Wanted to say thanks as well, this thread helped me unlock an age old drive from my neighbor.
The drive with the unknown ata password was a WD 2500 bevt from 2009.
Here's a quick write up, of what I did, you can find all the tools mentioned here:https://github.com/wschopohl/wdatapwd
[On another windows machine] I created a bootable usb stick with HPUSBFW_v2.2.3.exe
and copied the unzipped MHDD
directory on it.
I disabled AHCI in bios, then I booted from usb without the hdd (bios would freeze on password screen otherwise) and connected the hdd via sata once DOS was booted up.
Started MHDD.exe, selected correct drive with "Shift + F3" (for me it was 6). Then "F2" for scan drive, reported some information about the drive and that it was locked by ATA password. Executed .dump script which created 21.bin and 22.bin. Unplugged the stick (didn't even bother to shut down) and put it in a working laptop. Opened 22.bin with a hexeditor (I put 22.bin
in the github repo as well, if you want to follow along). Search for this sequence "01 07 00" and found it at position 0x10F (your position might be different though). The next 32 bytes looked like this: "30 00 16 00 26 00 26 00 1F 00 23 00 17 00 14 00 00 ...". Ignoring all the zeros I got this: "30 16 26 26 1F 23 17 14". Then using MSKeyLog.TXT
I converted all the numbers to letters, in my case it spells "BULLSHIT" and used the lower case version "bullshit" successful as user password!
One side note: For whatever reason I wasn't able to use the password with the MHDD unlock command, but the password was accepted by the bios hdd password unlock screen. And don't forget to turn AHCI back on if you turned it off, my Windows wouldn't start otherwise.