Translate

Image of Modern Operating Systems (3rd Edition)
Image of XSLT 2.0 and XPath 2.0 Programmer's Reference (Programmer to Programmer)
Image of Operating System Concepts
Image of Beginning Google Maps API 3

Has Intel ME Analysis Tool Development Petered Out?

Recently I decided to upgrade the Intel Management Engine (ME) firmware on my Lenovo T450 laptop as Lenovo had released a new version of the firmware (10.0.55.3000) in May 2017.

The ME firmware upgrade went smoothly and no problems were encountered.

After the upgrade was completed, I decided to review my knowledge of ME firmware internals using the ME firmware binary that I had just installed as I had last looked at ME firmware in early 2015.

For readers who are not familiar with the Intel Management Engine, I suggest you first read this Wikipedia article on Intel Active Management Technology. For an introduction to ME internals, I recommend Rootkit in your laptop: Hidden code in your chipset and how to discover what exactly it does by Igor Skochinsky and all all his other excellent presentations on this topic. They can all be downloaded from his Github papers repository. Another useful presentation to read is INTEL AMT. STEALTH BREAKTHROUGH by Dmitriy Evdokimov, CTO Embedi et al which was presented at Blackhat USA 2017. Finally, I recommend you look at the ME Blob Format webpage.

Here is an 010 editor template which I used to examine the binary to ensure that the binary was laid out as expected:

typedef struct {
    uint32  Romb[4];   // 00 04 08 0C
} PRE_HDR;

typedef struct {
    char    Tag[4];
    uint32  NumberPartitions;
    byte    Version;       // used because 010 editor does 
    byte    EntryType;     // not have int8 or uint8 types
    byte    Length;
    byte    Checksum;
    uint16  FlashCycleLifetime;
    uint16  FlashCycleLimit;
    uint32  UMASize;
    uint32  Flags;
    uint16  MajorVersion;
    uint16  MinorVersion;
    uint16  HotfixVersion;
    uint16  BuildVersion;
} FPT_HDR;

typedef struct {
    uint16  ModuleType;
    uint16  ModuleSubType;
    uint32  HeaderLength;
    uint32  HeaderVersion;
    uint32  Flags;
    uint32  ModuleVendor;
    uint32  Date;
    uint32  Size;
    char    Tag[4];
    uint32  NumModules;
    uint16  MajorVersion;
    uint16  MinorVersion;
    uint16  HotfixVersion;
    uint16  BuildVersion;
    uint32  Unknown1;
    uint32  KeySize;
    uint32  ScratchSize;
    uint32  RSAPublicKey[64];
    uint32  RSAExponent;
    uint32  RSASignature[64];
    char    PartitionName[12];
} MODULE_HDR;

// entry point
LittleEndian();
struct PRE_HDR  PreHeader <bgcolor=cLtGreen>;
struct FPT_HDR  FptHeader <bgcolor=cLtBlue>;
FSeek(0);
FSkip(0xE8000);
// FSkip(0x160000) and so on;
struct MODULE_HDR ModuleHeader <bgcolor=cLtRed>;


and here are two screen shots of that template being used on the ME10.0_5M_Production.bin binary. Refer to the ME Blob Format webpage for an explanation of these structures if you are unfamiliar with them.

Turning now to see what information is available from the Intel-supplied utilities MEInfoWin.exe and meinfo.efi. Note there are different versions of meinfowin and meinfo.efi for each major release of ME firmware, and you need use the appropriate version.

Here is the output from MEInfoWin.exe:

C:> MEInfoWin.exe /?

Intel(R) MEInfo Version: 10.0.30.1054
Copyright(C) 2005 - 2014, Intel Corporation. All rights reserved.

MEInfoWin.exe [-EXP] [-H|?] [-VER] [-FITCVER] [-FEAT] [-VALUE] 
              [-FWSTS] [-VERBOSE] [-PAGE] [-PID] [-DUMPIDLM] 

-EXP                Display example usage of this tool 
-H|?                Display help screen 
-VER                Display version information 
-FITCVER            Display FITC version 
-FEAT<name>         Retrieve a related platform setting 
-VALUE<value>       An expected platform setting value 
-FWSTS              Retrieve/decode ME Firmware status register 
-VERBOSE[filename]  Display the debug information of the tool 
-PAGE               Pause after each screenful of information 
-PID<filename>      Append/Export Platform ID to the binary file 
-DUMPIDLM<filename> Display Platform ID list in an IDLM binary 

Note: Name/value more than one word has to be between quotations.

C:> meinfowin
Intel(R) MEInfo Version: 10.0.30.1054
Copyright(C) 2005 - 2014, Intel Corporation. All rights reserved.

Intel(R) Manageability and Security Application code versions:

BIOS Version:                           JBET65WW (1.29 )
MEBx Version:                           10.0.0.0007
Gbe Version:                            0.2
VendorID:                               8086
PCH Version:                            3
FW Version:                             10.0.55.3000 LP
LMS Version:                            11.0.0.1153
MEI Driver Version:                     11.0.0.1146
Wireless Hardware Version:              2.1.77
Wireless Driver Version:                19.70.0.100

FW Capabilities:                        0x7DF65A45

    Intel(R) Active Management Technology - PRESENT/ENABLED
    Intel(R) Capability Licensing Service - PRESENT/ENABLED
    Protect Audio Video Path - PRESENT/ENABLED
    Intel(R) Dynamic Application Loader - PRESENT/ENABLED
    Intel(R) Platform Trust Technology - PRESENT/ENABLED

Intel(R) AMT State:                     Enabled
TLS:                                    Enabled
Last ME reset reason:                   Power up
Local FWUpdate:                         Enabled
BIOS Config Lock:                       Enabled
GbE Config Lock:                        Enabled
Host Read Access to ME:                 Disabled
Host Write Access to ME:                Disabled
SPI Flash ID #1:                        EF4018
SPI Flash ID VSCC #1:                   20252025
SPI Flash BIOS VSCC:                    20252025
BIOS boot State:                        Post Boot
OEM Id:                                 4c656e6f-766f-0000-0000-000000000000
Link Status:                            Link down
System UUID:                            7f053681-53c2-11cb-8c69-bb0db8ed8dcf
MAC Address:                            68-f7-28-63-46-fb
IPv4 Address:                           0.0.0.0
Wireless MAC Address:                   Not Available
Wireless IPv4 Address:                  0.0.0.0
IPv6 Enablement:                        Disabled
Privacy/Security Level:                 Default
Configuration state:                    Not started
Provisioning Mode:                      PKI
Capability Licensing Service:           Enabled
OEM Tag:                                0x00000000
Slot 1 Board Manufacturer:              0x000017AA
Slot 2 System Assembler:                Unused
Slot 3 Reserved:                        Unused
M3 Autotest:                            Enabled
C-link Status:                          Enabled
Wireless Micro-code Mismatch:           No
Wireless Micro-code ID in Firmware:     0x095A
Wireless LAN in Firmware:               Intel(R) Dual Band Wireless-AC 7265
Wireless Hardware ID:                   0x095B
Wireless LAN Hardware:                  Intel(R) Dual Band Wireless-AC 7265
Localized Language:                     English
Independent Firmware Recovery:          Disabled
Keybox:                                 Not Provisioned
OEM Public Key Hash (FPF):              9B406E27DD0E4B0CBD8F79725B902B994F93125E7EB5AEB032E7259D0655DEFD
OEM Public Key Hash (ME):               
ACM SVN FPF:                            0x3
KM SVN FPF:                             0x0
BSMM SVN FPF:                           0x0

                                        FPF                 ME
                                        ---                 --
Force Boot Guard ACM:                   Enabled             
Protect BIOS Environment:               Enabled             
CPU Debug Disabled:                     Disabled            
BSP Initialization Disabled:            Disabled            
Measured Boot:                          Disabled            
Verified Boot:                          Enabled             
Key Manifest ID:                        0x1                 
Enforcement Policy:                     0x3                 
PTT:                                    Enabled             
PTT Lockout Override Counter:           0x0
EK Revoke State:                        Not Revoked

And here is the output from meinfo.efi when run from a UEFI shell in verbose mode:

FS1> meinfo -h

Intel(R) MEInfo Version: 10.0.30.1054
Copyright(C) 2005 - 2014, Intel Corporation. All rights reserved.

MEInfo.efi [-EXP] [-H|?] [-VER] [-FITCVER] [-FEAT] [-VALUE] 
           [-FWSTS] [-VERBOSE] [-PAGE] [-PID] [-DUMPIDLM] 

-EXP                Display example usage of this tool 
-H|?                Display help screen 
-VER                Display version information 
-FITCVER            Display FITC version 
-FEAT<name>         Retrieve a related platform setting 
-VALUE<value>       An expected platform setting value 
-FWSTS              Retrieve/decode ME Firmware status register 
-VERBOSE[filename]  Display the debug information of the tool 
-PAGE               Pause after each screenful of information 
-PID<filename>      Append/Export Platform ID to the binary file 
-DUMPIDLM<filename> Display Platform ID list in an IDLM binary 

Note: Name/value more than one word has to be between "^".

FS1> meinfo -verbose

Intel(R) MEInfo Version: 10.0.30.1054
Copyright(C) 2005 - 2014, Intel Corporation. All rights reserved.

FW Status Register1: 0x1E000245
FW Status Register2: 0x6900A106
FW Status Register3: 0x00000300
FW Status Register4: 0x00004004
FW Status Register5: 0x00001F01
FW Status Register6: 0x44400EC9

  CurrentState:                         Normal
  ManufacturingMode:                    Disabled
  FlashPartition:                       Valid
  OperationalState:                     M0 with UMA
  InitComplete:                         Complete
  BUPLoadState:                         Success
  ErrorCode:                            No Error
  ModeOfOperation:                      Normal
  Phase:                                HOSTCOMM Module
  ICC:                                  Valid OEM data, ICC programmed
  SPI Flash Log:                        Not Present
  ME File System Corrupted:             No
  FPF and ME Config Status:             Match

Get ME FWU version command...done

Get ME FWU info command...done

Get ME FWU version command...done

Get ME FWU feature state command...done

Get ME FWU platform type command...done

Get ME FWU feature capability command...done

Get ME FWU OEM Id command...done
FW Capabilities value is 0x7DF65A45
Feature enablement is 0x7DF65A45
Platform type is 0x42351401
Intel(R) Manageability and Security Application code versions:

BIOS Version:                           JBET65WW (1.29 )
MEBx Version:                           10.0.0.0007
Gbe Version:                            0.2
VendorID:                               8086
PCH Version:                            3
FW Version:                             10.0.55.3000 LP

FW Capabilities:                        0x7DF65A45

    Intel(R) Active Management Technology - PRESENT/ENABLED
    Intel(R) Standard Manageability - NOT PRESENT
    Intel(R) Capability Licensing Service - PRESENT/ENABLED
    Protect Audio Video Path - PRESENT/ENABLED
    Intel(R) Dynamic Application Loader - PRESENT/ENABLED
    Intel(R) NFC Capabilities - NOT PRESENT
    Intel(R) Platform Trust Technology - PRESENT/ENABLED

Intel(R) AMT State:                     Enabled
TLS:                                    Enabled
Last ME reset reason:                   Power up
Local FWUpdate:                         Enabled

Get BIOS flash lockdown status...done
BIOS Config Lock:                       Enabled

Get GbE flash lockdown status...done
GbE Config Lock:                        Enabled

Get flash master region access status...done
Host Read Access to ME:                 Disabled
Host Write Access to ME:                Disabled
SPI Flash ID #1:                        EF4018
SPI Flash ID VSCC #1:                   20252025
SPI Flash BIOS VSCC:                    20252025
Protected Range Register Base #0 0x0
Protected Range Register Limit #0 0x0
Protected Range Register Base #1 0xEB0
Protected Range Register Limit #1 0xFFF
Protected Range Register Base #2 0xDF1
Protected Range Register Limit #2 0xE2F
Protected Range Register Base #3 0xDF0
Protected Range Register Limit #3 0xDF0
Protected Range Register Base #4 0xA00
Protected Range Register Limit #4 0xDEF
BIOS boot State:                        Post Boot
OEM Id:                                 4c656e6f-766f-0000-0000-000000000000

Get Intel(R) AMT state command...done
Link Status:                            Link down

Get system UUID command...done
System UUID:                            7f053681-53c2-11cb-8c69-bb0db8ed8dcf

Get LanInterfaceSettings command for wired interface...done
MAC Address:                            
Get Provisioning Tls Mode command...done

Get provisioning state command...done
68-f7-28-63-46-fb
IPv4 Address:                           0.0.0.0

Get LanInterfaceSettings command for wireless interface...done
Wireless MAC Address:                   
Get Provisioning Tls Mode command...done

Get provisioning state command...done
00-00-00-00-00-00
Wireless IPv4 Address:                  0.0.0.0

Get IPv6InterfaceStatus command for wired interface...done
Command response reports interface was disabled
IPv6 Enablement:                        Disabled

Get privacy/security level info command...done
Privacy/Security Level:                 Default

Get provisioning state command...done
Configuration state:                    Completed

Get Provisioning Tls Mode command...done
Provisioning Mode:                      PKI
Capability Licensing Service:           Enabled

Get ME FWU OEM Tag command...done
OEM Tag:                                0x00000000

Get System Integrator ID command...done
Slot 1 Board Manufacturer:              0x000017AA

Get System Integrator ID command...This slot is unused.
Slot 2 System Assembler:                Unused

Get System Integrator ID command...This slot is unused.
Slot 3 Reserved:                        Unused

Get M3 Autotest command...done
M3 Autotest:                            Enabled

Get CLink Status command...done
C-link Status:                          Enabled

Get ME FWU Platform Attribute (WLAN ucode) command...done
Wireless Micro-code Mismatch:           No
Wireless Micro-code ID in Firmware:     0x095A
Wireless LAN in Firmware:               Intel(R) Dual Band Wireless-AC 7265
Wireless Hardware ID:                   0x095B
Wireless LAN Hardware:                  Intel(R) Dual Band Wireless-AC 7265

Get ME FWU Platform Attribute (WLAN ucode) command...done
Localized Language:                     English

Get ME FWU Info command...done
Independent Firmware Recovery:          Disabled
Keybox:                                 Not Provisioned

Get Oem Public Key Hash command...done
OEM Public Key Hash (FPF):              9B406E27DD0E4B0CBD8F79725B902B994F93125E7EB5AEB032E7259D0655DEFD
OEM Public Key Hash (ME):               

Get ACM SVN command...done
ACM SVN FPF:                            0x3

Get KM SVN command...done
KM SVN FPF:                             0x0

Get BSMM SVN command...done
BSMM SVN FPF:                           0x0

Get Oem Boot Guard Policy command...done

                                        FPF                 ME
                                        ---                 --
Force Boot Guard ACM:                   Enabled             
Protect BIOS Environment:               Enabled             
CPU Debug Disabled:                     Disabled            
BSP Initialization Disabled:            Disabled            
Measured Boot:                          Disabled            
Verified Boot:                          Enabled             
Key Manifest ID:                        0x1                 
Enforcement Policy:                     0x3                 

Get PTT command...done
PTT:                                    Enabled             
PTT Lockout Override Counter:           
Get Anti-Hammering command...done
0x0
EK Revoke State:                        
Get EK Revoke State command...done
Not Revoked

The first utility I used to check the contents of ME10.0_5M_Production.bin was me_unpack which is part of Igor Skochinsky’s me-tools tool suite.

According to the README, this Python script allows you to dump and extract ME firmware images. Supported formats are:

  • Full SPI flash image with descriptor (signature 5A A5 F0 0F)
  • Full ME region image (signature ‘$FPT’)
  • individual ME code partitions and update images (signature $MN2/$MAN)

These tools have not been updated in a while. For example, me_unpack only supports ME versions 2.x – 9.x. Currently, Intel is at ME version 11.x – so these tools are quite out of date.

Here is the output I got when I used me_unpack on ME10.0_5M_Production.bin:

$ ./me_unpack.py ME10.0_5M_Production.bin -m 

Intel ME dumper/extractor v0.3
===ME Flash Partition Table===
NumEntries: 28
Version:    2.0
EntryType:  10
HeaderLen:  30
Checksum:   BD
FlashCycleLifetime: 7
FlashCycleLimit:    100
UMASize:    32
Flags:      FFFFFC01
    EFFS present:   1
    ME Layout Type: 0
Extra ver:  0.0.0.0
ROM Bypass instruction: 20 20 80 0F 40 00 00 24 00 00 00 00 00 00 00 00
---Partitions---
Partition:      'PSVN'
Owner:          'KRID'
Offset/size:    00000BC0/00000040
TokensOnStart:  00000001
MaxTokens:      00000001
ScratchSectors: 00000000
Flags:              18783
    Type:         3 (Generic)
    DirectAccess: 1
    Read:         1
    Write:        1
    Execute:      1
    Logical:      0
    WOPDisable:   0
    ExclBlockUse: 0

Partition:      'FOVD'
Owner:          'KRID'
Offset/size:    00000C00/00000400
TokensOnStart:  00000001
MaxTokens:      00000001
ScratchSectors: 00000000
Flags:              0783
    Type:         3 (Generic)
    DirectAccess: 1
    Read:         1
    Write:        1
    Execute:      1
    Logical:      0
    WOPDisable:   0
    ExclBlockUse: 0

Partition:      'MDES'
Owner:          'MDID'
Offset/size:    00001000/00001000
TokensOnStart:  00000001
MaxTokens:      00000001
ScratchSectors: 00000000
Flags:              2383
    Type:         3 (Generic)
    DirectAccess: 1
    Read:         1
    Write:        1
    Execute:      0
    Logical:      0
    WOPDisable:   0
    ExclBlockUse: 1

Partition:      'FCRS'
   ..... // extra output removed
Partition:      'EFFS'
   .....
Partition:      'BIAL'
   .....
Partition:      'BIEL'
   .....
Partition:      'BIIS'
   .....
Partition:      'FTPM'
   .....
Partition:      'NVCL'
   .....
Partition:      'NVCM'
   .....
Partition:      'NVCP'
   .....
Partition:      'NVHM'
   .....
Partition:      'NVJC'
   .....
Partition:      'NVKR'
   .....
Partition:      'NVNF'
   .....
Partition:      'NVOS'
   .....
Partition:      'NVSH'
   .....
Partition:      'NVSM'
   .....
Partition:      'NVUK'
   .....
Partition:      'PLDM'
   .....
Partition:      'TMNN'
   .....
Partition:      'GLUT'
   .....
Partition:      'LOCL'
   .....
Partition:      'WCOD'
   .....
Partition:      'FTPR'
   .....
Partition:      'NFTP'
   .....
Partition:      'MDMV'
Owner:          (none)
Offset/size:    0048A000/00040000
TokensOnStart:  00000001
MaxTokens:      00000001
ScratchSectors: 00000000
Flags:              A780
    Type:         0 (Code)
    DirectAccess: 1
    Read:         1
    Write:        1
    Execute:      1
    Logical:      0
    WOPDisable:   0
    ExclBlockUse: 1

------End-------
Traceback (most recent call last):
  File "./me_unpack.py", line 1502, in <module>
    dump_glut(f, offset, extract_huff)
  File "./me_unpack.py", line 1255, in dump_glut
    ftpr_range = get_huff_range(f, me_offset + ftpr_part.Offset)
  File "./me_unpack.py", line 1126, in get_huff_range
    manif = get_struct(f, offset, MeManifestHeader)
  File "./me_unpack.py", line 60, in get_struct
    raise Exception("can't read struct: %d bytes available but %d required" % (fit, slen))
Exception: can't read struct: 0 bytes available but 656 required
$


And here is the output when I used the me_sigcheck tool which is intended to check the validity of an ME partition’s manifest using the embedded RSA public key and signature:

$ /me_sigcheck.py FOVD_part.bin 
Intel ME partition manifest signature checker v0.1
ME manifest not found! (bad file format?)
$


Another popular tool is ME Analyzer. According to the tool developer, ME Analyzer is a tool which can show various details about Intel Engine Firmware (Management Engine, Trusted Execution Engine, Service Platform Services) images. It can be used to identify whether the firmware is updated, healthy, what Release, Type, SKU, etc., and supports all ME firmware from versions 1 to 11. The Achilles Heel of this tool is it’s ME firmware version database which requires constant updating. Fortunately, the tool developer provides excellent support.

Unfortunately for me, ME Analyzer failed to work with ME10.0_5M_Production.bin as shown below:

Recently an Embedi developer produced an IDA Python plugin called meloader to assist in analyzing ME firmware images. Unfortunately, it is currently specific to ME firmware version 9.0.30.1482. By modifying kapi.py (Kernel API) and rapi.py (ROM API), the plugin can easily be made to work with any 9.0.X.X ME firmware but unfortunately not with 9.5.X.X nor 10.X.X.X or 11.X.X.X ME firmware.

Here is what I got when I tried to use this plugin to load ME10.0_5M_Production.bin into IDA:

It seems to me there is little ongoing work to enhance existing ME analysis tools such as me_unpack or the meloader IDA plugin to support ME firmware versions 9.5.X.X or later. Possible reasons for this state of affairs include the lack of available documentation for ME versions above 9, no ROMB-enabled ME firmware later the version 9 in the wild, or simply that the ME tool developers have moved on to other projects

Leave a Reply