself, it's not that difficult.
 
Joined
Feb 16, 2005
Messages
598 (0.09/day)
Location
Germany,Hannover
System Name ChaosMoes
Processor Intel® Core™ i5-3570K no OC yet
Motherboard Asrock Z77 Extreme4
Cooling Scythe Ninja 3 Rev. B
Memory 16GB 2xPatriot DIMM 8 GB DDR3-1866 Kit (PV38G186C9KRD, Viper 3 Venom Red)
Video Card(s) ASRock Radeon RX 590 Phantom Gaming X 8GB GDDR5 188€@13.07.19 Amazon Sale
Storage Samsung 840 Pro SSD 256GB, + ST32000645NS Seagate Constellation 109€ reichelt.de 2012
Display(s) 27" Phillips PHL 276E9Q 189€ @ Saturn(Germany) 1.09.2018
Case Zaria A20 !!!THANK YOU TECHPOWERUP.COM!!!
Audio Device(s) onboard Sound
Power Supply SeaSonic Prime Ultra Titanium 750W
Mouse Logitech M705
Keyboard Microsoft SideWinder X4 Keyboard
Software Windows 10 Pro x64
posting a link just poses more risk than use for tpu...
use your giyf skills or you are wrong here anyway

well i wasn't able to get the source code myself just to see it out of curiosity :rolleyes:
 

btarunr

Editor & Senior Moderator
Staff member
Joined
Oct 9, 2007
Messages
46,201 (7.69/day)
Location
Hyderabad, India
System Name RBMK-1000
Processor AMD Ryzen 7 5700G
Motherboard ASUS ROG Strix B450-E Gaming
Cooling DeepCool Gammax L240 V2
Memory 2x 8GB G.Skill Sniper X
Video Card(s) Palit GeForce RTX 2080 SUPER GameRock
Storage Western Digital Black NVMe 512GB
Display(s) BenQ 1440p 60 Hz 27-inch
Case Corsair Carbide 100R
Audio Device(s) ASUS SupremeFX S1220A
Power Supply Cooler Master MWE Gold 650W
Mouse ASUS ROG Strix Impact
Keyboard Gamdias Hermes E2
Software Windows 11 Pro
So techpowerup editors please start and write about all of the above, no need for a link to the FTP, if I tell you it's true, then it's true. Or should I write this on a blog to believe me?

www.google.com
 
Top