All times are UTC - 5 hours [ DST ]




Post new topic Reply to topic  [ 70 posts ]  Go to page Previous  1, 2, 3, 4
Author Message
 Post subject: Re: Unlock WD My Book Essential
PostPosted: June 19th, 2014, 20:58 
Offline
User avatar

Joined: December 4th, 2012, 1:35
Posts: 2965
Location: Adelaide, Australia
kahunadude wrote:
Is the code located on the drive (if so, any idea where it might be?) or on the control board?
Also, what backup program do you recommend? The WD Smartware software does not appear to be very flexible.


The code probably isnt located anywhere.

The drive would probably check a control where you enter a password, it tries to decrypt a control string, and if that decrypts succesfully, then it is the correct password.

The code is easy enough to disassemble, no packers used or really any protection on disassembling. AES is a fairly well tested algo, so you would be looking for flaws in WD's implentation of it. You would be looking for cases where they store the key on the drive, or leave it lying around in memory, temp file or something. basically you would have to start hacking at it and follow your nose. You would probably need a debugger on both PC and Hard disk.

BTW, if it was easy enough, it would have been done by now ;)

i think you may assume the data is sitting on the drive, and a password is the doorway to it.
Quote:
in order to bypass the password verification process altogether?

This is not the case, what is stored on the drive is an encrypted version of the data.. you dont need to bypass the password, you need the password.


Top
 Profile  
 
 Post subject: Re: Unlock WD My Book Essential
PostPosted: June 20th, 2014, 1:31 
Offline

Joined: July 18th, 2006, 3:05
Posts: 7526
Location: ITALY
I wonder what's behind the interest in decrypting these drives... and who. But this is another story.


Top
 Profile  
 
 Post subject: Re: Unlock WD My Book Essential
PostPosted: June 20th, 2014, 2:16 
Offline
User avatar

Joined: December 4th, 2012, 1:35
Posts: 2965
Location: Adelaide, Australia
I guess in a lot of cases, there is a need for Data recovery. If the data is indeed encrypted, and you simply need a password, AND there is no mechanical or other issues a regular DR job would involve, then A DR shop would benifit greatly to be able to decrypt.

There seems to be quite a few reported instances where the user did not set a password, or does not remember setting a password, or has legitamely forgotton it.

seems to me in hindsight, a key bit of research would be that if you do not intend to encrypt your data, don't buy a HDD that encrypts.

This sort of info is getting more and more abstracted from the user, and general population is losing the ability to understand the tech they are using.

same with flash drives, why encrypt between the Controller and NAND when any regular logical access has no encryption capability? it isnt necessary for wear levelling or to make the NAND last longer, I can't see it would hinder any reverse engineering if another flash vendor wanted to steal the IP, it simply makes recovery harder. Pretty stupid, IMHO, to make NAND off recovery hard if it is for protection of data when just plugging it in has no protection.

And BlackST.. I bet there is interest in other areas as well, which I think you are alluding to... Wouldnt a Snowden expose on hard drive encryption breaking be very interesting!


Top
 Profile  
 
 Post subject: Re: Unlock WD My Book Essential
PostPosted: June 21st, 2014, 14:35 
Offline

Joined: June 21st, 2014, 11:52
Posts: 6
Location: Argentina
HaQue wrote:
....seems to me in hindsight, a key bit of research would be that if you do not intend to encrypt your data, don't buy a HDD that encrypts.
This sort of info is getting more and more abstracted from the user, and general population is losing the ability to understand the tech they are using.
...


Unfortunatelly users don't know that HD has encryption on it. I had a burnt controller on one of this, and board swap was not an option. So usually this backfires to user who wants backups in an ACCESIBLE format, that's the whole idea of backups. Users who are concerned about privacy can use cypher folders or some other way to protect their critical data instead of having a potentially inaccesible drive. Data is encrypted even if there is no password. Users should be warned about higher risks of these drives.


Top
 Profile  
 
 Post subject: Re: Unlock WD My Book Essential
PostPosted: June 21st, 2014, 15:50 
Offline

Joined: July 18th, 2006, 3:05
Posts: 7526
Location: ITALY
HaQue wrote:
And BlackST.. I bet there is interest in other areas as well, which I think you are alluding to... Wouldnt a Snowden expose on hard drive encryption breaking be very interesting!


If people instead of wasting their time on social networks and useless stuff did study a little bit more, maybe things should have been different.... :D
P.S. did you read about my call some years ago about teamworking on something related to this thread ?


Top
 Profile  
 
 Post subject: Re: Unlock WD My Book Essential
PostPosted: June 21st, 2014, 16:42 
Offline
User avatar

Joined: December 4th, 2012, 1:35
Posts: 2965
Location: Adelaide, Australia
Yes I did and did, It seems to have been in march this year :) I did actually have a look at it, though got sidetracked with regular flash work. Thanks for bringing it up.. I went back and read those few threads, and I think I also brought up dinner. I still don't think anyone has mentioned a lab anywhere that can recover a smartware encrypted drive? Or any other real useful info.

The PC with Smartware and the WD drive is still in my lab in the corner so Ill have to revisit it now. Especially after Tuesday when a nice little toy gets delivered.. I hadn't thought of applying it to this but I think it will help a lot.


Top
 Profile  
 
 Post subject: Re: Unlock WD My Book Essential
PostPosted: February 10th, 2017, 18:48 
Offline

Joined: February 4th, 2017, 12:05
Posts: 13
Location: columbus ohio
If you're still dealing with this drive, I think I have your DEK.
The block you posted in the JPEG for the "unlocked" drive is
encrypted with the default key. Decrypting it gave me this
for the DEK:

4504a939597a215c91721a97a1fdf58c14f4acf92a2de2400c039e1c8ac45ee8

In order to decrypt the disk, you have to reverse each block of
four bytes, decrypt with AES in ECB mode, using this key, then
reverse each four bytes in the result. (The problem is one of endianness.)

If you post a dump of the first block or two from the disk, I
could check if this works.

Also, look at a package called reallymine on github.


Top
 Profile  
 
 Post subject: Re: Unlock WD My Book Essential
PostPosted: February 10th, 2017, 18:54 
Offline

Joined: February 4th, 2017, 12:05
Posts: 13
Location: columbus ohio
I think the forum posted my comment to this thread by mistake. Sorry.


Top
 Profile  
 
 Post subject: Re: Unlock WD My Book Essential
PostPosted: February 10th, 2017, 18:54 
Offline

Joined: February 4th, 2017, 12:05
Posts: 13
Location: columbus ohio
If you're still dealing with this drive, I think I have your DEK.
The block you posted in the JPEG for the "unlocked" drive is
encrypted with the default key. Decrypting it gave me this
for the DEK:

4504a939597a215c91721a97a1fdf58c14f4acf92a2de2400c039e1c8ac45ee8

In order to decrypt the disk, you have to reverse each block of
four bytes, decrypt with AES in ECB mode, using this key, then
reverse each four bytes in the result. (The problem is one of endianness.)

If you post a dump of the first block or two from the disk, I
could check if this works.

Also, look at a package called reallymine on github.


Top
 Profile  
 
 Post subject: Re: Unlock WD My Book Essential
PostPosted: October 14th, 2017, 17:17 
Offline

Joined: October 9th, 2017, 16:05
Posts: 3
Location: London
Sorry if I reply to this very old thread... but since the only correct answer wasn't given yet, let me catch that up for you.

If we have a look at the research paper titled "got HW crypto? On the (in)security of a Self-Encrypting Drive series" from the researchers Gunnar Alendal, Christian Kison, modg et al. (i.e. the paper all of the WD decryption solutions are using for these type of drives), we quickly find out that the correct user set password for the locked drive mentioned here (by the OP): https://forum.hddguru.com/viewtopic.php ... 88#p131488 is "chooseapassword" (without quotes). This can be done by just hashing all candidate passwords (and in this case it is really an easy password that is present in every normal word list a password cracker uses) with sha256 for 1000 times (first iteration is using the utf-16le password salted with a *constant* salt "WDC." - without quotes -). The constant salt, by the way, makes this attack even more easy because the attacker can precompute the whole password list (e.g. a mapping from pass(+constant salt)->KEK can be pre-computed... but as already mentioned, with an easy password like this one it isn't even worth the trouble, disk space, precomputation time etc,... it can be done on-the-fly even with an old CPU).

This means that the KEK in this case is determined by 1000 times sha256 () of the utf-16le form of "WDC." concatened with "chooseapassword" which is:
4e583ccf1052ec67c89c09750440b45a80f3ba81c355c3b22432c1acae00e20b
instead of the default KEK (if no user password was set):
03141592653589793238462643383279fcebea6d9aca7686cdc7b9d9bcc7cd86

Therefore, given this edek (encrypted DEK blob from https://forum.hddguru.com/viewtopic.php ... 88#p131488, image was named "VCD sector locked"):

Code:
57 44 01 14 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 74 5b 78 00 00 00 00 00 74 5b 78 00
00 00 00 00 00 14 e0 00 20 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 57 44 01 14
00 f9 9d 9f 92 9c c5 73 bc 87 93 2c a0 65 0f ed
75 5a b4 82 5e d7 7a 36 1b 1e 67 88 f1 aa ea 4c
23 4a 8f 5a b6 cc c5 3b 89 7e da ed be c0 67 8f
df 96 66 13 5d 9a 06 cb 26 a9 33 35 37 96 07 72
6d 28 b1 8c ef 65 67 f4 04 63 71 7c ca c0 9b 5c
34 19 3e 12 8b 31 d7 92 8e 1d d6 fb 2f fa 86 22
3a b8 9f 4b ec 82 85 f9 57 92 d7 83 cc 6f 7f 11
90 42 21 72 fc 5c 59 90 ee 85 d6 9a 7f 53 fa f9
e6 87 6e 0e 2f b1 69 04 86 a3 13 6f 6f 92 bd a0
8b be 43 d9 8f b8 4a cd 63 24 0f 5c 17 28 d2 cb
fc 22 0a 0b 20 59 6c 1d 3d 37 3e 0a 32 4a f8 ad
98 86 53 04 3a 12 be d0 cd d3 2d 9b 29 63 d9 12
56 f8 09 ee 18 d8 83 85 7c 19 ce b3 72 4d 28 59
e2 d1 41 21 6a 53 1d 1b b4 ea 7d 0e eb 74 91 df
69 3d 3e 64 3b c2 2a df 91 ee be cc 01 9d 08 db
56 ad a5 34 c9 30 a0 56 18 6c 84 0e d6 fd f1 7e
b3 b9 58 98 64 ad 0c ff ae a7 3e b4 ac 53 ac 30
07 e3 33 86 4f d8 4f 6d ae 10 c0 ae 5c b5 d4 29
a9 f1 78 87 91 5c 5d 31 64 a3 a6 55 56 37 88 d5
a1 21 21 cf 1b 28 ef 9a 07 e5 4a da cc 1f e6 c1
55 68 46 2f ec e6 ed b5 20 b7 e0 1d b9 e8 f5 f1
ae 7d b5 f5 ef b9 32 86 15 7e ce 76 30 8b a2 db
67 49 28 60 3b 27 8b 41 09 a3 64 45 4c 00 fa 35
cd f3 2e bb 90 52 3f bc 05 85 53 02 fe 55 18 c2
b3 ac d9 d8 59 80 81 1d f0 71 d9 f3 11 ed 9d 80
71 53 3a 78 82 43 fe 4b 75 f3 f4 cc 67 ad ad f7
c6 11 bd 8c bc 1b 83 7e dd 87 19 e7 55 be 3b f9
33 41 d9 3b e1 ef 2d 0a 71 7a 6f c6 c5 b4 b4 ad


we can decrypt it with the user password "chooseapassword" (without quotes) and therefore KEK 4e583ccf1052ec67c89c09750440b45a80f3ba81c355c3b22432c1acae00e20b to:

Code:
57 44 01 14 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 74 5b 78 00 00 00 00 00 74 5b 78 00
00 00 00 00 00 14 e0 00 20 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 57 44 01 14
00 00 74 65 00 00 00 00 00 00 00 00 00 00 00 00
00 00 c2 23 00 00 00 00 00 00 00 00 00 00 00 00
00 00 f2 4f 00 00 00 00 00 00 00 00 00 00 00 00
00 00 db 62 00 00 00 00 00 00 00 00 00 00 00 00
00 00 68 5c 00 00 00 00 00 00 00 00 00 00 00 00
00 00 12 84 00 00 00 00 00 00 00 00 00 00 00 00
00 00 2f c9 00 00 00 00 00 00 00 00 00 00 00 00
00 00 b1 ee 00 00 00 00 00 00 00 00 00 00 00 00
00 00 18 ce 00 00 00 00 00 00 00 00 00 00 00 00
00 00 5b b0 00 00 00 00 00 00 00 00 00 00 00 00
00 00 4a 47 00 00 00 00 00 00 00 00 00 00 00 00
00 00 53 69 00 00 00 00 00 00 00 00 00 00 00 00
00 00 5e 46 00 00 00 00 00 00 00 00 00 00 00 00
00 00 c8 7a 00 00 00 00 00 00 00 00 00 00 00 00
00 00 da 6a 00 00 00 00 00 00 00 00 00 00 00 00
00 00 ba 65 00 00 00 00 00 00 00 00 00 00 00 00
00 00 42 a8 00 00 00 00 00 00 00 00 00 00 00 00
00 00 89 9d 00 00 00 00 00 00 00 00 00 00 00 00
00 00 21 f3 00 00 00 00 00 00 00 00 00 00 00 00
00 00 77 c1 00 00 00 00 00 00 00 00 00 00 00 00
00 00 6f e6 00 00 00 00 00 00 00 00 00 00 00 00
27 5d ba 35 86 cd 6a ce 00 00 00 20 cb a4 59 67
f9 fe 45 f7 7b 58 de 79 50 80 bf d1 95 db d2 5f
08 20 d5 e5 bf 0b 99 ce be b2 88 16 00 00 25 35
00 00 21 63 00 00 00 00 00 00 00 00 00 00 00 00
00 00 1d 36 00 00 00 00 00 00 00 00 00 00 00 00
00 00 a7 44 00 00 00 00 00 00 00 00 00 00 00 00
00 00 85 d7 00 00 00 00 00 00 00 00 00 00 00 00


(actually the output needs to be byte-swapped after the decryption, as also automatically done by tools like reallymine, but I stick here to this format because also the paper "got HW crypto?" uses this form of output)

This decrypted eDEK shows us that the DEK is:
6759a4cbf745fef979de587bd1bf80505fd2db95e5d52008ce990bbf1688b2be

and that the AES key is therefore (just rearrange the bytes, as tools like reallymine also automatically do):
5080bfd17b58de79f9fe45f7cba45967beb28816bf0b99ce0820d5e595dbd25f

Therefore the only correct answer (in my opinion) is that the password is "chooseapassword" (without quotes) and the AES key is 5080bfd17b58de79f9fe45f7cba45967beb28816bf0b99ce0820d5e595dbd25f (hexadecimal version of it).
I'm not sure why this wasn't mentioned in the previous posts, it was kind of confusing to me that several forum users are mentioning the DEK (and AES key) of the already unlocked disk (for which the OP already knew the keys).

Hope these facts help others in the future and that this answer helps to get rid of the confusion within this thread (about the AES key which was already known to the poster from the beginning and that he/she only posted to show the difference between edeks from locked and unlocked drives).


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 70 posts ]  Go to page Previous  1, 2, 3, 4

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: abolibibelot and 31 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group