for reasons (forgot UEFI Admin password and cannot change boot device) I wanted to add an UEFI Shell to the grub menu of wife’s Ubuntu laptop (ASUS Zenbook)
I asked Chat-GPT for assistance and got following stepe I all did:
Hi @eso - unfortunately: yes. I set an Admin password. This obviously only works for user passwords. I already came across this, but didn’t work.
I found a promising solution in an ASUS Rog Forum, which makes use of AMI flash tool (AfuLnx, AfuDos, AfuEfi…) to dump BIOS and then grab some bytes from there, do some magic decoding stuff.
But this AMI tool needs to compile a driver under Linux wich is supported only up to Kernel 5.x (I failed there for “reasons”). Windows Version is no option, DOS tool failed, as I could not boot into FreeDOS on an EFI machine. So last resort is the efi version of that tool to create a BIOS dump. This is what’s this thread is about.
In a Gentoo forum I read sth about two more insmod things that were added to the GRUB entry.
And you should be able to enter the efishell and do whatever you like.
With this I was able to extract the ASUS (AMI) Bios with the AfuEfix64.efi tool. Now I need to check if lost BIOS password is in there somewhere. The position in file where a yt video refers to unfortunately is empty… Let’s see…