Hi every body
I want to write an assembly code and embedded it in VC++ 6 to retrieve BIOS information perticularly its serial number .I want to do the same for mother board . In fact I try to retrieve unique identifier of hardware.Up till now i obtained CPU serial no and its speed.
I try to write my code with win32.
I appriciate if any one u help me .
regards ,
Maser
:eek
There is a subforum here (http://www.masm32.com/board/index.php?board=24.0), where you may find help.
Nick
Hi Nikle
where did u assign me is subForum about 16 bit assembly(Dos), ya in Dos there is a header file called as <bios.h> which we can retrieve all needed information but unfourtunatly bios.h does not exist in masm32 in 32 bits context.
thanks,
Maser
In Windows you do not have direct access to hardware and BIOS ROM like in DOS ways.
You can search for some registry keys that might be holding this info.
In Windows the only acceptable way to get direct access to hardware is to use the API (if one exists) or to write a driver...and that later option is slightly complicated.
For a hardware ID you can also use the network card MAC address returned the Netbios API (or other API)...
You could also obtain the HDD serial number with a simple driver.
GetAdaptersInfo() is quite simple to use, and unlike Netbios-based approaches, works always... as long as there's a NIC.
[attachment deleted by admin]
You can use WMI to get BIOS Information. Although, on my system the Serial Number is blank. This code was originally written by Kernel_Gaddafi. You can use it as a template for WMI queries. Just change the class and property to what you want.
.586
.MODEL FLAT,STDCALL
OPTION CASEMAP:NONE
INCLUDE windows.inc
INCLUDE kernel32.inc
INCLUDE ole32.inc
INCLUDE msvcrt.inc
INCLUDE gel32.inc
INCLUDELIB kernel32.lib
INCLUDELIB ole32.lib
INCLUDELIB msvcrt.lib
INCLUDELIB gel32.lib
INCLUDE c:\masm32\macros\ucmacros.asm
; located in ObjIdl.h
EOAC_NONE EQU 0
; located in RpcDce.h
RPC_C_AUTHN_LEVEL_DEFAULT EQU 0
RPC_C_IMP_LEVEL_DEFAULT EQU 0
RPC_C_IMP_LEVEL_IMPERSONATE EQU 3
GUID2 STRUC
dd1 DWORD ?
dw1 WORD ?
dw2 WORD ?
db1 BYTE ?
db2 BYTE ?
db3 BYTE ?
db4 BYTE ?
db5 BYTE ?
db6 BYTE ?
db7 BYTE ?
db8 BYTE ?
GUID2 ENDS
IWbemLocator STRUCT
lpVtbl DWORD ?
IWbemLocator ENDS
IWbemLocatorVtbl STRUCT
QueryInterface DWORD ?
AddRef DWORD ?
Release DWORD ?
ConnectServer DWORD ?
IWbemLocatorVtbl ENDS
IWbemServices STRUCT
lpVtbl DWORD ?
IWbemServices ENDS
IWbemServicesVtbl STRUCT
QueryInterface DWORD ?
AddRef DWORD ?
Release DWORD ?
OpenNamespace DWORD ?
CancelAsyncCall DWORD ?
QueryObjectSink DWORD ?
GetObject DWORD ?
GetObjectAsync DWORD ?
PutClass DWORD ?
PutClassAsync DWORD ?
DeleteClass DWORD ?
DeleteClassAsync DWORD ?
CreateClassEnum DWORD ?
CreateClassEnumAsync DWORD ?
PutInstance DWORD ?
PutInstanceAsync DWORD ?
DeleteInstance DWORD ?
DeleteInstanceAsync DWORD ?
CreateInstanceEnum DWORD ?
CreateInstanceEnumAsync DWORD ?
ExecQuery DWORD ?
ExecQueryAsync DWORD ?
ExecNotificationQuery DWORD ?
ExecNotificationQueryAsync DWORD ?
ExecMethod DWORD ?
ExecMethodAsync DWORD ?
IWbemServicesVtbl ENDS
IEnumWbemClassObject STRUCT
lpVtbl DWORD ?
IEnumWbemClassObject ENDS
IEnumWbemClassObjectVtbl STRUCT
QueryInterface DWORD ?
AddRef DWORD ?
Release DWORD ?
Reset DWORD ?
Next DWORD ?
NextAsync DWORD ?
Clone DWORD ?
Skip DWORD ?
IEnumWbemClassObjectVtbl ENDS
IWbemClassObject STRUCT
lpVtbl DWORD ?
IWbemClassObject ENDS
IWbemClassObjectVtbl STRUCT
QueryInterface DWORD ?
AddRef DWORD ?
Release DWORD ?
GetQualifierSet DWORD ?
Get DWORD ?
Put DWORD ?
Delete DWORD ?
GetNames DWORD ?
BeginEnumeration DWORD ?
Next DWORD ?
EndEnumeration DWORD ?
GetPropertyQualifierSet DWORD ?
GetObjectText DWORD ?
SpawnDerivedClass DWORD ?
SpawnInstance DWORD ?
CompareTo DWORD ?
GetPropertyOrigin DWORD ?
InheritsFrom DWORD ?
GetMethod DWORD ?
PutMethod DWORD ?
DeleteMethod DWORD ?
BeginMethodEnumeration DWORD ?
NextMethod DWORD ?
EndMethodEnumeration DWORD ?
GetMethodQualifierSet DWORD ?
GetMethodOrigin DWORD ?
IWbemClassObjectVtbl ENDS
.CONST
wszSelect WORD "S","E","L","E","C","T"," ","*"," ","F","R","O","M"," ",0 ; the WSTR macro can't handle the asterisk
wszCrLf WORD 13,10,0
WSTR wszClass, "Win32_BIOS" ;<<< Set class here
WSTR wszProperty, "SerialNumber" ;<<< Set property here
WSTR wszNameSpace, "root\cimv2"
WSTR wszQueryLanguage, "WQL"
WSTR wszMsg, "Serial Number: %s"
.DATA
; located in WbemCli.h
WBEM_FLAG_CONNECT_USE_MAX_WAIT EQU 80h
WBEM_FLAG_FORWARD_ONLY EQU 20h
WBEM_INFINITE EQU -1
WBEM_E_INVALID_QUERY EQU 80041017h
WBEM_E_INVALID_QUERY_TYPE EQU 80041018h
IID_IWbemLocator GUID2 <0dc12a687h,0737fh,011cfh,088h,04dh,000h,0aah,000h,04bh,02eh,024h>
IID_IEnumWbemClassObject GUID2 <027947e1h,0d731h,011ceh,0a3h,057h,000h,000h,000h,000h,000h,001h>
IID_IWbemClassObject GUID2 <0dc12a681h,0737fh,011cfh,088h,04dh,000h,0aah,000h,04bh,02eh,024h>
; located in WbemProv.h
CLSID_WbemAdministrativeLocator GUID2 <0cb8555cch,09128h,011d1h,0adh,09bh,000h,0c0h,04fh,0d8h,0fdh,0ffh>
locator IWbemLocator <>
service IWbemServices <>
enumerator IEnumWbemClassObject <>
processor IWbemClassObject <>
retCount DWORD ?
var_val DWORD ?
DWORD ?
DWORD ?
pwszResult PWORD ?
wszQuery WORD 256 dup(?)
.CODE
main:
INVOKE CoInitializeEx, NULL, COINIT_MULTITHREADED
INVOKE CoInitializeSecurity, NULL, -1, NULL, NULL, RPC_C_AUTHN_LEVEL_DEFAULT, RPC_C_IMP_LEVEL_IMPERSONATE, NULL, EOAC_NONE, NULL
INVOKE CoCreateInstance, ADDR CLSID_WbemAdministrativeLocator, NULL, CLSCTX_INPROC_SERVER, ADDR IID_IWbemLocator, ADDR locator
INVOKE lstrcatW, ADDR wszQuery, ADDR wszSelect
INVOKE lstrcatW, ADDR wszQuery, ADDR wszClass
mov esi, locator
lodsd
push OFFSET service
push NULL
push NULL
push WBEM_FLAG_CONNECT_USE_MAX_WAIT
push NULL
push NULL
push NULL
push OFFSET wszNameSpace
push DWORD PTR [locator]
call DWORD PTR [eax][IWbemLocatorVtbl.ConnectServer]
mov esi, service
lodsd
push OFFSET enumerator
push NULL
push WBEM_FLAG_FORWARD_ONLY
push OFFSET wszQuery
push OFFSET wszQueryLanguage
push DWORD PTR [service]
call DWORD PTR [eax][IWbemServicesVtbl.ExecQuery]
mov esi, enumerator
lodsd
push OFFSET retCount
push OFFSET processor
push TRUE
push WBEM_INFINITE
push DWORD PTR [enumerator]
call DWORD PTR [eax][IEnumWbemClassObjectVtbl.Next]
mov esi, processor
lodsd
push NULL
push NULL
push OFFSET var_val
push 0
push OFFSET wszProperty
push DWORD PTR [processor]
call DWORD PTR [eax][IWbemClassObjectVtbl.Get]
mov esi, [var_val]
mov edi, [var_val + 4]
mov ecx, [var_val + 8]
mov pwszResult, ecx
INVOKE crt_wprintf, ADDR wszCrLf
INVOKE crt_wprintf, ADDR wszMsg, pwszResult
INVOKE crt_wprintf, ADDR wszCrLf
INVOKE CoUninitialize
INVOKE WaitKeyW, uni$("Press any key to exit ...")
INVOKE ExitProcess, 0
;======================================================
END main
Wow nice find Greg, thanks for sharing! also you made a slight typing mistake with gel32.inc/lib should be glu32.inc/lib I believe.
Hi and tanx to every body
unfortunately all above mentioned techniques (WMI or Registry) could not consider as trust able ways (because they are modifiable) to retrieve the information from system.
Have u got any idea about using System Management BIOS (SMBIOS)?
Maser.
Regarding gel32.lib, that is my own personal library. It was included for WaitKeyW. Sorry 'bout that.
FWIW, here is WaitKeyW:
.586
.MODEL FLAT, STDCALL
OPTION CASEMAP:NONE
INCLUDE msvcrt.inc
INCLUDE c:\masm32\macros\ucmacros.asm
IFNDEF NULL
NULL EQU 0
ENDIF
.CODE
WaitKeyW PROC pwszPrompt:PTR WORD
.DATA
IFNDEF wszCrLf
wszCrLf WORD 13,10,0
ENDIF
.CODE
.IF pwszPrompt == NULL
INVOKE crt_wprintf, ADDR wszCrLf
INVOKE crt_wprintf, uni$("Press any key to continue ... ")
.ELSE
INVOKE crt_wprintf, ADDR wszCrLf
INVOKE crt_wprintf, pwszPrompt
.ENDIF
INVOKE crt__getch
.IF (eax == 0) || (eax == 0E0h)
INVOKE crt__getch
.ENDIF
INVOKE crt_wprintf, ADDR wszCrLf
ret
WaitKeyW ENDP
END
hi every body
Today i got disappointed to get needed information from BIOS so i decided to get them from windows registry.
Is there any body to know how can I retrieve System info from registry with win32?
Maser
you can write a Console APP to access the information. I simply ran Debug with the appropriate Dump of the F block ( starts at F000:0000), and then looked through the info. You can look it up in either ACPI tables, SMBIOS, or the DMI tables. Here is a cut and paste of a portion of my BIOS F block with the start of the ACPI stuff. That is probably what you are looking for. You can download either the ACPI or DMI spec and look at how to parse the tables. They all begin with a "signature" that you look for, and then they have an offset to jump to to get to the tables. This is an example of part of my F block that shows a portion of the tables. The ACPI and DMI spec will tell you wihch name to search for for the name of the field you are looking for. So this is the _SYSID_ field and _UUID_ subfield.
Quote
F000:0400 5F 53 59 53 49 44 5F 80-11 00 11 04 0F 00 01 00 _SYSID_.........
F000:0410 00 5F 55 55 49 44 5F E1-19 00 44 45 4C 4C 50 00 ._UUID_...DELLP.
F000:0420 10 4A 80 43 B2 C0 4F 59-38 31 00 00 00 00 00 00 .J.C..OY81......
F000:0430 5F 53 4D 5F 8A 1F 02 03-F4 00 00 00 00 00 00 00 _SM_............
F000:0440 5F 44 4D 49 5F E8 A9 09-50 04 0F 00 48 00 23 FF _DMI_...P...H.#.
F000:0450 DA 35 00 DA B2 00 17 0B-0E 38 00 00 80 00 80 01 .5.......8......
F000:0460 00 02 80 02 80 01 00 00-A0 00 A0 01 00 58 00 58 .............X.X
F000:0470 00 01 00 59 00 59 00 01-00 05 80 05 80 01 00 FF ...Y.Y..........
-d♪
F000:0480 FF 00 00 00 00 00 00 DA-23 01 DA B2 00 17 0B 0E ........#.......
F000:0490 38 00 10 F5 10 F5 00 00-11 F5 11 F5 00 00 12 F5 8...............
F000:04A0 12 F5 00 00 FF FF 00 00-00 00 00 00 00 14 00 00 ................
F000:04B0 01 02 00 F0 03 07 80 9E-29 3C 00 00 1F 00 13 03 ........)<......
F000:04C0 44 65 6C 6C 20 49 6E 63-2E 20 20 20 20 20 20 20 Dell Inc.
F000:04D0 20 20 20 20 20 20 20 20-20 00 41 30 34 00 31 30 .A04.10
F000:04E0 2F 32 38 2F 32 30 30 35-00 00 01 19 00 01 01 02 /28/2005........
F000:04F0 00 03 44 45 4C 4C 50 00-10 4A 80 43 B2 C0 4F 59 ..DELLP..J.C..OY
-d♪
F000:0500 38 31 03 44 65 6C 6C 20-49 6E 63 2E 20 20 20 20 81.Dell Inc.
F000:0510 20 20 20 20 20 20 20 20-20 20 20 20 00 50 72 65 .Pre
F000:0520 63 69 73 69 6F 6E 20 57-6F 72 6B 53 74 61 74 69 cision WorkStati
F000:0530 6F 6E 20 33 38 30 20 20-20 20 00 32 50 4A 43 59 on 380 .2PJCY
F000:0540 38 31 00 00 02 08 00 02-01 02 03 04 44 65 6C 6C 81..........Dell
F000:0550 20 49 6E 63 2E 20 20 20-20 20 20 20 20 20 20 00 Inc. .
F000:0560 30 47 39 33 32 32 00 20-20 20 00 2E 2E 43 4E 37 0G9322. ...CN7
F000:0570 30 38 32 31 35 38 56 4A-30 51 44 2E 00 00 03 0D 082158VJ0QD.....
-d♪
F000:0580 00 03 01 07 00 02 03 03-03 03 03 44 65 6C 6C 20 ...........Dell
F000:0590 49 6E 63 2E 20 20 20 20-20 20 20 20 20 20 20 20 Inc.
F000:05A0 20 20 20 20 00 32 50 4A-43 59 38 31 00 20 20 20 .2PJCY81.
F000:05B0 20 20 20 20 20 20 20 00-20 00 00 04 20 00 04 01 . ... ...
F000:05C0 03 0F 02 43 0F 00 00 FF-FB EB BF 00 87 20 03 A0 ...C......... ..
F000:05D0 0F 80 0C 41 04 00 07 01-07 FF FF 4D 69 63 72 6F ...A.......Micro
F000:05E0 70 72 6F 63 65 73 73 6F-72 00 49 6E 74 65 6C 00 processor.Intel.
F000:05F0 00 07 13 00 07 00 80 01-10 00 10 00 01 00 01 00 ................
-d♪
F000:0600 00 03 04 07 00 00 07 13-01 07 00 81 02 00 08 00 ................
F000:0610 08 01 00 01 00 00 05 05-07 00 00 7E 13 04 07 00 ...........~....
F000:0620 82 02 00 00 00 00 01 00-01 00 00 05 05 02 00 00 ................
F000:0630 08 09 00 08 01 00 00 05-02 50 41 52 41 4C 4C 45 .........PARALLE
F000:0640 4C 00 00 08 09 01 08 01-00 00 08 09 53 45 52 49 L...........SERI
F000:0650 41 4C 31 00 00 7E 09 02-08 01 00 00 08 09 53 45 AL1..~........SE
F000:0660 52 49 41 4C 32 00 00 08-09 03 08 01 00 00 0F 0D RIAL2...........
F000:0670 4B 59 42 44 00 00 08 09-04 08 01 00 00 0F 0E 4D KYBD...........M
I have an in.txt and an r.bat. The r.bat pipes in.txt through r.bat and creates out.txt
I am incuding my out.txt so you can peruse it.
[attachment deleted by admin]
For an explanation of SMBIOS terms, try these links.
download.microsoft.com/download/5/D/6/5D6EAF2B-7DDF-476B-93DC-7CF0072878E6/SMBIOS.doc
http://www.dmtf.org/standards/smbios
Does anyone know why Greg's source code, when run on Windows 7, generates an entirely different bios version every time the code is executed?
Thanks,
-Sean
EnumSystemFirmwareTables()
OldTimers post has everything you need to make it happen
The SMBIOS BIOS Information (Type 0) structure, at least through version 2.4, contains no serial number field. And for the serial number field of the System Information (Type 1) structure, I have never tested a system where the field contained anything other than an obviously "dummy" value, SYS-1234567890 for example.
worth mentioning that without using a driver or having access to the \\physicalmemory stuff you'll find some information in the smbios tables
is 'hidden', microsoft alter some of the information when it is retrieved via wmi or walking the \\physicalmemory (or even from the EnumSystemFirmwareTables() family of api's)
the reason for this is so that the information can not be used for drm purposes (although, some of the information like the mainboard manufacturer etc is available).