TUCoPS :: PC Hacks :: biospw.txt

How to Crack a BIOS Password

Posted as part of the Anti-Spam campaign on alt.2600.hackers
By the writer and brains behind it, K1ng, of the Semantics Dark
28th October 2000

 How to Crack a BIOS Password

This tutorial is based in Windows but can be easily converted to Unix
or whatever, but lets face it, if you can use Unix, you can damn well
crack a BIOS password.

 When your PC boots, you'll notice that you first get a black screen,
you probably also know that if you press certain keys, you'll get
different effects, for egsample, on my PC, if you press F5 you'll boot
up in Safe Mode and if you press Del, you'll enter a colored DOS-Like
screen, once you find which key does this, you can read on.

 This screen you have entered is called the BIOS, this stands for
'Basic Input Output Settings', basically the BIOS are stored on a chip
on your motherboard in 'ROM'(Read Only Memory) and are the first thing
the processor looks to when you boot up for instructions (the lowest
form of software operating on your computer)
### NOTE: This is just incase your OS fails, or so that you can
install one on a new PC ###
 BIOS Come in two types, 'Flash' and 'Non-Flash', most newer ones are
'Flash' which means they can be upgraded easily using Flash Software.
On the other hand, 'Non-Flash BIOS' can only be upgraded by taking the
BIOS chip out, puting them in the bin and buying a new BIOS chip.

 Anyway, these store things like Basic Drivers and instructions on
where to look for the operating system or boot disc.  
There is also a prt of the BIOS that is not 'ROM' this is where you
store things like The current  time and date, BIOS password and some
other things you needn't concern yourself with just now.

 Well, when you switch your computer back off why dosen't the time
return to 00:00:00, well the reason for this is on the motherboard, on
older machines it will be a large round silvery thing, (which you may
recognise as a battery) held in by a small strip of metal and in newer
machines there are various different things to look for, some have a
hiden battery inder a metal screw on cage like thing and I have heard
of a few other ways it has changed....anyway...
 This battery is what keeps the BIOS time moving and keeps some
changeable settings including the  BIOS Password, you can probably
imagine what happens if you disconnect this, YEA thats right, the
password gets scrubbed and the Date, Time and changable settings get

 So, thats one way to wipe a BIOS password are there any others. Yes
there are.

* Some machines, usually the older models have a jumper on the mother
board, that connects the bIOS to the battery, it looks like two pins
with a plastic or metal block on them, if this is removed and then
replaced the BIOS setting will be wiped, as you ahve just disconnected
the battery.

* If you have access to the machine when it is on just use a tool like
'PassOff' or 'Kill CMOS' theres a ton of them out there.  Some will
show the password and some will destroy it.

* IF you have about 3 years to spare you could unplug your PC then let
the power drain out of it, but as I say, I think it takes about 3
years to run down.

* If the BIOS Chip is soldered to the motherboard you could attach a
small transistor to it (about 39 mphs <<<-------) and wait for about
15 minutes, that should do it.

* Also, if the the chip is soldered you could divert the flow of power
from the battery elsewhere, with say, a paperclip. (I'll check this
one up and update).

  <Thanx to Server Killer (alt.2600.hackers) for this one>
* Some are not certain where the BIOS battery or BIOS (SRAM) chip is
located (specially if your motherboard came with a whole system
purchase (Compaq, IBM, Packard Bell).  For this I would find a flat
surface and place the motherboard upsidedown on it (This is, of course
after removing all RAM, CPU and other devices which can be unplugged
from the motherboard.), then get a roll of tin foil and tear off
enough to cover the whole board.  Lay this onto the solder side of the
motherboard.  Gently pat to assure all solder contacts are touching
the foil (don't rub unless you like blood).  The charge in the battery
(5V) is not enough to cause any dammage to any components; ESD is not
a problem, additionally if a sensitive chip were to touch the foil,
all contacts are touching so referenced ground would be the foil

  <Thanx to mrrelaxed (alt.2600.hackers) for this one>
* I used to use killcmos when I had my non flash cmos comps, and it
was a really brilliant prog, but a word of warning, go careful if you
use this prog on flash cmos machines, I tried it on 3 different
machines, and had some very strange side effects, 1 reported a severe
cmos fault then I
rebooted after some umming and ahhing and luckily, it managed to sort
itself out if there is a new version out that compensates for this I
never found it,
good luck

"The question of whether computers can think is like the question
of whether submarines can swim"
-- Edsger Dijkstra

Version: 3.12
GIT d- s+:+ a---- C++ UL++ P++ L+++ E--- W+++ N++ o K- w-- M-- V- PS+ PE
Y+ PGP-- t+@ 5? X R tv b+ DI D---- G e- h! r--- z--

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH