Explaining security vulnerabilities, possible exploitation scenarios, and prevention in a systematic manner, this guide to BIOS exploitation describes the reverse-engineering techniques used to gather information from BIOS and expansion ROMs. SMBIOS/DMI exploitation techniques—including BIOS rootkits and computer defense—and the exploitation of embedded x86 BIOS are also covered.
For many years, there has been a myth among computer enthusiasts and practitioners that PC basic input/output system (BIOS) modification is a task only a handful of people or only the motherboard vendor can carry out. On the contrary, this book will prove that with the right tools and approach, anyone can understand and modify the BIOS to suit his or her needs without the existence of its source code. It can be achieved by using a systematic approach to BIOS reverse engineering and modification. An advanced level of this modification te<:hniquc is injecting a custom code to the BIOS binary.
There are many reasons to carry out BIOS reverse engineering and modification. from doing it for fun to achieving a higher performance in an overclocking scenario. patching a certain bug, injecting a custom security code into the BIOS, and taking commercial interest in the embedded x86 BIOS market. The emergence of the embedded x86 platform as consumer electronic products such as TV set-top boxes. telecom·related appliances, and embedded x86 kiosks has raised interest in BIOS reverse engineering and modification. In the coming years, these techniques will become even more important as state·of·the·art bus protocols delegate a lot of their initialization task to firmware, i.e., the BIOS. Thus, by understanding the techniques, you can dig into the relevant firmware codes and understand the implementation of those protocols within the BIOS binary.