2011-06-05

Extracting and using a modified VMWare Player BIOS

One day or another, you may want to play with BIOS modification. But before jumping into physical motherboard flash alteration, where the consequences of a mishap can be difficult to salvage, experimenting with the BIOS in a virtual environment sounds like a sound first step. You have of course the opportunity to do so using bochs, however the ubiquitous nature and ease of use of the (freely available) VMware Player can turn the latter in a much better candidate for the job if you don't really care about the extra features that bochs brings in. This post details how one can extract the BIOS used by the VMWare Player, and how to setup the player to use a modified one.
  1. Download and install VMware Player. The current version of VMware Player is 4.00, and the download can be obtained from this page (freely, but after e-mail registration). Binaries are available for Windows and Linux, in both 32 and 64 bit versions.
  2. Extract the BIOS from the VMware executables by following the instructions below:

    • Windows: Download and install 7-zip (which any reasonable Windows user should have installed anyway). Then navigate to your VMware Player installation directory and locate the vmware-vmx.exe application (notice the -vmx here). It should reside in the same directory for 32 bit, or in the x64\ directory for 64 bit. Open it in 7-Zip and go to the .rsrc\BINRES\ directory. There look for a file exactly 524 288 bytes (512 KB) in size. On current versions, there should be only one, called '6006'. This is the BIOS file we are after, so just extract it to a directory of your choice.
    • Linux: From a terminal, navigate to the directory vmware-vmx binary resides (default is /usr/lib/vmware/bin. Issue the following set of commands (copied from the Arch Linux VMware page):
      $ objcopy /usr/lib/vmware/bin/vmware-vmx -O binary -j bios440 --set-section-flags bios440=a bios440.rom.Z
      $ perl -e 'use Compress::Zlib; my $v; read STDIN, $v, '$(stat -c%s "./bios440.rom.Z")'; $v = uncompress($v); print $v;' < bios440.rom.Z > bios440.rom
      Remember that you can always use objdump -h to find the various sections before using objcopy, in case the BIOS is no longer called bios440.rom
  3. Edit the BIOS as you see fit. Note that the BIOS VMware uses is of type Phoenix.
    If you are on Windows, you can download a full version of Phoenix Bios Editor Pro v2.1.0.0 from Intel under the name BIOS Logo Change Utility (or simply search for "Phoenix" on the Intel Download Center). If you install this tool on Vista or later, you will have to run Phoenix Bios Editor Pro as Administrator, and possibly in a 32 bit environment, for it to work.
  4. Once your BIOS is modified according to your needs, locate the Virtual Machine you plan to test your BIOS with and copy your modified BIOS file into its directory. Then, if your modified BIOS is called myBIOS.rom edit the .vmx file to add the line:
    bios440.filename = "myBIOS.rom"
  5. Run the image, and it should use your modified BIOS. If you have simply modded the original using Phoenix Bios Editor, a good way to confirm that the VM is using your custom BIOS is to change the 'Quiet Boot Logo' section, which contains the VMware logos you see during BIOS execution.

8 comments:

  1. This will come in handy as I'm migrating to the 4.x line soon. Thanks!

    ReplyDelete
  2. Hi. I changed the DMI information (Vendor, Serial Number) and saved the BIOS but still the BIOS Serial Number shown in the VM is the one created by Vmware. Any idea ?

    I can't find a way to have the Serial Number of the VM set the physical machine value (displayed by dmidecode -t1).
    With Virtualbox I managed to have it working easily (DmiSystemSerial parameter).
    Any idea ?
    I've the following vmx extra parameters :
    bios440.filename = "bios440-new.rom"
    SMBIOS.reflectHost = "TRUE"
    SMBIOS.useShortSerialNumber = "True"

    ReplyDelete
  3. That's something I never tried, and of course, since the hardware is emulated, VMWare are free to pick the data from the BIOS, or override it with their own value. I'm afraid I can't help you there...

    ReplyDelete
  4. Hi.
    I had done modification of "v_m_w_a_r_e_-_v_m_x.e_x_e" (x32 or x64) to change vendor's string in SMBIOS serial number. Try to find the string "VMware-s%" in the file and change it.

    ReplyDelete
    Replies
    1. please, give the details. I can not find out how to change the serial number

      Delete
    2. Look, you must use any HEX editor to find string "VMware-s%" in v_m_w_a_r_e__v_m_x_.exe (32/64 bit version). After the string has been found - make the change in HEX editor, for example "MYware-s%".

      Delete
    3. And VMware's UUID can be changed via: "uuid.bios = " parameter it the .vmx configuration file.

      Delete
  5. I follow the instruction: using 7zip to extract rom 512KB. Then, using Phoenix editor to change bios info. In sub windows "DMI string", there are lines: "Serial Number" "System Serial Number" "Chassis Serial Number". I have tried to modify all. But Serial Number of Virtual Machine is still auto-generated.
    Please, help! Thanks so much!

    ReplyDelete