Greetings to all,

Once again stumped by a 'puter problem, as usual my hopes turn to SER
as my prospects starts looking rather hopeless.

Does anybody out there have some clues for getting into a password-
protected BIOS
On a 5 or 6 year old Jetway motherboard? Background follows:

I found it at the scrapyard a while back, and recently scored a
processor for it,
only to find that it's set up to boot from hard drive only. I can't
get in to change the
boot order since the BIOS is set to have a password.

It won't boot from a floppy, nor a cd, but will boot from a hard drive
that has DOS on
it, and also one that has Ubuntu on it, as well as the one that came
with it, which is
a 40 Gb drive that has, I think, Mandrake on it.

All I get when I boot with the 40 Gb one is a login prompt, but, not
having any login
info or passwords I can't really get any where by booting with it;
but, I can kind of
poke around in it's file-system if I boot with the drive that has
Ubuntu set as the
primary master.

I think it may be pretty well secured by IT pros, as it came in a
rack-mount enclosure with BarracudaNetworks logo and markings, and was
formerly used
as a spam firewall or some-such thing.

The main reason I'm hoping to turn it into a working system is it has
SATA onboard, and it's a step up in processing power (AMD 64) from the
P4- and AMD Athlon- boxes that are presently my 'daily drivers'.

In searching the web I've managed to secure the motherboard manual and
the latest
drivers and a BIOS update for it, but when I try to flash the bios
(it's Award bios
and I'm using the flash program from the Jetway site) it looks like
it's working until
the end, when it gives a message "flash rom is write-protected, make
sure all jumpers
is set to proper" or some such slightly mangled English, and I've
followed the
manual's instructions on clearing the cmos and I find no other jumpers
that deal with
write-protection. I also tried removing the battery for several days
and jumpering
where the battery contacts are, but I guess there must be some non-
volatile memory
somewhere that is defeating my efforts.

I've emailed Jetway a couple weeks ago, so far no response. I haven't
tried BarracudaNetworks, other than to poke around on their site, but
technical info there seems mostly about selling systems and not how
the systems work (except for IT speak, which I'm not very conversant
in).

It has the bios contained in a PLCC-32 package which fits into a
socket. I found some
pin-out info on the Winbond site:

http://www.winbond.com/hq/enu/Produc...ash/APNote.htm

APPnote 21 has a table, but not much in the way of instructions.

Sorry to be so long-winded, I've tried a couple other things but the
one I'd most like to learn more about
I ran into in a few different places, where from a Dos prompt you go
into DEBUG and supposedly change the values in some register that will
make the bios lose the password requirement - so far it hasn't worked,
don't know if I'm following the instructions correctly or not.

TIA for any info,

Mike

On Mon, 18 Apr 2011 08:06:30 -0700 (PDT), mike
wrote:

snip
(it's Award bios

What version?
CmosPwd says it works for Award 4.5x/4.6x/6.0 - also look at their
readme for some backdoor passwords to try.

On Apr 18, 12:00*pm, Geo wrote:
On Mon, 18 Apr 2011 08:06:30 -0700 (PDT), mike

wrote:

snip

(it's Award bios

What version?
CmosPwd says it works for Award 4.5x/4.6x/6.0 - also look at their
readme for some backdoor passwords to try.

6.0, I think - when I run it from DOS, cmospwd says something about be
sure
to use the numerical keypad, but I haven't yet figured out what or
when to do that...
as for the back door passwords, I've tried alot of 'em, but not all of
them in their
possible forms WRT caps, underscores, spaces, etc...But, I do still
wonder about
the keypad thing, and the numbers listed for version 6.0, I'll try a
few things next I
spend some time with it.

Thanks,
Mike

On Mon, 18 Apr 2011 09:36:58 -0700 (PDT), mike
wrote:


6.0, I think - when I run it from DOS, cmospwd says something about be
sure
to use the numerical keypad, but I haven't yet figured out what or
when to do that...
Sorry - no idea.

as for the back door passwords, I've tried alot of 'em, but not all of
them
Have you tried this one for Jetway spooml

If removing the cmos battery did not work, the other place with
non-volatile memory is the RTC (clock) chip. Some of them have
internal battery so a momentary short is required across a couple of
pins to wipe the memory.
The is a table on this page giving the pin numbers for 3 common RTCs:-
http://www.tech-faq.com/reset-bios-password.html

On Mon, 18 Apr 2011 18:48:50 +0100, Geo
wrote:

Muddled stuff - sorry that did not come out as I intended - it is
unlikely you have an external battery /and/ an RTC+CMOS with an
internal one - best ignore the post.

On Apr 18, 1:48*pm, Geo wrote:
On Mon, 18 Apr 2011 09:36:58 -0700 (PDT), mike


Have you tried this one for Jetway * * * spooml

Yep, tried it, and I'll probably try it again a few more times before
its over

If removing the cmos battery did not work, the other place with
non-volatile memory is the RTC (clock) chip. Some of them have
internal battery so a momentary short is required across a couple of
pins to wipe the memory.
The is a table on this page giving the pin numbers for 3 common RTCs:

http://www.tech-faq.com/reset-bios-password.html

I'll have a look at that, thanks.

In article
s.com, mike writes

I ran into in a few different places, where from a Dos prompt you go
into DEBUG and supposedly change the values in some register that will
make the bios lose the password requirement - so far it hasn't worked,
don't know if I'm following the instructions correctly or not.

boot DOS
run debug. '-' is the debug prompt, you don't type this.

- o 70 10
- o 71 0
- q

that's "oh, seventy, ten / oh, seventy-one, zero"

reboot.

with a bit of luck, password will be gone.

--
(\__/)
(='.'=)
(")_(")

On Apr 18, 2:10*pm, Mike Tomlinson wrote:
In article
s.com, mike writes

I ran into in a few different places, where from a Dos prompt you go
into DEBUG and supposedly change the values in some register that will
make the bios lose the password requirement - so far it hasn't worked,
don't know if I'm following the instructions correctly or not.

boot DOS
run debug. *'-' is the debug prompt, you don't type this.

- o 70 10
- o 71 0
- q

that's "oh, seventy, ten / oh, seventy-one, zero"

reboot.

with a bit of luck, password will be gone.

--
(\__/) *
(='.'=)
(")_(")

All right, thanks! I'll give that a try probably this evening.

On Mon, 18 Apr 2011 12:54:58 -0700 (PDT), mike
wrote:

On Apr 18, 2:10*pm, Mike Tomlinson wrote:
In article
s.com, mike writes

I ran into in a few different places, where from a Dos prompt you go
into DEBUG and supposedly change the values in some register that will
make the bios lose the password requirement - so far it hasn't worked,
don't know if I'm following the instructions correctly or not.

boot DOS
run debug. *'-' is the debug prompt, you don't type this.

- o 70 10
- o 71 0
- q

that's "oh, seventy, ten / oh, seventy-one, zero"

reboot.

with a bit of luck, password will be gone.

--
(\__/) *
(='.'=)
(")_(")

All right, thanks! I'll give that a try probably this evening.

Failing that, locate a copy of KILLCMOS, a small utility that writes
to cmos RAM and *causes* a checksum error there. The result is that
on a subsequent bootup you will be directed to setup (without
requiring a pswd) where you can clear the pswd requirement.

who where wrote:
On Mon, 18 Apr 2011 12:54:58 -0700 (PDT), mike
wrote:

On Apr 18, 2:10�pm, Mike Tomlinson wrote: reboot.

with a bit of luck, password will be gone.

Guess my luck is lacking, I tried entering a few different values in
DEBUG as found here and there, to no effect so far...


--
(\__/) �
(='.'=)
(")_(")



Failing that, locate a copy of KILLCMOS, a small utility that writes
to cmos RAM and *causes* a checksum error there. The result is that
on a subsequent bootup you will be directed to setup (without
requiring a pswd) where you can clear the pswd requirement.\

All right, I got a copy of it, will try that later today.
Thanks

mike wrote:
All right, I got a copy of it, will try that later today.
Thanks

Walking in late, and not having a clue as to what computer you are talking
about, desktop PC's since 1990 have batteries to keep the CMOS RAM intact.
There was a brief flirtation with clock chips with batteries built in, some
which also had the CMOS RAM on them, but they are long obsolete.

Modern ones use lithium coin cells in little holders. PC/AT computers and
most 386/486 ones used external batteries which pluged into the motherboard
and the later 386/486 had NICAD batteries (all of which must of leaked and
died 10 years ago).

If it has a lithim coin cell, the easiest thing to do is to remove it and
wait an hour. You can also find a "clear CMOS" jumper on the motherboard,
you set it, turn on the power, wait until BIOS text appears on the screen, turn
off power and remove the jumper.

If it's a laptop, you can often find a clear CMOS jumper hidden inside or
take out the battery and let it sit overnight. Modern laptops use capacitors
to hold the CMOS settings for a few hours with no battery.

Some of the BIOSes have "backdoor" passwords in them, you should google the
exact model of your laptop/desktop motherboard for more information.

You can also google BIOS password, or BIOS backdoor.

Geoff.

--
Geoffrey S. Mendelson N3OWJ/4X1GM
Those who cannot remember the past are condemned to misquote it.

On Apr 18, 8:06*am, mike wrote:
Greetings *to all,

....
I found it at the scrapyard a while back, and recently scored a
processor for it,
only to find that it's set up to boot from hard drive only. *I can't
get in to change the
boot order since the BIOS is set to have a password.

It won't boot from a floppy, nor a cd, but will boot from a hard drive
that has DOS on
it, and also one that has Ubuntu on it, as well as the one that came
with it, which is
a 40 Gb drive that has, I think, Mandrake on it.

....

I think it may be pretty well secured by IT pros, as it came in a
rack-mount enclosure with BarracudaNetworks logo and markings, and was
formerly used
as a spam firewall or some-such thing.

This made me curious: In my experience with BIOS the system will run
through a list of boot devices to try to boot. Is it common to set a
system up to rely on one device only?

This made me curious: In my experience with BIOS the
system will run through a list of boot devices to try to boot.
Is it common to set a system up to rely on one device only?

Not that I know of. The BIOS usually lets you select the order. I set mine
to CD, floppy, HD.

spamtrap1888 wrote:
This made me curious: In my experience with BIOS the system will run
through a list of boot devices to try to boot. Is it common to set a
system up to rely on one device only?

The "Press F8 for a boot menu" option did not appear until around 2002, and
as late as 2005 some BIOSes did not have it.

Before then, you could set the boot order and whether to try other devices
in the BIOS.

It was probably an office computer and was set to prevent people from booting
CD/DVD's and floppies.

Geoff.

--
Geoffrey S. Mendelson N3OWJ/4X1GM
Those who cannot remember the past are condemned to misquote it.

On Apr 19, 11:34*am, "Geoffrey S. Mendelson"
wrote:
mike wrote:
All right, I got a copy of it, will try that later today.
Thanks

Walking in late, and not having a clue as to what computer you are talking
about,

If you read the first post in the thread that info will be revealed to
you.

desktop PC's since 1990 have batteries to keep the CMOS RAM intact.
There was a brief flirtation with clock chips with batteries built in, some
which also had the CMOS RAM on them, but they are long obsolete.

Modern ones use lithium coin cells in little holders. PC/AT computers and
most 386/486 ones used external batteries which pluged into the motherboard
and the later 386/486 had NICAD batteries (all of which must of leaked and
died 10 years ago).

If it has a lithim coin cell, the easiest thing to do is to remove it and
wait an hour. You can also find a "clear CMOS" jumper on the motherboard,
you set it, turn on the power, wait until BIOS text appears on the screen, turn
off power and remove the jumper.

If it's a laptop, you can often find a clear CMOS jumper hidden inside or
take out the battery and let it sit overnight. Modern laptops use capacitors
to hold the CMOS settings for a few hours with no battery.

Some of the BIOSes have "backdoor" passwords in them, you should google the
exact model of your laptop/desktop motherboard for more information.

You can also google BIOS password, or BIOS backdoor.

I usually DAGS first these days, don't want to look like an idiot,
don't ya know

Geoff.

--
Geoffrey S. Mendelson N3OWJ/4X1GM
Those who cannot remember the past are condemned to misquote it.

mike wrote:
If you read the first post in the thread that info will be revealed to
you.

It's long since rolled off my system.

Geoff.

--
Geoffrey S. Mendelson N3OWJ/4X1GM
Those who cannot remember the past are condemned to misquote it.

On 4/19/2011 10:59 AM Geoffrey S. Mendelson spake thus:

mike wrote:

If you read the first post in the thread that info will be revealed
to you.

It's long since rolled off my system.

Is *everything* in Israel as ****-poor as you say it is? Retention time
of 2 days? Sheesh ...


--
The current state of literacy in our advanced civilization:

yo
wassup
nuttin
wan2 hang
k
where
here
k
l8tr
by

- from Usenet (what's *that*?)

David Nebenzahl wrote:

Is *everything* in Israel as ****-poor as you say it is? Retention time
of 2 days? Sheesh ...

Cut me a break. It's a private news feed sent to a private system. I set
it up over 10 years ago when I had a dial up and 2g hard drive and it has
worked fine for me ever since.

I'm sure there are plenty of news servers out there (or out here) with much
longer retention and many more groups, but I've never had a need to change.

I probably should up the retention, but since I'm the only one who uses it,
and USENET is full of crap, I don't see much of a reason. By two days, almost
every posting on every group has befallen Godwin's Law or Mendelson's corollary
(change calling someone a NAZI in Godwin's to reference to the Wikipedia).

Geoff.


--
Geoffrey S. Mendelson N3OWJ/4X1GM
Those who cannot remember the past are condemned to misquote it.

On Tue, 19 Apr 2011 09:57:49 -0700 (PDT), spamtrap1888
wrote:

On Apr 18, 8:06*am, mike wrote:
Greetings *to all,

...
I found it at the scrapyard a while back, and recently scored a
processor for it,
only to find that it's set up to boot from hard drive only. *I can't
get in to change the
boot order since the BIOS is set to have a password.

It won't boot from a floppy, nor a cd, but will boot from a hard drive
that has DOS on
it, and also one that has Ubuntu on it, as well as the one that came
with it, which is
a 40 Gb drive that has, I think, Mandrake on it.

...

I think it may be pretty well secured by IT pros, as it came in a
rack-mount enclosure with BarracudaNetworks logo and markings, and was
formerly used
as a spam firewall or some-such thing.

This made me curious: In my experience with BIOS the system will run
through a list of boot devices to try to boot. Is it common to set a
system up to rely on one device only?
Current BIOS will generate a list of boot devices; it is possible to
remove devices from the list. Given the application - Firewall -
restricting the eligible boot devices to the hard drive is an
elementary precaution.

PlainBill

Geoffrey S. Mendelson wrote:
mike wrote:
If you read the first post in the thread that info will be revealed to
you.

It's long since rolled off my system.

Oh, now I see - quoting from 1st post:

"Does anybody out there have some clues for getting into a password-
protected BIOS
On a 5 or 6 year old Jetway motherboard? Background follows:

I found it at the scrapyard a while back, and recently scored a
processor for it,
only to find that it's set up to boot from hard drive only. I can't
get in to change the
boot order since the BIOS is set to have a password.

It won't boot from a floppy, nor a cd, but will boot from a hard drive
that has DOS on
it, and also one that has Ubuntu on it, as well as the one that came
with it, which is
a 40 Gb drive that has, I think, Mandrake on it.

All I get when I boot with the 40 Gb one is a login prompt, but, not
having any login
info or passwords I can't really get any where by booting with it;
but, I can kind of
poke around in it's file-system if I boot with the drive that has
Ubuntu set as the
primary master.

I think it may be pretty well secured by IT pros, as it came in a
rack-mount enclosure with BarracudaNetworks logo and markings, and was
formerly used
as a spam firewall or some-such thing. "

"In searching the web I've managed to secure the motherboard manual
and
the latest
drivers and a BIOS update for it, but when I try to flash the bios
(it's Award bios
and I'm using the flash program from the Jetway site) it looks like
it's working until
the end, when it gives a message "flash rom is write-protected, make
sure all jumpers
is set to proper" or some such slightly mangled English, and I've
followed the
manual's instructions on clearing the cmos and I find no other jumpers
that deal with
write-protection. I also tried removing the battery for several days
and jumpering
where the battery contacts are, but I guess there must be some non-
volatile memory
somewhere that is defeating my efforts.

I've emailed Jetway a couple weeks ago, so far no response. I haven't
tried BarracudaNetworks, other than to poke around on their site, but
technical info there seems mostly about selling systems and not how
the systems work (except for IT speak, which I'm not very conversant
in).

It has the bios contained in a PLCC-32 package which fits into a
socket. I found some
pin-out info on the Winbond site:

http://www.winbond.com/hq/enu/Produc...nes/FlashMemor...

APPnote 21 has a table, but not much in the way of instructions.

Sorry to be so long-winded, I've tried a couple other things but the
one I'd most like to learn more about
I ran into in a few different places, where from a Dos prompt you go
into DEBUG and supposedly change the values in some register that will
make the bios lose the password requirement - so far it hasn't worked,
don't know if I'm following the instructions correctly or not.

TIA for any info,

Mike "

So, at this point I've still yet to try KILLCMOS , still trying to
figure out what's with the values assigned to different flavors of
BIOS as listed in the program Cmospwd.exe

Anyway, thanks for your thoughts,
Mike


Geoff.

--
Geoffrey S. Mendelson N3OWJ/4X1GM
Those who cannot remember the past are condemned to misquote it.

mike wrote:
Mike "

So, at this point I've still yet to try KILLCMOS , still trying to
figure out what's with the values assigned to different flavors of
BIOS as listed in the program Cmospwd.exe


try "bcndk1" (I found that by googling "baracuda bios password")

Geoff.

--
Geoffrey S. Mendelson N3OWJ/4X1GM
Those who cannot remember the past are condemned to misquote it.

In article
s.com, mike writes

Guess my luck is lacking, I tried entering a few different values in
DEBUG as found here and there, to no effect so far...

Try the ctbios utility from he

http://www.biosflash.com/e/bios-passwords.htm

the output is in German, but not hard to follow. That may show you what
the password is.

I had the same problem with an HP Vectra VL420 motherboard last week.
This uses a modified Asus P4B-MX board. An unknown password was set on
the BIOS setup so I could not configure the machine.

The debug trick worked to deliberately cause a CMOS checksum error, but
it didn't get rid of the password. Googling found me a link with a tip
to set a certain jumper to clear the passwords and that worked.

I tried the ctbios utility above but that didn't show me anything that
looked like a password.

If you google for "BIOS backdoor password" or "BIOS master password"
you'll get a lot of hits with lists of different passwords to try.

There will be a way to do it, just persevere.

--
(\__/)
(='.'=)
(")_(")

On 4/19/2011 11:44 AM Geoffrey S. Mendelson spake thus:

By two days, almost every posting on every group has befallen
Godwin's Law or Mendelson's corollary (change calling someone a NAZI
in Godwin's to reference to the Wikipedia).

Heh; I do agree that that is an excellent reason for swift thread
termination!


--
The current state of literacy in our advanced civilization:

yo
wassup
nuttin
wan2 hang
k
where
here
k
l8tr
by

- from Usenet (what's *that*?)

On Apr 19, 4:19*pm, "Geoffrey S. Mendelson"
wrote:


try "bcndk1" *(I found that by googling "baracuda bios password")

Bingo! Geoff, your google-fu is incredible, I never would have
thought to try that.

I got right into the bios, disabled write protect and the passwords,
then was able to
go flash the board into the most recent bios version. Sure was nice
to see the flash program complete like it was supposed to.

Many thanks!
Mike

Geoff.

--
Geoffrey S. Mendelson N3OWJ/4X1GM
Those who cannot remember the past are condemned to misquote it.

On Apr 19, 3:45*am, who where wrote:
On Mon, 18 Apr 2011 12:54:58 -0700 (PDT), mike


Failing that, locate a copy of KILLCMOS, a small utility that writes
to cmos RAM and *causes* a checksum error there. *The result is that
on a subsequent bootup you will be directed to setup (without
requiring a pswd) where you can clear the pswd requirement.

When I tried out KILLCMOS I guess it really did kill it cause the
computer
shut down all on it's own - had a few minutes there I thought I was
SOL,
but it came back on when I cycled power to the 'puter - whew!

I think that somehow the flash memory was being refreshed after each
onslaught
against the checksums or whatever it was that those debug routines do.

On Apr 19, 6:00*pm, Mike Tomlinson wrote:


Try the ctbios utility from he

http://www.biosflash.com/e/bios-passwords.htm

the output is in German, but not hard to follow. *That may show you what
the password is.

I had the same problem with an HP Vectra VL420 motherboard last week.
This uses a modified Asus P4B-MX board. *An unknown password was set on
the BIOS setup so I could not configure the machine.

The debug trick worked to deliberately cause a CMOS checksum error, but
it didn't get rid of the password. *Googling found me a link with a tip
to set a certain jumper to clear the passwords and that worked.

I tried the ctbios utility above but that didn't show me anything that
looked like a password.

If you google for "BIOS backdoor password" or "BIOS master password"
you'll get a lot of hits with lists of different passwords to try.

There will be a way to do it, just persevere.

Thanks for the link, I'll be checking that out tomorrow, but in my
leisure, as Geoff M. was able to come up with the right password -
what a great group!

Thanks to you all,
Mike

--
(\__/) *
(='.'=)
(")_(")