MP 1,1-5,1 MacPro5,1: BootROM thread | 144.0.0.0.0

[tsialex]

Is there much risk of bricking even when using the Apple-sanctioned method, via an unmodified macOS installer?

It's the safest way, but I suspect that if your NVRAM is corrupted with the wrong checksum for the volume, efiflasher can't upgrade correctly and you will get a brick down the road.

One simple way to check this that I learned yesterday is running AHT. If AHT don't show your serial number, just ?, don't upgrade your BootROM before reconstruction.

This GitHub page has links for all know AHT versions at Apple servers: https://github.com/upekkha/AppleHardwareTest

You can install Apple AHT on a pen drive and run/check for the ? easily. If you have a Mac Pro 2009 and it's running the MP5,1 firmware, get the MP5,1 version.

[doublepost=1539325331][/doublepost]

Is windows the common denominator? Like my machine. Would be interesting to compare before and after a windows install.?

If you have multiple Windows signing certificates in the private part of the NVRAM, you can check this with binwalk, you can start to worry.

You can install binwalk with homebrew.

Also those wings px1's have been as out for sometime on that eBay store. Unless they just don't want to sell to us Aussies

Adorama had Angelbirds Wings PX1 in stock yesterday, I bought another one.

 

[kings79]

If you have multiple Windows signing certificates in the private part of the NVRAM, you can check this with binwalk, you can start to worry.

How do you get that? Multiple WIN installs?

 

[tsialex]

How do you get that? Multiple WIN installs?

Don't know yet, first I suspected that was caused by multiple/simultaneous Windows EFI installs, like one disk with 8.1 and another with 10, but the Mac Pro owner said that he had just one Windows 10 install and never had 8.1.

 

[kings79]

Don't know yet, first I suspected that was caused by multiple/simultaneous Windows EFI installs, like one disk with 8.1 and another with 10, but the Mac Pro owner said that he had just one Windows 10 install and never had 8.1.

interesting.

I doubt 1 install would do that..

I found my WIN 10 install was flakey and I had to try maybe 3 times using exactly the same method. cMP kept restarting. Maybe each 'attempt' gets a signature?.. Just thinking out loud..

 

[tsialex]

interesting.

I doubt 1 install would do that..

I found my WIN 10 install was flakey and I had to try maybe 3 times using exactly the same method. cMP kept restarting. Maybe each 'attempt' gets a signature?.. Just thinking out loud..

Just do a BootROM dump, install binwalk and check:

binwalk BootROM_dump.bin

If shows multiple X509 certificates, you found the motive.

 

[kings79]

Just do a BootROM dump, install binwalk and check:

binwalk BootROM_dump.bin

If shows multiple X509 certificates, you found the motive.

I'll try once I get my new PSU and back up and running.

 

[agejon]

Everyone should have a BootROM dump saved on a safe place. With a BootROM dump you can reflash it to a MATT card, or even extract the original HardwareIDs to reconstruct a clean version.

Use ROMTool or flashrom to do a dump. ROMTool is a nice GUI over flashrom, easy to use.

Where can I download the ROMTool?

Thanks

 

[tsialex]

Where can I download the ROMTool?

Thanks

dosdude1 removed it from his site, since Google detected it as a false positive. Until this hassle is resolved, get it from Internet Archive Wayback Machine:

https://web.archive.org/web/20180927095403/http://dosdude1.com/apps/ROMTool.zip

change the ************ to dosdude1 dot com

Stupid Google…

 

[agejon]

dosdude1 removed it from his site, since Google detected it as a false positive. Until this hassle is resolved, get it from Internet Archieve:

https://web.archive.org/web/20180927095403/http://************/apps/ROMTool.zip

change the * to dosdude1 dot com

Thanks a lot, I dumped the BootRom.
By the way using the AHT my serial number is displayed.

When the new BootRom is released with Mojave 10.14.1, probably I will be safe to upgrade to it?

PS: I am doing the “Perform extended testing” with AHT, just for the heck of it!

 

[tsialex]

Thanks a lot, I dumped the BootRom.
By the way using the AHT my serial number is displayed.

When the new BootRom is released with Mojave 10.14.1, probably I will be safe to upgrade to it?

PS: I am doing the “Perform extended testing” with AHT, just for the heck of it!

PM sent.

 

[LightBulbFun]

small update on my Radeon HD 7950 no Displayport/HDMI audio bug report

they asked for a sysdiagnose so I provided one , curiously my USB 3.0 bug report which was submitted before hand, has had no response but is still open...

 

[boodle]

Striped NVMe RAID!

 

[developstopfix]

1185979       0x1218BB        Certificate in DER format (x509 v3), header length: 4, sequence length: 986
1251515       0x1318BB        Certificate in DER format (x509 v3), header length: 4, sequence length: 986

Damn. Now what?

 

[star-affinity]

Everyone should have a BootROM dump saved on a safe place. With a BootROM dump you can reflash it to a MATT card, or even extract the original HardwareIDs to reconstruct a clean version.

Use ROMTool or flashrom to do a dump. ROMTool is a nice GUI over flashrom, easy to use.

Edit:

dosdude1 removed it from his site, since Google detected it as a false positive. Until this hassle is resolved, get it from Internet Archieve:

https://web.archive.org/web/20180927095403/http://************/apps/ROMTool.zip

change the * to dosdude1 dot com

Nothing to worry about? I mean I guess it's normal that a software that dumps ROMs would be marked as potentially harmful by anti-malware software.

 

[startergo]

Nothing to worry about? I mean I guess it's normal that a software that dumps ROMs would be marked as potentially harmful by anti-malware software.

View attachment 794439

Yes. This is marked as PUA Potentially Unwanted Application. What the f...? Most of the antivirus will trigger this alert. That is because they are in cahoots with the big OEM.

 

[fhturner]

Yeah, I don't comment on this much since it P..sss me off when people call me a liar. The difference on MY MACHINE is night and day. You couldn't pay me to go back to SATA SSD for main booting. It's astonishing ON MY MACHINE.

You....you..........you liar!!!

 

[tpivette89]

Angelbirds Wings PX1 and Aqua Computer kryoM2.

Best price (free shipping/no sales tax) for Angelbird Wings PX1 - Adorama eBay store:
https://www.ebay.com/itm/Angelbird-...1977903154?epid=691190907&hash=item5b43b42432

Angelbird Wings currently sold out, unfortunately. Cheapest price is around $70 currently.

 

[ssls6]

Very interesting thread....I tried the binwalk with a copy of my firmware. I'm on 138.0.0.0.0

Here is my output

DECIMAL HEXADECIMAL DESCRIPTION

--------------------------------------------------------------------------------
0 0x0 UEFI PI firmware volume
16524 0x408C UEFI PI firmware volume
24972 0x618C CRC32 polynomial table, little endian
35787 0x8BCB mcrypt 2.2 encrypted data, algorithm: blowfish-448, mode: CBC, keymode: 8bit
49948 0xC31C UEFI PI firmware volume
524288 0x80000 UEFI PI firmware volume
540812 0x8408C UEFI PI firmware volume
549260 0x8618C CRC32 polynomial table, little endian
560075 0x88BCB mcrypt 2.2 encrypted data, algorithm: blowfish-448, mode: CBC, keymode: 8bit
574236 0x8C31C UEFI PI firmware volume
1048576 0x100000 UEFI PI firmware volume
1114112 0x110000 UEFI PI firmware volume
1343511 0x148017 bzip2 compressed data, block size = 100k
1376256 0x150000 UEFI PI firmware volume

I assume I'm good to go if I chose to migrate to Mojave (note: I ran the 10.14.0 installer but did not install).

 

[tsialex]

1185979       0x1218BB        Certificate in DER format (x509 v3), header length: 4, sequence length: 986
1251515       0x1318BB        Certificate in DER format (x509 v3), header length: 4, sequence length: 986

Damn. Now what?

Best course of action is extract your hardwareIDs from the dump, check and inject it into the generic Apple firmware - what I call reconstruction.

 

[Thomas J]

I'm a noob when it comes to working in terminal anyway I was able to install Homebrew and binwalk but now I'm lost.
Have done a ROMdump with ROMTool but how to open that file in binwalk? I don't even know the basic commands in the terminal.

Thing is I had a Win 10 UEFI installation on a SSD disk and everything worked fine until some days ago when it refuse to start using the "Nextonly script" tried a lot of other things without no success.

So I had to reinstall Win 10 in Legacy mode. I’m just worried that I have a corrupt BootROM.

Tried to run AHT but it's a no go, think it's because of my upgrade to X5690 processors.

Any help is appreciated!

Mac Pro 2010 2x3,46
Mojave 10.14
BootRom 138.0.0.0

 

[tsialex]

I'm a noob when it comes to working in terminal anyway I was able to install Homebrew and binwalk but now I'm lost.
Have done a ROMdump with ROMTool but how to open that file in binwalk? I don't even know the basic commands in the terminal.

Thing is I had a Win 10 UEFI installation on a SSD disk and everything worked fine until some days ago when it refuse to start using the "Nextonly script" tried a lot of other things without no success.

So I had to reinstall Win 10 in Legacy mode. I’m just worried that I have a corrupted BootROM.

Tried to run AHT but it's a no go, think it's because of my upgrade to X5690 processors.

Any help is appreciated!

Binwalk is a very complex tool to use and you have to know how to interpret the output.

The most basic way to use it is just:

command + filename of the file that you want to analyse

binwalk BootROM_dump.rom

This is almost useless, but shows the MS X509 certificates.

 

[Thomas J]

Ok Thanks!
Look this up tomorrow, time for bed.

 

[zozomester]

Somehow can I download Mojave 10.14.1 Beta 3? My 138 injected Bootromom is unfortunately wrong. I should refresh it. It does not boot on Windows and can not be bootable DVD either. Only recognizes the USB installer ...
Thank!

 

[tsialex]

Somehow can I download Mojave 10.14.1 Beta 3? My 138 injected Bootromom is unfortunately wrong. I should refresh it. It does not boot on Windows and can not be bootable DVD either. Only recognizes the USB installer ...
Thank!

You have enough info in the thread to force install 140.0.0.0.0, read my post and @h9826790 about this.

Even If you force install 140.0.0.0.0, I bet your problem will continue…

 

[zozomester]

You have enough info on the thread to force install 140.0.0.0.0, read my post and @h9826790 about this.

Even If you force install 140.0.0.0.0, I bet your problem will continue…

where did you write this? Why is the problem remaining after updating?