[Released] The Settings Creator - 8525, TyTN, MDA Vario II, JasJam General

Howdy all. Do you flash your phone a lot? Don’t you hate it having to put in your WIFI and Exchange settings all the time? Well now you don’t have to with the Settings Creator. I started off creating a XML for just myself but then I decided to give back to the community that has helped me so much with my flashing and cooking needs.
To run the program all that is required is the .NET framework 2.0 (See below for link). After you input the information that is required a nice CAB file will be created, just pop that on your phone and viola settings are all done. In the words of my Cousin Vinny "Make once, use a bunch".
Known Issues:
1. WEP 128bit does not work (I think this is a limitation of the Hermes because even manually I cannot get it to work)
2. E-mail is for Exchange Direct Push Only
Help requested:
1. I don’t have access to a AP/Router that does WPA2 therefore I have no idea if this works with that level on authentication works (Also try manually to see if it is a limitation of the device)
2. I don’t have access to a AP/Router that does WPA with AES Encryption therefore I have no idea if this works with that level on authentication works (Also try manually to see if it is a limitation of the device)
Please provide any feedback you may have. Thanks guys.
-UllSang
Program requires .NET 2.0 Framework. (Download at http://www.microsoft.com/downloads/...CB-4362-4B0D-8EDD-AAB15C5E04F5&displaylang=en
Also required is Visual J#)
Attachment 1: The binary release
Attachment 2: Source code.
Licensed under: http://creativecommons.org/licenses/by-nc-sa/3.0/us/
Change log:
---0.1
-----First Release

Running this on the desktop complained at first - you need to install the Visual J# Redistributable to make it work, as it doesn't seem to be part of the .NET framework by default.
Hope that helps.

Ah thanks for the heads up, I had no idea that it wasn't a part of the .NET framework by default. Did you instal the J# package and try the program? Thanks.

UllSang said:
Known Issues:
1. WEP 128bit does not work (I think this is a limitation of the Hermes because even manually I cannot get it to work)
Click to expand...
Click to collapse
A humble suggestion - this may be worth looking at again as I use wep 128bit and do not find any problem when entered as hex key.
Mike

Hmm.. intresting... I can not get it to work. I am inputting it as an ASCII though and it only works for 64 bit. After i saw your post i tried it entering as hex and it still does not work, it could be my cheap piece of crap router. Any chance you tried it out with the program? Thanks

Related

Trusted Applications on WM5

Hello,
I have problems with different applications under Windows Mobile 5.0. When i try to run them i get the following error.
Code:
The file 'foo' cannot be opened. Either it is not signed with a trusted certificate, or one of its components cannot be found. You might need to reinstall or restore this file.
Is there anyway of disabling the checks for trusted applications in Windows Mobile 5.0 on the Wizard?
Does this help? (From Windows Mobile Blog)
Code:
This post will be a quick reference to the application security model in WM 2005. I'll gloss over some fine details in order to cover the broad points.
For CreateProcess() or running any executable
First, examine the signature on the binary. The three possibilities are that it is signed privileged, signed unprivileged, or unsigned. (determined by checking the Authenticode signature)
If signed by cert that chains to Privileged Execution Authorities store:
App runs privileged(CeGetCurrentTrust() == 2)
Else if signed by cert that chains to Unprivileged Execution Authorities store:
If device is one-tier (policy 4123 == 1)
App runs privileged.
else (two-tier)
App runs unprivileged. (CeGetCurrentTrust() == 1)
Else if app is unsigned
If unsigned apps are blocked (policy 4102 == 0)
App fails to load. (returns NTE_BAD_SIGNATURE).
Else if the device prompts, and the prompt times out or the user presses No
App fails to load.
Else if we are configured not to prompt (policy 4122 == 1) or the user accepts the prompt
If device is one-tier
App runs trusted.
else (two-tier)
App runs untrusted.
Greetings,
Brezel
This is from the wiki. It works on the Universal, should work on WM5 generally I guess:
Code:
Allow the unsigned app from installing for everything.
HKEY_LOCAL_MACHINE\Secutiry\Policies\Policies] Change value 0000101a from 0 to 1
Do a soft reset.
I think that's just for installing, not running. Tell me if it works.
V
On my Wizard that key already has a value 1, perhaps I should change it to 0 to get this effect? have no app to install right now, but will try if I install next time.
because..
..wizard has much older version of ROM than Universal. The old ROMs of Universal has the value 1 too..
I changed the following registry values
Code:
HKLM\Security\Policies\Policies\00001001 = 1 (RAPI)
HKLM\Security\Policies\Policies\00001005 = 40 (Cert)
HKLM\Security\Policies\Policies\00001017 = 144
HKLM\Security\Policies\Policies\0000101B = 1
HKLM\Security\Policies\Policies\0000101B = 0
HKLM\Security\Policies\Policies\00001006 = 1
Those values change nothing at all. The only difference is that i am not asked to allow installation of non certified applications. My problem, however, is not the installation, which works, but the application. Whenever i try to run it i get the error mentioned above. It is just not possible to run certain applications without certificate.
Greetings,
Brezel
I got the exact error and have asked for help on this forum and on HowardForum without any luck
You could re-sign the application using your own code signing certificate and add your certification authority certificate to trusted root certificate authorities on your WM5 device. :wink:
V-Ger said:
You could re-sign the application using your own code signing certificate and add your certification authority certificate to trusted root certificate authorities on your WM5 device. :wink:
Click to expand...
Click to collapse
I tried this, but without success. I already have my own root cert installed on the device (for SSL Activsync) and that works fine, but the app still won't work as a "signed app" :-(
Have you got this working?
Yes I tried it and it works!
1.First you have to issue a Code signing certificate:
- Add a code signing template using Certification Authority snap-in
- Issue a code signing certificate
2. Download and Extract code signing tools:
http://ftp.intron.ac/pub/security/raw/codesigningx86.exe
3. Run signcode.exe on WM5 executable file using the certificate you created earlier.
4 Copy executable file to WM5 device
V-Ger said:
Yes I tried it and it works!
1.First you have to issue a Code signing certificate:
- Add a code signing template using Certification Authority snap-in
- Issue a code signing certificate
2. Download and Extract code signing tools:
http://ftp.intron.ac/pub/security/raw/codesigningx86.exe
3. Run signcode.exe on WM5 executable file using the certificate you created earlier.
4 Copy executable file to WM5 device
Click to expand...
Click to collapse
I did create a code-signing cert in Certsrv, but I must have cocked something up. I will try again this afternoon and let you know.
Thanks for the help
V-Ger said:
Yes I tried it and it works!
1.First you have to issue a Code signing certificate:
- Add a code signing template using Certification Authority snap-in
- Issue a code signing certificate
2. Download and Extract code signing tools:
http://ftp.intron.ac/pub/security/raw/codesigningx86.exe
3. Run signcode.exe on WM5 executable file using the certificate you created earlier.
4 Copy executable file to WM5 device
Click to expand...
Click to collapse
Ok, this is what I did (and it still didn't work):
1) Installed my own trusted-root CA onto my Mini S by opening the .cer file. This bit definately works as I'm able to sync my email with Exchange over SSL and this doesn't work unless the correct root cert is installed
2) Added a code-signing template in certservices with default settings. (Custom templates are not allowed in my Windows Std edition :-( )
3) Using IE, create a code-signing cert with default settings. Also export the private keys into a PVK file.
4) Using cert2spc, convert the cer file to an spc file
5) run signcode -spc cert.spc -v privkeys.pvk filetosign.exe ("Result successful with warning about file not being timestamped)
6) Copy .exe to device and run - still whinges about unknown publisher
Bah. Any suggestions as to what I'm doing wrong?
Daern
I have the same very irritating problem.
1.First you have to issue a Code signing certificate:
- Add a code signing template using Certification Authority snap-in
- Issue a code signing certificate
How do I do that ?
daern said:
V-Ger said:
Yes I tried it and it works!
1.First you have to issue a Code signing certificate:
- Add a code signing template using Certification Authority snap-in
- Issue a code signing certificate
2. Download and Extract code signing tools:
http://ftp.intron.ac/pub/security/raw/codesigningx86.exe
3. Run signcode.exe on WM5 executable file using the certificate you created earlier.
4 Copy executable file to WM5 device
Click to expand...
Click to collapse
I did create a code-signing cert in Certsrv, but I must have cocked something up. I will try again this afternoon and let you know.
Thanks for the help
Click to expand...
Click to collapse
Ah. More success now. I've switched to using "signtool.exe signwizard" and that has enabled me to get it working...
daern said:
Ah. More success now. I've switched to using "signtool.exe signwizard" and that has enabled me to get it working...
Click to expand...
Click to collapse
Bugger. Too quick off the mark. It's still not working. Arrrrrgh!
easycure1974 said:
I have the same very irritating problem.
1.First you have to issue a Code signing certificate:
- Add a code signing template using Certification Authority snap-in
- Issue a code signing certificate
How do I do that ?
Click to expand...
Click to collapse
[WIN2k3 Server]
START/All Programs/Administrative Tools/Certification Authority
SERVER/Certificate Templates/New/Certificate Template to Issue
http://servername/certsrv
-Request a Certificate
-advanced certificate request
-Create and submit a request to this CA
-Certificate Template: Code Signing
[leave default settings]
-SUBMIT
Thank you - shall try and if that could help me solve this annoying problem !
V-Ger said:
Yes I tried it and it works!
1.First you have to issue a Code signing certificate:
- Add a code signing template using Certification Authority snap-in
- Issue a code signing certificate
2. Download and Extract code signing tools:
http://ftp.intron.ac/pub/security/raw/codesigningx86.exe
3. Run signcode.exe on WM5 executable file using the certificate you created earlier.
4 Copy executable file to WM5 device
Click to expand...
Click to collapse
Are you *absolutely* sure that this works? I am now sure that I am doing this right, but I don't believe that apps signed against a certificate that only exists in the public root store (i.e. the one used for SSL connections) will be accepted as "valid". I've tried every way I can think of getting this to work, but with no success :-(
When I posted to say that it was working, what I actually saw was PPC recognising a file with a different file name, but the same CRC as a file that I had already said "Yes, I know it's unsigned. Run it anyway". Even though the new file was a different name, WM2005 ran it anyway without comment, as it assumed (correctly) that it was the same file with a different name... As I haven't yet found a way to make WM2005 forget the exes that I have accepted (I assume it's in the reg somewhere) I have now resorted to recompiling the same exe each time, but with different resource data, thus ensuring it's always different!
What device are you using to test this? I wonder if your derivative of the HTC Wizard has different certs installed than mine (UK O2 XDA Mini S)
Would it be possible for you to send me a sample .exe and your own root cert for me to test on my device. At least then I'll know if it's my device or my technique that is causing me problems ;-)
Thanks
Daern
Yes, I am positive it works. I am using Universal (Qtek 9000), but that shouldn't make any difference.
Besides the error message after each soft reset.
I can still install many software and use it smoothly.
Haven't seen any other problem yet.
What is the certificate about?
At the risk of appearing as a heretic..is there any way that this problem (which I get when clicking on any hyperlink) is related to the SdkCerts.CAB installed as part of ozVGA?
Dumb idea I know however I have no idea of what that CAB did. Can I somehow remove its effects just to prove it isn't the cause? ..hope this isn't off topic.
J

Ignoring certifications

Is there a way via registry editing or otherwise to set up a device to ignore the requirement to have certified dll's and executables.
This would be temporary just for trying out programs extracted from other roms without having to worry about certifying everything just to see if it works.
Thanks
the policies that control this can be viewed here:
http://msdn.microsoft.com/library/d.../wce51conwindowsmobiledevicesecuritymodel.asp
the "unsigned applications policy" should already be 1.
change the "Unsigned Prompt Policy" to 1 also. I.e. change the following registry entry to 1.
HKLM\Security\Policies\Policies\101a
Note that the web page says that this policy is 4122, but 4122 is 101a in hex.
You may also want to set "unsigned cabs" to 16
(HKLM\Security\Policies\Policies\1005 to 16)
Also, this will not work for drivers that are loaded during booting. I'm pretty sure they must be signed. It's not that difficult to create a certificate, install it on your device, then sign the driver dll so it will work.
you can also change this using the "SecurityPolicy Configuration Service" see
http://msdn.microsoft.com/library/d...lesdk5/html/wce51samsettingsecuritypolicy.asp
Thanks a bunch! good info.

OpenVPN?

The N7 just got delivered. I immediately and successfully unlocked and rooted, thanks to Wugs (thanks Wugs!). Now I need to figure out how to connect to my VPN provider who uses OpenVPN and .ovpn config files. There are a few apps in the store, and I'm not sure which ones to install, or how to configure.
Thanks,
RF
I think Android supports VPN's (or at least it does in ICS) without the need of any 3rd-party apps, but then again I don't think I ever messed with OpenVPN.
If it means anything, I was able to connect to my own VPN I made with Windows 7 from ICS.
Install both OpenVPN apps from F. Schäuffelhut.
One is the binary, the other checks your setup and manages your tunnels.
You will also need busybox.
just tested all this today.
espionage724 said:
I think Android supports VPN's (or at least it does in ICS) without the need of any 3rd-party apps, but then again I don't think I ever messed with OpenVPN.
If it means anything, I was able to connect to my own VPN I made with Windows 7 from ICS.
Click to expand...
Click to collapse
If a standard port etc, yes, this should just work.
martyg7 said:
Install both OpenVPN apps from F. Schäuffelhut.
One is the binary, the other checks your setup and manages your tunnels.
You will also need busybox.
just tested all this today.
Click to expand...
Click to collapse
If not on a standard port (like I have set up, so I can OpenVPN out of my work wifi), or an oddball configuration, it works out of the box, rooted of course. I was afraid of the TUN module/config but it was compiled in. Thanks Google
There is also another openvpn by schwabe that doesn't require you to install any binaries. You just need to copy the authentication cert files, edit the .ovpn file to include the correct cert files and the server and import the profile. If you're having trouble, i can write a small tutorial on how to do so. There are also other tutorials on how you can do it if you Google openvpn on Android tutorials/guides.
Sent from my Nexus 7
I used the OpenVPN apps from F. Schauffelhut. I copied the config files from my Windows PC setup, and edited the ovpn file. However I don't know how to store the login credentials as encrypted. The OpenVPN Settings from F.S. doesn't query the user for id/pw. It just fails. So I added "auth-user-pass pwd_file" entry into the ovpn file, but it's in plaintext.
I don't want to have to type the login each time, but I do want it encrypted. Can anyone provide some info here? I'm a noob with OpenVPN. TIA.
Edit: It is working right now, just that the login info is unencrypted.
BTW, here is my ovpn file:
Code:
client
dev tun
proto tcp
remote xxxxxxxxxxx ###
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
cipher BF-CBC
keysize 512
comp-lzo
verb 4
mute 5
tun-mtu 1500
mssfix 1450
auth-user-pass pwd_file
reneg-sec 0
route-method exe
route-delay 1 10
route-metric 512
route 0.0.0.0 0.0.0.0
I believe you can encrypt the .cert files that are used by adding them to the credentials manager in settings-security. I haven't tried it so i can't confirm. Alternatively you could try an app that encrypts that folder so that it needs to be decrypted before use.
Sent from my Nexus 7
Thanks for the replies.
I went a different route, and it worked flawlessly: I made a folder in the N7 main directory (same place as Alarms, Music, etc..) called OpenVPN. Inside that, I placed a folder from my PC OpenVPN/config folder, that contained my ,ovpn file and the .crt files, etc. I then installed OpenVPN For Android from Arne Schwabe. Launching that app, and going into the 'Precious VPNs' option, allowed me to 'Import'. I navigated to the OpenVPN folder, and then the folder containing the VPN files. Highlighting the *.ovpn file and then hitting 'Select' has the app 'do it's thing'. When done, you hit finish/complete/done (forget what it was), and the VPN connection shows up in the list. Activating it and browsing to an IP check website, showed my VPN provider's exit IP. It was all easier than it looks by typing it.
RF
PS. I also installed Orbot, and since I'm rooted, the 'Transparently Proxy All Applications' option. After also checking the option to use the N7's default IP Tables (this is not the default, the app tries to use it's built in binaries and it will fail on the N7) everything connected through Tor as well...so I have two options for browsing - VPN or Tor.
I love this device (rooted) !
Glad it worked out however remember that the app is also storing info in a file that can only be read by the app but it is still in plain text. The author of the app describes it in detail in the faq section. However it is much better than having to keep the files available in plain text at all times.
Sent from my Nexus 7

[XAP][18/09/2015][0.6] CustomPFD: registry editor + tweaks

Welcome to CustomPFD, a registry editor with tree view and some tweaks, for Windows Phone 8.1
This app can read Keys with any phone, but to write you have to apply the XAP to Preview For Developers (you can use my tool here)you need to interop-unlock your device and possibly a Lumia device.
Latest version: 0.6 - 17/09/2015
- support for CustomPFD Remote
- bugfix for multistring and binary values
Changelog of older versions
v 0.1
- first release
v0.2
- it's possible to delete Keys and values (tap and hold for menù)
- it's possible to create kwys and values
- better interface
- new about page
- full path within tree (you can scroll horizzontaly too)
- added a few tweaks
- new tile
v 0.3 - 29/12/2014
- Better list navigation (especially for long lists)
- More tweaks available:
>>> Custom accent color (ALPHA)
>>> Never Lock Screen
>>> C:\ access via MTP (some folders in read-only mode)
- Interface tweaks
- Save button (but it's not working for now....)
- Infos about registry editing permissions on top of the list
- Path bug fixed
- Tweaks are divided by categories
v 0.5 - created for Interop-unlocked devices - 25/06/2015
NOTE: this version was created to be deployed and not patched with CustomWPSystem!
- vcRegfrom vcFan library gets integrated
- Windows Phone 8.1 full support (no more WP8)
- new interface, with customized style
- registry tree list is a lot more stable
- delete/copy/edit value by pressing an item
- a lot of new tweaks
- White theme fully supported
- Settings reorder page
- Binary, Multistring and Variablestring are supported
- The about page was moved to the home
- a lot of bugfixes and more
Really important notes
- If you still want to patch CustomPFD to Preview For Developers with CustomWPSystem, you can download the v0.3
- Some operations such as renaming or deleting still have the same permissions of Preview For Developers, so be careful while creating new keys/values
- This app is compatible with Windows Phone 8.1 and Windows 10 Mobile only, with ARM processors
- Other tips are available directly within the app
- If you want to enable the "Full FS Access" tweak, don't shutdown or restart your phone, unless you disable that again!
CustomPFD Remote - app for Windows 10
There's an UWP Application to access and control remotely to CustomPFD, more informations here:
http://forum.xda-developers.com/windows-10/development/app-custompfd-remote-edit-registry-t3205007
Non-english links, tutorials
http://www.windowsblogitalia.com/20...egistri-di-windows-10-mobile-anche-in-remoto/
http://wpvision.de/anleitungen-und-...bearbeiten-windows-10-mobile-|-anleitung.html
Really thanks to djamol and vcFan :highfive:
Enjoy!
Hi,
Very promising, thank you for your work.
Unfortunately, this does not work with my NL1520 (8.10.14219.341), even after applying the software reset.
Hi, thanks for feedback, could you provide me more details? Where the app "doesn't work"?
- First message: "the operation didn't complete succesfully maybe the app can't get permissions or there's some problems during extracting files. Try to soft reset you phone and retry"
- 2nd message: "Access is denied. Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)"
mhm... it seems that there's a problem with renaming the apps folde (you could try with a file manager).
Sometimes a soft-reset or remove-reinsert SD may help (I've resolved with this method)
However I've published the 0.3 of CustomWPSystem some minutes ago with a fix.
You can manually patch this app with a file manager?
I'll try tomorrow and I'll let you know.
Make sure you didn't install the swapping tool to the SD card, and that you don't have any SD-card-based apps running when you perform the swap. Either of those will prevent renaming the Apps directory.
Version 0.2 is available now
Added a lot of things
Pasquiindustry said:
mhm... it seems that there's a problem with renaming the apps folde (you could try with a file manager).
Sometimes a soft-reset or remove-reinsert SD may help (I've resolved with this method)
However I've published the 0.3 of CustomWPSystem some minutes ago with a fix.
You can manually patch this app with a file manager?
Click to expand...
Click to collapse
GoodDayToDie said:
Make sure you didn't install the swapping tool to the SD card, and that you don't have any SD-card-based apps running when you perform the swap. Either of those will prevent renaming the Apps directory.
Click to expand...
Click to collapse
Hi,
Thanks.
I followed this (manually method) and works :good:
In version 0.2 I did not found registry tweaks useful for me. Also there was no useful tweaks from there. I can not write keys to achieve SIM contacts import/export feature and others. And can you please publish what the values has been changed to achieve each of your listed tweaks here?
Today I realized that something happens with the Preview for Developers app (changed to your registry editor). It`s just disappeared from the apps list, but marked as installed on the Store page. See more.
Version 0.3 available, as Always you can find the changelog and the download link within the first post
For the next version I will add Sim related tweaks and something related to the settings hub and action center, with Keys and value rename function.
feherneoh said:
Have a look on what I just did with this tool (Could be added to tweaks):
View attachment 3087766
HKLM/SOFTWARE/Microsoft/MTP/DataStore = "C:"
Click to expand...
Click to collapse
It's already available in 0.3
can you tell me how custom accent work ? because i dont see any chenge in accent after changing values ?
irshad2809 said:
can you tell me how custom accent work ? because i dont see any chenge in accent after changing values ?
Click to expand...
Click to collapse
Within the app, at accent color tweak, write R - G - B value of the color. Allowed values are from 0 to 255 (decimal for now)
Then, open settings > start and theme and you will see a new color within the color list with "olive" name
Pasquiindustry said:
Within the app, at accent color tweak, write R - G - B value of the color. Allowed values are from 0 to 255 (decimal for now)
Then, open settings > start and theme and you will see a new color within the color list with "olive" name
Click to expand...
Click to collapse
thanks now i get it
thanx so much .... great work man ...
Lumia 920 error
(you can't write here...)
Is it possible to add this option to the featurelist:
Enable the setting of manual / static IP configuration
its described here:
dev.windowsphone.com/en-US/OEM/docs/Driver_Components/Wi-Fi
To facilitate Wi-Fi certification tests, you can enable a screen from the Wi-Fi settings screen that provides UI elements that allow you to specify a static IP address, gateway address, and DNS server address.
To enable the Static IP UI, set the value of the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WiFiConnSvc\Parameters\Config\EnableStaticIP registry entry to DWORD 1. If the entry is not set, or is set to any value other than 1, the static IP UI is not enabled. When enabled, the Wi-Fi Static IP UI button appears directly below the Advanced button in the Wi-Fi settings screen.
Interop-unlock
Is this tool ready to interop-unlock a device? If not, what's the problem?
Anything I do, it wont work
I tried doing it with the swaper and it gives the same error as the other guy, so as he did it manually, i tried it the same way.
The preview for developers app shows no Icons and wen i start it, it just shows Loading.... and nothing , just like that :/
Edit : managed it : http://forum.xda-developers.com/showpost.php?p=57836056&postcount=36

[Discontinued]

---
---
---
---
---
For owners of Xiaomi Air 12 or 13 that are facing static sound in Audio cause of Windows 10 please update your Realtek driver from their own website and not use windows update or general update. You need to download the latest 64bit driver dated ' 14-Jun-17 - 6.0.1.8186 '
@Wootever, sorry for my unrelated question. But, I have a Xiaomi Air 13 2016 and I've set a supervisor password when I changed to Linux. I then removed the password when I changed back to Windows 10, but it's still asking me for one...
Do you happen to know a way on how to remove the BIOS password on this laptop? I've extracted the executable from Insyde H20 A06 updater and changed the platform.ini, so it does a force flash of the password area (Password=1), however, it's still asking for one.. Any help would be greatly appreciated! Thanks in advance
@r00tPT
Try to set the password again and then set it to blank.
Wootever said:
@r00tPT
Try to set the password again and then set it to blank.
Click to expand...
Click to collapse
Thanks, but I cannot set the a new password, as when I try to access the BIOS, it asks me for a password..
I wanted to reset this password altogether, so I can access my BIOS and set a new one =/
@r00tPT
You can try to flash this default BIOS A06 Package, it will overwrite all device specific data (Serial, Windows Key, NVstore).
All settings should be set to default (including the password), but i haven't tested this (no guarantee and at your own risk).
Edit:
Don't forget to create a backup using the Backup.cmd file, it should be possible to restore the Serial number on the "empty" default BIOS.
Wootever said:
@r00tPT
You can try to flash this default BIOS A06 Package, it will overwrite all device specific data (Serial, Windows Key, NVstore).
All settings should be set to default (including the password), but i haven't tested this (no guarantee and at your own risk).
Edit:
Don't forget to create a backup using the Backup.cmd file, it should be possible to restore the Serial number on the "empty" default BIOS.
Click to expand...
Click to collapse
Thank you, Wootever! I think it's worth a try.
Would it make sense to create the backup, flash the default package, confirm if there's no password and then flash back the original Xiaomi BIOS to restore the Serial number?
Sorry, as I have near to none experience related to bios. thanks once again
@r00tPT
The backup includes all current settings (including the password), restoring it would also re-enable the password protection.
I made a little script to restore the device serial from the backup.bin file.
This is necessary because the Windows Activation seems linked with the device serial number.
Edit:
Updated the script.
Wootever said:
@r00tPT
The backup includes all current settings (including the password), restoring it would also re-enable the password protection.
I made a little script to restore the device serial from the backup.bin file.
This is necessary because the Windows Activation seems linked with the device serial number.
Edit:
Updated the script.
Click to expand...
Click to collapse
Wouldn't it be best to make a backup of the current bios with a flash programmer? I still haven't done this, as I'm trying to figure out what password I put.. (I basically set a supervisor password when I disabled secure boot, but then when I tried to set a new blank password it didn't change it back)
I have a friend who has the exact same laptop. Would it be fine if I made a backup of his bios and restore it into mine?
Could there be an issue or some missing information? Probably only the device serial number, which I could write again using your script? Would that be feasible?
By the way, sorry for asking these questions here/to you, but it's hard to find some guidance regarding this topic. Thanks once again
@Wootever, it worked!! You're the greatest man! I'm now able to access my BIOS again!
Is there any way to re-enable the flash protected range register again, just in case?
Wootever said:
I just got my hands on a Xiaomi Air 13 (2016 version) and wanted to share my findings.
The BIOS version of this device is A07, which is not yet made available by Xiaomi and originally, BIOS updates can only be flashed with the Insyde tools.
However, those require a valid certificate to correctly sign the binary file, thus a provided backup of version A07 won't be applicable as a update.
Intel Flash Programming tool is another alternative which allows to flash unsigned/customized versions, but in practice FPT can't access the BIOS region due to the protected range register which prohibits write access.
Code:
Error 316: Protected Range Registers are currently set by BIOS, preventing flash access.
Please contact the target system BIOS vendor for an option to disable Protected Range Registers.
Fortunately there is an undocumented variable switch that i found by coincidence which deactivates the flash protected range register.
For this i made a little tool which automatically patches the variable to allow BIOS update via FPT.
Note: modifying your BIOS is at your own discretion, i am not responsible for any damage caused by this procedure.
Download my variable patcher, extract it and execute Patcher.cmd
Reboot your device.
Download BIOS A07 for the Xiaomi Air 13 (2016)
Execute Backup.cmd to create a backup of your current BIOS.
Then execute Update.cmd to install version A07.
Use Serial.cmd to restore the device serial number from the backup BIOS.
Reboot your device.
I also made a few changes for this BIOS:
Updated microcode to 0xBA
Increased PWM frequency to 5000 Hz
Click to expand...
Click to collapse
I tried but I have this problem with patcher, any suggestion?
@Wootever
1) after upgrading the bios, how do i re-activate the flash protected range register?
2) do you have the default clean A07 bios (without the microcode and PWM changes)?
thank you!
May I ask if there is an easy way to unlock BIOS totally on Xiaomi Air 13? Because previously I opened a topic about it in biosmods.com , someone reached to me and told that due to write protection it needs quoting from him: "Bios mod can be flashed using SPI-programmer+SOIC8 clip only". That requires opening laptop up and connecting clip on chip physically. I love to tinker things in my laptop but that is a bit scary for me. So is there another way to do it, anyone knows??
THANK YOU!! This is pure gold! By the way, does the flag you found also unlock the ME region?
Update: nevermind. The answer is no unfortunately
bigorbi said:
May I ask if there is an easy way to unlock BIOS totally on Xiaomi Air 13? Because previously I opened a topic about it in biosmods.com , someone reached to me and told that due to write protection it needs quoting from him: "Bios mod can be flashed using SPI-programmer+SOIC8 clip only". That requires opening laptop up and connecting clip on chip physically. I love to tinker things in my laptop but that is a bit scary for me. So is there another way to do it, anyone knows??
Click to expand...
Click to collapse
No, you can flash any bios mod with the flag found by @Wootever. However, you may want to get a programmer (Altera USB blaster has cheap Chinese clones supported by flashrom) and a SOIC8 clip anyway just in case. They're dirt cheap and allow for recovery when things go wrong.
As a bonus, an external programmer enables you to get rid of the management engine.
CARLiCiOUS said:
THANK YOU!! This is pure gold! By the way, does the flag you found also unlock the ME region?
Update: nevermind. The answer is no unfortunately
Click to expand...
Click to collapse
It might be possible if the variable for ME Image Re-Flash is set:
Code:
Me FW Image Re-Flash, Variable: 0xD08
Disabled, Value: 0x0 (default)
Enabled, Value: 0x1
Variable to unlock protected range register:
Code:
BIOS SPI Lock:, Variable: 0x258
Enabled, Value: 0x1 (default)
Disabled, Value: 0x0
Edit:
Here is another variable patcher that also enables the ME Re-Flash variable.
(Note: not tested, use with caution)

Categories

Resources