CMOS/BIOS

How to hack CMOS/BIOS password

DISCLAIMER: This information is intended for experienced users. It is not intended for basic users, hackers, or computer thieves. Please do not try any of following procedures if you are not familiar with computer hardware. I’ll not be responsible for the use or misuse of this information, including personal injury, loss of data or hardware damage. So use it at your own risk.

1. Retrive using BIOS backdoor passwords
Some BIOS manufacturer put a backdoor password in BIOS which always works irrespective of what password you have set in BIOS. Its a master password which is used for testing and troubleshooting purposes.

AMI BIOS Passwords:


AWARD BIOS Passwords:
Click to enlarge>


PHOENIX BIOS Passwords:


Other Manufacturer BIOS Passwords:



2. Using MS-Dos prompt
This method works only if you have access to the system when its turned on because this method requires MS DOS. Open MS DOS from programs menu and provide following commands one bye one:

debug
- O 70 2E
- O 71 FF
- Q

NOTE: The first character in the above commands is “O” and not the number 0.

3. Using Mother board Battery

In most motherboards CMOS battery is soldered, which makes it difficult to remove the battery. In this case we use another method. Almost all motherboards contain a jumper that can clear all CMOS settings along with the BIOS password. The location of this jumper varies depending upon the motherboard brand. You should read your motherboard manual to check its location. If you don’t have the manual then look for the jumpers near the CMOS battery. Most of the manufacturer label the jumper as CLR, CLEAR, CLEAR CMOS, etc.

When you find the jumper, look carefully. There will be 3 pins and the jumper will be joining the center pin to either left or right pin. What you need to do, is remove the jumper and join the center pin to the opposite pin. e.g. if the jumper joins center pin to left pin, then remove it and join center pin to right pin. Now wait for a few seconds and then again remove the jumper and join the center pin to left pin. Make sure to turn the PC off before opening the cabinet and resetting the jumper.



5. Using Softwares

a) CMOSPWD
- Download cmospwd from http://www.cgsecurity.org/wiki/CmosPwd
- Save the file to C: drive (unzip the file if needed)
- Using MS Dos reach C:/CMOSPWD>
- Type 'CMOSPWD /K' to kill CMOS password
- Close Dos prompt and restart the machine
http://web.archive.org/web/20020203191544/www.cgsecurity.org/index.html?cmospwd.html

b) !BIOS (More details on below link)
http://www.11a.nu/software/bios-pc-bios-security-and-maintanance-toolkit/

c) KillCmos (More details below)
http://www.majorgeeks.com/download2969.html

Issue I had was with Phoenix BIOS password and I was able to solve the issue using CMOSPWD tool without making any hardware changes. I recommend this tool esp' for laptops as other options might be little bit dangerous to perform on a laptop.