Bueno, no se muy bien que he hecho:
Creo que he vuelto a empezar ,y he hecho:
k@y:~/chipsec$ cd source/drivers/linux
k@y:~/chipsec/source/drivers/linux$ sudo make
Y creo que así se a cargado el driver, he hecho el comando sudo run.sh pero ya me decia que estaba el módulo cargado, hecho con el sudo make, se puede hacer de varias formas.
Luego me he ido a cd ~/chipsec/source/tool y e iniciado con k@y:~/chipsec/source/tool$ sudo python chipsec_main.py -i y tachan se a iniciado.
Da información, sale en letras de colores muy facil de ver, pero aquí saldra todo con el mismo color de texto, me encuentra errores en rojo, y varios chequeos skiped.
Ya deberé mirarme todas las opciones y todo para aprender lo que pueda.
Ahora creo que ya funciona el programa , aunque de error de plataforma no soportada, no se si puede hacerse algo más, de momento me doy con un canto en los dientes.
Creo que no funcionaba por que cargaba el driver desde ~/chipsec/source/tool , y se tenía que hacer desde ~/chipsec/source/drivers/linux
Muchas gracias , un saludo.
Bueno, si alguien puede aportar algo sobre este log y explicarme algo por encima, sería estupendo, creo que puede servirle a mucha gente que quiera analizar su bios y firmware.
El resultado:
[k@y:~/chipsec/source/tool$ sudo python chipsec_main.py
****** Chipsec Linux Kernel module is licensed under GPL 2.0
################################################################
## ##
## CHIPSEC: Platform Hardware Security Assessment Framework ##
## ##
################################################################
[CHIPSEC] Version 1.2.2
[CHIPSEC] Arguments:
****** Chipsec Linux Kernel module is licensed under GPL 2.0
ERROR: Unsupported Platform: VID = 0x1022, DID = 0x1566
ERROR: Platform is not supported (Unsupported Platform: VID = 0x1022, DID = 0x1566).
ERROR: To run anyways please use -i command-line option
k@y:~/chipsec/source/tool$ sudo python chipsec_main.py -i
[*] Ignoring unsupported platform warning and continue execution
****** Chipsec Linux Kernel module is licensed under GPL 2.0
################################################################
## ##
## CHIPSEC: Platform Hardware Security Assessment Framework ##
## ##
################################################################
[CHIPSEC] Version 1.2.2
[CHIPSEC] Arguments: -i
****** Chipsec Linux Kernel module is licensed under GPL 2.0
ERROR: Unsupported Platform: VID = 0x1022, DID = 0x1566
ERROR: Platform is not supported (Unsupported Platform: VID = 0x1022, DID = 0x1566).
WARNING: Platform dependent functionality is likely to be incorrect
[CHIPSEC] OS : Linux 3.13.0-36-generic #63-Ubuntu SMP Wed Sep 3 21:30:07 UTC 2014 x86_64
[CHIPSEC] Platform: UnknownPlatform
[CHIPSEC] VID: 1022
[CHIPSEC] DID: 1566
[*] loading common modules from "./chipsec/modules/common" ..
[+] loaded chipsec.modules.common.bios_wp
[+] loaded chipsec.modules.common.bios_kbrd_buffer
[+] loaded chipsec.modules.common.spi_lock
[+] loaded chipsec.modules.common.spi_desc
[+] loaded chipsec.modules.common.smm
[+] loaded chipsec.modules.common.bios_smi
[+] loaded chipsec.modules.common.smrr
[+] loaded chipsec.modules.common.bios_ts
[+] loaded chipsec.modules.common.secureboot.variables
[+] loaded chipsec.modules.common.uefi.access_uefispec
[+] loaded chipsec.modules.common.uefi.s3bootscript
[*] No platform specific modules to load
[*] loading modules from "./chipsec/modules" ..
[+] loaded chipsec.modules.module_template
[+] loaded chipsec.modules.remap
[+] loaded chipsec.modules.smm_dma
[*] running loaded modules ..
[*] running module: chipsec.modules.common.bios_wp
[*] Module path: /home/k/chipsec/source/tool/chipsec/modules/common/bios_wp.py
[x][ =======================================================================
[x][ Module: BIOS Region Write Protection
[x][ =======================================================================
[*] BC = 0xFF << BIOS Control (b:d.f 00:31.0 + 0xDC)
[00] BIOSWE = 1 << BIOS Write Enable
[01] BLE = 1 << BIOS Lock Enable
[02] SRC = 3 << SPI Read Configuration
[04] TSS = 1 << Top Swap Status
[05] SMM_BWP = 1 << SMM BIOS Write Protection
[-] BIOS region write protection is disabled!
[*] BIOS Region: Base = 0x00068000, Limit = 0x00300FFF
SPI Protected Ranges
------------------------------------------------------------
PRx (offset) | Value | Base | Limit | WP? | RP?
------------------------------------------------------------
PR0 (74) | 00FF8110 | 00110000 | 000FF000 | 0 | 1
PR1 (78) | 75FFF5FF | 075FF000 | 075FF000 | 0 | 1
PR2 (7C) | FFE0BFEA | 03FEA000 | 07FE0000 | 1 | 1
PR3 (80) | 03EBFFF5 | 07FF5000 | 003EB000 | 0 | 1
PR4 (84) | FF04C783 | 04783000 | 07F04000 | 1 | 1
[!] None of the SPI protected ranges write-protect BIOS region
[!] BIOS should enable all available SMM based write protection mechanisms or configure SPI protected ranges to protect the entire BIOS region
[-] FAILED: BIOS is NOT protected completely
[*] running module: chipsec.modules.common.bios_kbrd_buffer
[*] Module path: /home/k/chipsec/source/tool/chipsec/modules/common/bios_kbrd_buffer.py
[x][ =======================================================================
[x][ Module: Pre-boot Passwords in the BIOS Keyboard Buffer
[x][ =======================================================================
[*] Keyboard buffer head pointer = 0x20 (at 0x41A), tail pointer = 0x20 (at 0x41C)
[*] Keyboard buffer contents (at 0x41E):
0d 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |
[-] Keyboard buffer tail points inside the buffer (= 0x20)
It may potentially expose lengths of pre-boot passwords. Was your password 2 characters long?
[*] Checking contents of the keyboard buffer..
[!] WARNING: Keyboard buffer is not empty. The test cannot determine conclusively if it contains pre-boot passwords.
The contents might have not been cleared by pre-boot firmware or overwritten with garbage.
Visually inspect the contents of keyboard buffer for pre-boot passwords (BIOS, HDD, full-disk encryption).
[*] running module: chipsec.modules.common.spi_lock
[*] Module path: /home/k/chipsec/source/tool/chipsec/modules/common/spi_lock.py
[x][ =======================================================================
[x][ Module: SPI Flash Controller Configuration Lock
[x][ =======================================================================
[*] HSFS = 0x0443 << Hardware Sequencing Flash Status Register (SPIBAR + 0x4)
[00] FDONE = 1 << Flash Cycle Done
[01] FCERR = 1 << Flash Cycle Error
[02] AEL = 0 << Access Error Log
[03] BERASE = 0 << Block/Sector Erase Size
[05] SCIP = 0 << SPI cycle in progress
[13] FDOPSS = 0 << Flash Descriptor Override Pin-Strap Status
[14] FDV = 0 << Flash Descriptor Valid
[15] FLOCKDN = 0 << Flash Configuration Lock-Down
[-] FAILED: SPI Flash Controller configuration is not locked
[*] running module: chipsec.modules.common.spi_desc
[*] Module path: /home/k/chipsec/source/tool/chipsec/modules/common/spi_desc.py
[x][ =======================================================================
[x][ Module: SPI Flash Region Access Control
[x][ =======================================================================
[*] FRAP = 0x83241C01 << SPI Flash Regions Access Permissions Register (SPIBAR + 0x50)
[00] BRRA = 1 << BIOS Region Read Access
[08] BRWA = 1C << BIOS Region Write Access
[16] BMRAG = 24 << BIOS Master Read Access Grant
[24] BMWAG = 83 << BIOS Master Write Access Grant
[*] Software access to SPI flash regions: read = 0x01, write = 0x1C
[+] PASSED: SPI flash permissions prevent SW from writing to flash descriptor
[*] running module: chipsec.modules.common.smm
[*] Module path: /home/k/chipsec/source/tool/chipsec/modules/common/smm.py
[x][ =======================================================================
[x][ Module: Compatible SMM memory (SMRAM) Protection
[x][ =======================================================================
[*] PCI0.0.0_SMRAMC = 0x00 << System Management RAM Control (b:d.f 00:00.0 + 0x88)
[00] C_BASE_SEG = 0 << SMRAM Base Segment = 010b
[03] G_SMRAME = 0 << SMRAM Enabled
[04] D_LCK = 0 << SMRAM Locked
[05] D_CLS = 0 << SMRAM Closed
[06] D_OPEN = 0 << SMRAM Open
[*] Compatible SMRAM is not enabled. Skipping..
[*] running module: chipsec.modules.common.bios_smi
[*] Module path: /home/k/chipsec/source/tool/chipsec/modules/common/bios_smi.py
[x][ =======================================================================
[x][ Module: SMI Events Configuration
[x][ =======================================================================
[+] SMM BIOS region write protection is enabled (SMM_BWP is used)
[*] Checking SMI enables..
Global SMI enable: 1
TCO SMI enable : 1
[+] All required SMI events are enabled
[*] Checking SMI configuration locks..
[+] TCO SMI configuration is locked (TCO SMI Lock)
[+] SMI events global configuration is locked (SMI Lock)
[+] PASSED: All required SMI sources seem to be enabled and locked
[*] running module: chipsec.modules.common.smrr
[*] Module path: /home/k/chipsec/source/tool/chipsec/modules/common/smrr.py
[x][ =======================================================================
[x][ Module: CPU SMM Cache Poisoning / System Management Range Registers
[x][ =======================================================================
[!] CPU does not support SMRR range protection of SMRAM
[*] SKIPPED: CPU does not support SMRR range protection of SMRAM
[*] running module: chipsec.modules.common.bios_ts
[*] Module path: /home/k/chipsec/source/tool/chipsec/modules/common/bios_ts.py
[x][ =======================================================================
[x][ Module: BIOS Interface Lock and Top Swap Mode
[x][ =======================================================================
[*] BC = 0xFF << BIOS Control (b:d.f 00:31.0 + 0xDC)
[00] BIOSWE = 1 << BIOS Write Enable
[01] BLE = 1 << BIOS Lock Enable
[02] SRC = 3 << SPI Read Configuration
[04] TSS = 1 << Top Swap Status
[05] SMM_BWP = 1 << SMM BIOS Write Protection
[*] BIOS Top Swap mode is enabled
[*] BUC = 0x200F0000 << Backed Up Control (RCBA + 0x3414)
[00] TS = 0 << Top Swap
[*] RTC version of TS = 0
[*] GCS = 0x0355E900 << General Control and Status (RCBA + 0x3410)
[00] BILD = 0 << BIOS Interface Lock Down
[10] BBS = 2 << Boot BIOS Straps
[-] FAILED: BIOS Interface is not locked (including Top Swap Mode)
[*] running module: chipsec.modules.common.secureboot.variables
[*] Module path: /home/k/chipsec/source/tool/chipsec/modules/common/secureboot/variables.py
[*] SKIPPED: OS does not support UEFI Runtime API
Skipping module chipsec.modules.common.secureboot.variables since it is not supported in this platform
[*] running module: chipsec.modules.common.uefi.access_uefispec
[*] Module path: /home/k/chipsec/source/tool/chipsec/modules/common/uefi/access_uefispec.py
[*] SKIPPED: OS does not support UEFI Runtime API
Skipping module chipsec.modules.common.uefi.access_uefispec since it is not supported in this platform
[*] running module: chipsec.modules.common.uefi.s3bootscript
[*] Module path: /home/k/chipsec/source/tool/chipsec/modules/common/uefi/s3bootscript.py
[*] SKIPPED: OS does not support UEFI Runtime API
Skipping module chipsec.modules.common.uefi.s3bootscript since it is not supported in this platform
[*] running module: chipsec.modules.module_template
[*] Module path: /home/k/chipsec/source/tool/chipsec/modules/module_template.py
Skipping module chipsec.modules.module_template since it is not supported in this platform
[*] running module: chipsec.modules.remap
[*] Module path: /home/k/chipsec/source/tool/chipsec/modules/remap.py
Skipping module chipsec.modules.remap since it is not supported in this platform
[*] running module: chipsec.modules.smm_dma
[*] Module path: /home/k/chipsec/source/tool/chipsec/modules/smm_dma.py
[x][ =======================================================================
[x][ Module: SMM TSEG Range Configuration Check
[x][ =======================================================================
/code]