MCExtractor – Intel, AMD, VIA & Freescale Microcode Extraction Tool

MCExtractor is a tool which parses Intel, AMD, VIA and Freescale processor microcode binaries. It can be used by end-users who are looking for all relevant microcode information such as CPUID, Platform, Version, Date, Release, Size, Checksum etc.

It is capable of converting Intel microcode containers (dat, inc, h, txt) to binary images for BIOS integration, detecting new/unknown microcodes, checking microcode health, Updated/Outdated status and more.

MCExtractor can be also used as a research analysis tool with multiple structures which allow, among others, full parsing & information display of all documented or not microcode Headers.

Moreover, with the help of its extensive database, MCExtractor is capable of uniquely categorizing all supported microcodes as well as check for any microcodes which have not been stored at the Microcode Repositories yet.

Also ReadAche – Web Crawler For Domain-Specific Search

MCExtractor Features

• Supports all current & legacy Microcodes from 1995 and onward
• Scans for all Intel, AMD, VIA & Freescale microcodes in one run
• Verifies all extracted microcode integrity via Checksums
• Checks if all Intel, AMD & VIA microcodes are Latest or Outdated
• Converts Intel containers (dat,inc,txt,h) to binary images
• Searches on demand for all microcodes based on CPUID
• Shows microcode Header structures and details on demand
• Ignores most false positives based on sanity checks
• Supports known special, fixed or modded microcodes
• Ability to quickly add new microcode entries to the database
• Ability to detect Intel Production/Pre-Production Release tag
• Ability to analyze multiple files by drag & drop or by input path
• Ability to ignore extracted duplicates based on name and contents
• Reports all microcodes which are not found at the Microcode Repositories
• Features command line parameters to enhance functionality & assist research
• Features user friendly messages & proper handling of unexpected code errors
• Shows results in nice tables with colored text to signify emphasis
• Open Source project licensed under GNU GPL v3, comment assisted code

How to use MCExtractor

There are two ways to use MCExtractor, MCE executable & Command Prompt. The MCE executable allows you to drag & drop one or more firmware and view them one by one or recursively scan entire directories. To manually call MCExtractor, a Command Prompt can be used with -skip as parameter.

MC Extractor Executable

To use MC Extractor, select one or multiple files and Drag & Drop them to its executable. You can also input certain optional parameters either by running MCE directly or by first dropping one or more files to it. Keep in mind that, due to operating system limitations, there is a limit on how many files can be dropped at once. If the latter is a problem, you can always use the -mass parameter to recursively scan entire directories as explained below.

MC Extractor Parameters

There are various parameters which enhance or modify the default behavior of MC Extractor:

• -? : Displays help & usage screen
• -skip : Skips welcome & options screen
• -exit : Skips Press enter to exit prompt
• -redir : Enables console redirection support
• -mass : Scans all files of a given directory
• -info : Displays microcode header(s)
• -add : Adds new input microcode to DB
• -dbname : Renames input file based on DB name
• -cont : Extracts Intel containers (dat,inc,h,txt)
• -search : Searches for microcodes based on CPUID
• -last : Shows Latest status based on user input
• -repo : Builds microcode repositories from input

MC Extractor Error Control

During operation, MC Extractor may encounter issues that can trigger Notes, Warnings and/or Errors. Notes (yellow/green color) provide useful information about a characteristic of this particular firmware. Warnings (purple color) notify the user of possible problems that can cause system instability. Errors (red color) are shown when something unexpected or problematic is encountered.

Download MC Extractor

MC Extractor consists of two files, the executable (MCE.exe or MCE) and the database (MCE.db). An already built/frozen/compiled binary is provided by me for Windows only (icon designed by Alfredo Hernandez).

Thus, you don’t need to manually build/freeze/compile MC Extractor under Windows. Instead, download the latest version from the Releases tab, title should be “MC Extractor v1.X.X”. You may need to scroll down a bit if there are DB releases at the top.

The latter can be used to update the outdated DB which was bundled with the latest executable release, title should be “DB rXX”. To extract the already built/frozen/compiled archive, you need to use programs which support RAR5 compression.

Compatibility

MC Extractor should work at all Windows, Linux or macOS operating systems which have Python 3.6 support. Windows users who plan to use the already built/frozen/compiled binaries must make sure that they have the latest Windows Updates installed which include all required “Universal C Runtime (CRT)” libraries.

Code Prerequisites

To run MC Extractor’s python script, you need to have the following 3rd party Python modules installed:

• Colorama

  pip3 install colorama

• PTable

  pip3 install https://github.com/platomav/PTable/archive/boxchar.zip

Build/Freeze/Compile with PyInstaller

PyInstaller can build/freeze/compile MC Extractor at all three supported platforms, it is simple to run and gets updated often.

1. Make sure Python 3.6.0 or newer is installed:

   python --version

2. Use pip to install PyInstaller:

   pip3 install pyinstaller

3. Use pip to install colorama:

   pip3 install colorama

4. Use pip to install PTable:

   pip3 install https://github.com/platomav/PTable/archive/boxchar.zip

5. Build/Freeze/Compile MC Extractor:

   pyinstaller --noupx --onefile MCE.py

At dist folder you should find the final MCE executable.

Pictures

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.