I read somewhere that the master password is never checked directly, but instead the hard drive calculates a CRC or checksum of the password and stores that checksum on the disk, and does the same for comparison whenever the password is re-entered, and that there are only 65,536 possible checksum combinations.

The 5 strikes and you're out, five mistaken password attempts and the drive locks you out, is supposed to prevent brute force attacks, but I believe I have found a relatively easy way around this. A cheap USB external notebook hard drive case.

While examining the USB specification for external USB mass storage devices, I noticed that there are considerable requirements placed upon standby mode power consumption, which requires pretty much that the external USB powered notebook hard drive manufacturer has to completely turn off the drive, rather than just spin it down, to be able to meet the very low maximum current draw specs for standby mode. So, a hard reset is performed to bring the drive back up.

See the opportunity here? A hard reset = 5 more tries.

So basically the code must try the password five times, incrementing the password in such a manner that all 65,536 possible checksum combinations will be tried, and if all five fail, use the USB IOCTL API to put the drive to standby mode, wait a few seconds, then bring it back up the same way and try another five times until it finally cracks it. Then it can proceed to SECURITY ERASE the drive and the user's drive is restored to functionality.

This would potentially power cycle the drive as many as a maximum of approximately 13,100 some odd times, but the drive is a dead brick anyway unless the password is removed or large sums of money are spent at a recovery house. The average drive should be able to tolerate this without complaining.

Giving the user a warning that this could stress or damage a USB port or drive enclosure or drive would probably be required.

I would like to do this myself but my C++ is rusty, my ATA register programming knowledge is rusty, and I just have too many other projects going on right now.

New viruses are showing up that password protect the user's hard drive, the same type of malicious B.S. as the old DMA virus that would overclock a user's DMA chip and fry their motherboard. You would think that @ssholes would something better to do with their time than cost people lost time, data, and money...

But if this cure is valid and you anticipate the need to this code, you stand to become even more of a hard drive God and savior than you already are (which is already pretty considerable as far as I can tell... MHDD is indispensable to me and many others). From the looks of MHDD, your obvious familiarity with the ATA spec and programming expertise would make this a ( relatively ) easy task for you. Hopefully you have enough extra free time and could implement this. It would save a lot of people a lot of lost hardware.

I have Visual Studio 6, and some notebook drives laying around, I could help test.

The one potential issue is with desktop drives: all external 3.5 inch SATA and IDE drive enclosures are self powered (wall transformer powered I mean)... the current draw issue does not exist in those devices because their external power supply provides all the standby current. Therefore, most manufacturers almost certainly don't turn the drive completely off as is the required case with a USB powered notebook drive.

The workaround is using a 44 to 40 pin adapter for about $7 that comes with a female molex connector to plug into a standard desktop power supply connector, hooked up to the 2.5" USB notebook sled, or using a 2.5" notebook USB SATA sled, but with power from a desktop SATA connector. This way, 3.5 inch drives can also be saved.

Who says problems cannot be solved with brute force? I am not absolutely certain, but this should work perfectly.

Sorry, but this is not true...


This figure probably comes from Master Password Revision Code maximum value of 0xFFFF (which has nothing to do with checksums).

Anyway, the problem is already solved many times (in three our products and many others). Sorry to disappoint

_________________
Dmitry

Unfortunate. Well, at least it would still work for brute force dictionary cracking of the password, maybe someone will use this method and get lucky. One could try both user and master passwords... if it kills the drive it was already a useless brick. Not worth spending 50 or 100 to recover a 15 dollar 20 gig laptop drive...

I have the network card boot ROM extension BIOS patch to freeze lock the drives at boot, so at least the virus won't get any of my hard drives...

_________________
http://www.youtube.com/user/TerraformingMaster

http://bbs.doit.com.cn/viewthread.php?tid=20088

what is your opinion of HDDL?

It appears to be able to write firmware.=?

I have a password locked Hitachi DK23DA-20F 20 gig laptop drive. I have the firmware for it on an IBM firmware upgrade CD, but it won't upgrade because the revision level is the same and it says it doesn't need to upgrade it. I wonder if this might do the trick to write the firmware and hopefully get rid of the passwords in the process....

I also have a few other drives that could stand a firmware rewrite (WD "ROM HAWK" AND A FEW sAMSUNGS). Its supposed to be in Russian, I downloaded it but haven't examined it yet.

_________________
http://www.youtube.com/user/TerraformingMaster

Feklar, HDDL can "write firmware" as well as MHDD v4.5 can (by manually supplying ATA commands to the hard drive)... In MHDD 4.5 (in 4.6 it is disabled) it's called scripting engine.

BTW, it's $4,97 for a 20 gig laptop drive

_________________
Dmitry

this is very wierd when someone stresses out the fact that drive worth $15.00 and would not pay $50.00 for service, but at the same time willing to spend days in order to fix that problem.

How could you expect a help from people who invested thousands of dollars and a lifetime in learning, to be able to fix those problems?

You can study how passwords work on hdd's and then you will find an answer.

_________________
www.datarecoveryne.com

BTW, it's $4,97 for a 20 gig laptop drive
_________________
Dmitry Postrigan

Gracias Amigo

---------------------------------------------------
How could you expect a help from people who invested thousands of dollars and a lifetime in learning, to be able to fix those problems?

I wouldn't, but I was kinda hoping a disgruntled ex-Maxtor employee might show up at some point with useful and free infoZ. InfoZ is good. That would be easy, the rest of this is a pain. But its a learning experience, and a worthy contest of man vs. machine, and so therefore I classify it as a worthwhile pursuit even if it wastes some of my time.

_________________
http://www.youtube.com/user/TerraformingMaster

harddrivespecialist: See with your eyes, Ptaak!

A perfectly original and usable brute force weapon to unlock hard drives with a dictionary attack. Since I discovered and devised this method, I can tell you that you will only see it here in this forum, and no where else on the internet.

_________________
http://www.youtube.com/user/TerraformingMaster

I guess you also discovered a wheel

Did you ever think that someone else could have done that years ago prior to you?
Why don't you try to patent it....

_________________
www.datarecoveryne.com

harddrivespecialist in
will-this-forum-jeopardise-our-bread-and-butter-t8362-80.html#p65690

-----> This is exactly what I meant.

-----> You just stated everything I needed to know in your posts.

-----> You want free stuff, free advice and etc.,
-----> I don't want to pick parts from dumpsters, that is why I spent years studying and learning.

The man who knows not Karma, is lost. Nothing is free, my son. However, efficiency and progress are attainable. Computers made from dumpster parts do not magically assemble themselves and begin computing. I am using --> my <-- years of experience (years studying and learning) to assemble and repair them.

-----> I am sure you don't sell yourself for free and charging your customers as much as you feel necessary.

I don't have customers. I don't make an effort to advertise and sell computers or parts. Sometimes I am asked, and I will sell parts cheap, but I don't make an endeavor out of it. My giving computers to the Salvation Army is not entirely selfless: I don't like to babysit helpless ignorant "customers", and I don't need the hassle of Microsoft and Certificates of Authenticity. I have nothing against babysitting the helpless and ignorant regarding computers, but only at my leisure and choice. I have assisted many on the internet with computer and other problems, but I don't have the patience to be doing it all the time for a living.

If I did have customers, however, it would be the same as with you, using my years of experience (years studying and learning) to assemble and repair and sell them. And the same as you, offering a repair service based on that experience. Pot, Kettle, Black. Ptaak: You have probably charged some hundreds of dollars for a repair that cost you 2 dollars: I never have.

-----> This forum won't have any effect on income of most of the people providing help here, -----> so don't try to warn me or others that they might loose their sales.

If the forum will have no effect on your income, then why are you arguing?

If he keeps wanting to have a flame war, perhaps someone can tell him he can move it here, rather than polluting further the high quality thread from whence it originated.

_________________
http://www.youtube.com/user/TerraformingMaster

------> Did you ever think that someone else could have done that years ago prior to you?

Since the standardized specification for the purely USB powered 2.5 inch hard drive standby current is barely more than a year old, it is hard to see how this would be possible... months, possibly. Years, no. Strange... as being a supposed hard drive expert, you did not know this...

5 hours spent on the internet looking for an existing implementation to try to save me the pain in the @ss of having to do it myself turns up nothing, so one can pretty safely say no one else has, given the vast widespread interest in trying to recover password protected drives. The hits that turn up leave only unanswered questions and referrals to DR companies.

_________________
http://www.youtube.com/user/TerraformingMaster

I guess that's proof in itself that not everything leaks onto the Internet.

I'm also baffled. What does powering a 2.5" drive from USB (I've had one at least 5 years. Aliens must have given it to me) have to do with a drive password?

I think the jury might still be out, but I think you might be heading for getting your own special section on this board

I also have to say, as of late I've become very disappointed in what people must think of DR. The going attitude is like: Well, I can reinstall Windows. When smoke is pouring out of my computer, I can diagnose a bad power supply. I've conquered the nastiest virus with Norton. How much harder can DR be? If it wouldn't help people win some Darwin awards, I'd start my own board.... Brain surgery for dummies. Here is how you can do your own lobotomy with a thin spike and a bottle of Jack.

------> I've had one at least 5 years

So have I. I assume yours also has an external 5 volt power cord?

The spec for external drives that are powered solely by their USB cable with no external power is only a little more than a year old. The standby current is critical for those drives for reasons explained in the spec, (so that enough current is available to bring the drive controller back from standby mode) and a non-issue for externally powered drives. Someone who knows laptop drives should know that most will pull 5V 500mA at spinup, and that 5V 500mA is also the maximum legal USB current. Since the controller itself also draws additional 5V amperage, important overcurrent issues arise which the newer specification addresses, providing for circuit designs such that the total current draw never exceeds 500mA, even at spinup. Charged capacitors power the controller during spinup. Read the spec to see why a hard reset has to occur on recovery from standby.

Read the part about hard reset in the original post. (This thread, not the one about privatizing the forum). Scroll to the top of the page: for-maysoft-possible-software-unlock-locked-hdd-t10251.html

_________________
http://www.youtube.com/user/TerraformingMaster

I know this is kind of pointless, but what the hell....

While the 2.5" USB drives I have do have a 5V jack, NONE came with an external supply. ALL of them draw their power entirely from the USB port. Maybe it doesn't always work well, but this is the way it's been done for years. Simply because a spec doesn't exist doesn't mean it won't be done. To use a metaphor a PC repair guy would get, the Wireless N spec, as far as I know, hasn't been made official. Yet, N routers have been available for years. Is that somehow a violation of the temporal prime directive or something?

If you're talking about switching USB power in order to reset a drive after too many password attempts, there are easier and better ways. If you're not talking about that, then I have no idea what you're talking about.

Hey, I feel bad. I do appreciate your spirit of exploration. It's just hard to be Magellan exploring a New York Subway.

----> While the 2.5" USB drives I have do have a 5V jack, NONE came with an external supply. ALL of them draw their power entirely from the USB port.

Sorry, my error of omission. Usually, the pre-2008 enclosures came with a wall wart, a USB power only cable that plugs into the 5V jack, or both. Sometimes they come with none but still have the 5V jack with no wall wart or USB power only cable to power it, but this is irresponsibility on the manufacturer's part that risks your motherboard.

Oriental "English-speek" from a USB enclosure installation instruction paper: "If drive power not attach included USB power cable to other port". If the drive fails to power up then additional 5V amperage is needed, and the cable taps some of the 500mA available on the free port it wants you to plug it into.

What it doesn't tell you is that if you plug it in without the extra USB power cable, you can fry your USB port or drive. Most drive/enclosure combinations wont fry your port, but with a 500mA hard drive, they run it slightly past its upper limits. Most decent design people would recognize this potential and at least include a fuse somewhere in the enclosure circuit, or design and extra 25mA or 50mA capacity past the 500mA spec per port into a motherboard USB controller, but sadly some don't.

It is safer to run an older unpowered drive enclosure off of a USB hub or a combo card reader / USB front panel connector (if it has a power cable running to it) to ensure the longest lifespan and least risk for your drive and your motherboard USB ports.

An external drive will not power up when you attach it to most external non-powered USB hubs, because only 100mA is available per port (Careful: Doing that can damage your drive or hub.) In Windows, you can see this in Device Manager in the USB controller info, it shows power available per port. Attach power to the hub and reconnect it to the computer and to the drive and the drive will power right up.

In the rare case of an unpowered hub that does power up the drive, the hub isn't following the current specs. If you take that hub and attach first the one drive, and then another, it will likely fry one or both drives and / or (most likely) the hub. It might also be likely to fry the computer motherboard, since the hub would try to pull slightly more than 1000mA from a 500mA motherboard port.

To answer your question, basically I meant sending the IOCTL or ACPI commands to suspend the drive, and then to reawaken it.

_________________
http://www.youtube.com/user/TerraformingMaster

-----> Hey, I feel bad. I do appreciate your spirit of exploration. It's just hard to be Magellan exploring a New York Subway.

No doubt. I know that all too well, but hadn't heard it expressed quite like that before... Great thought, that. That one is definitely going to be saved in my list of quotations, alongside those from Lincoln and Confucius.

I think harddrivespecialist needs to start limiting his methamphetamine use...

_________________
http://www.youtube.com/user/TerraformingMaster

http://www.vogon-investigation.com/pass ... lution.htm

:O) LMFAO

_________________
All went well until I plugged the drive in.