Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
winbootibft [2006/09/19 20:03]
mcb30
winbootibft [2006/09/20 06:17]
mcb30
Line 1: Line 1:
-====== Decoding the iSCSI Boot Firmware Table ====== 
- 
-Representatives of Microsoft have recently raised objections to the publication of information describing the iSCSI Boot Firmware Table (iBFT). ​ The iBFT is a data structure used when Windows is booted from an iSCSI disk hosted on a remote computer, or on an iSCSI network-attached storage (NAS) box. 
- 
-The Microsoft representatives seem to have taken the position that the details of this table are confidential,​ and that anyone with knowledge of its structure must have been privy to information covered by a non-disclosure agreement. 
- 
-This web page exists solely to prove that the above position is incorrect. 
- 
-Without revealing any information about its structure, we will show that the iSCSI Boot Firmware Table may be decoded using tools published by Microsoft for this exact purpose. 
- 
-==== Step 1: Obtain the boot-capable Microsoft iSCSI initiator ==== 
- 
-This is available from several sources, including Microsoft itself. ​ For this demonstration,​ we chose to purchase a copy of [[http://​www.emboot.com|emBoot'​s]] winBoot/i software, which includes a copy of the boot-capable Microsoft iSCSI initiator. ​ Here is the emBoot download page: 
- 
-{{ iscsiboot/​emboot-download-page.png?​200x150 }} 
- 
-After filling in the web form, we received an e-mail containing a download link, which took us straight to a zip file: 
- 
-{{ iscsiboot/​emboot-zipfile.png?​200x150 }} 
- 
-==== Step 2: Install the boot-capable Microsoft iSCSI initiator ==== 
- 
-The zip file contains an executable named WBI_CLIENT_X86_V1_50_B13.EXE.rename. ​ We copied this file out of the archive, renamed it to WBI_CLIENT_X86_V1_50_B13.EXE,​ and ran it: 
- 
-{{iscsiboot/​emboot-client-setup1.png?​200x150 }} 
-{{iscsiboot/​emboot-client-setup2.png?​200x150 }} 
-{{iscsiboot/​emboot-client-setup3.png?​200x150 }} 
-{{iscsiboot/​emboot-client-setup4.png?​200x150 }} 
-{{iscsiboot/​emboot-client-setup5.png?​200x150 }} 
-{{iscsiboot/​emboot-client-setup6.png?​200x150 }} 
-{{iscsiboot/​emboot-client-setup7.png?​200x150 }} 
-{{iscsiboot/​emboot-client-setup8.png?​200x150 }} 
-{{iscsiboot/​emboot-client-setup9.png?​200x150 }} 
-{{iscsiboot/​emboot-client-setup10.png?​200x150 }} 
-{{iscsiboot/​emboot-client-setup11.png?​200x150}} 
- 
-We found that the iscsibcg.exe utility had been installed into C:​\WINDOWS\System32:​ 
- 
-{{ iscsiboot/​iscsibcg-installed.png?​200x150 }} 
- 
-==== Step 3: Boot from iSCSI and run iscsibcg ==== 
- 
-We booted this installation of Windows via iSCSI, opened up a command prompt, and ran the command 
- 
-  iscsibcg /? 
- 
-which stated that the iscsibcg utility has two main functions, one of which is to "View the contents of the iBFT table":​ 
- 
-{{ iscsiboot/​iscsibcg-options.png?​200x150 }} 
- 
-Helpfully, the tool even gave the command which we needed to run in order to view the iSCSI Boot Firmware Table, which was 
- 
-  iscsibcg /ShowiBF 
- 
-Running this command gave us a complete dump of the table, including the raw hex data and a description of each field. ​ To avoid antagonising Microsoft, only a small extract of the output is shown here: 
- 
-{{ iscsiboot/​iscsibcg-showibf.png?​200x150 }} 
- 
-==== Conclusions ==== 
- 
-  * At no point during this process did we need to sign any non-disclosure agreement with Microsoft or any other party. 
-  * At no point during this process did we reverse-engineer any piece of software or use it for anything other than its explicitly stated purpose, according to its own documentation. 
-  * The information obtained from this process is entirely sufficient to allow a programmer to write code for generating or parsing an iSCSI Boot Firmware Table. 
-  * It is therefore incorrect for anyone to claim that the structure of the iSCSI Boot Firmware Table is confidential information. 
  

QR Code
QR Code winbootibft (generated for current page)