HDD GURU FORUMS

Good evening-

I don't even know for certain if I'm asking this the correct way, but I'd like to know either the right search terms to use (because googling for the above title doesn't help) or a poke in the right direction for accomplishing the task.

I'd like to get a dump of all the HPA sectors that I can off of a Western Digital drive. I don't need to recover a password, (but i'm going to use that script too to see what I see). The drive in question is one of the Smartware ones that is currently locked with a known password, if that is relevant.

Thanks in advance for any direction anyone can provide. I'm still reading through many of the forums and will be doing so while on travel next week.

~J

purduephotog wrote:Good evening-

I don't even know for certain if I'm asking this the correct way, but I'd like to know either the right search terms to use (because googling for the above title doesn't help) or a poke in the right direction for accomplishing the task.

I'd like to get a dump of all the HPA sectors that I can off of a Western Digital drive. I don't need to recover a password, (but i'm going to use that script too to see what I see). The drive in question is one of the Smartware ones that is currently locked with a known password, if that is relevant.

Thanks in advance for any direction anyone can provide. I'm still reading through many of the forums and will be doing so while on travel next week.

~J

i don't think you can access SA on a smartware locked drive.
am also interested to know if it is possible, even with tools like pc3k.
may be some respected member will through light on this.

I must not be searching for the correct scripts- MHDD and scripts hasn't worked too well to help me dump the contents of the HPA areas on the disk.

Are you talking about a native USB drive rather than a SATA drive?

ISTM that purduephotog may be confusing the Host Protected Area with that area of the drive that is hidden from the user by the bridge firmware, ie the area which is occupied by the SmartWare VCD and key sector, etc.

I don't know what kind of access is possible when a SmartWare password is active, but I would start by trying to retrieve the drive's Identify Device information and SMART report with a tool such as HD Sentinel. HD Sentinel attempts to communicate with the drive behind the bridge.

AFAIK, it's not possible to access the HDD via USB with MHDD, but there is a new hddscripttool by maximus which can do this, at least in the case where there is no password. It makes use of ATA pass-through commands and can retrieve the SA contents. You might like to ask the author whether the tool can see the VCD area.

viewtopic.php?f=7&t=30601
http://www.hddoracle.com/viewtopic.php?f=22&t=1162

Thank you all.

I can watch a locked drive unlock with a simple iokernel32 write which sends apparently 32 bytes... Might be a key. Messing with said bytes prevents the drive from unlocking. Overwriting those bytes in memory with the right ones opens the drive.

Those bytes remain the same thru various iterations but I have not tried reformat to see if they shift.

I'll give it some reading tomorrow. This has been the most intellectual stimulation I've had on a long time.

I'm still pissed at myself for not knowing these WD dives can self lock for no reason with a bad USB cable. I just need to redeem myself and recover 20 years of data. (3 backups, all bad. 1 to virus 1 to self lock and 1 to sudden bad sectors... Sigh.)

Small format phones make reading fun.

Yes, I did confuse the HPA and Modules. Trying to cram as much learning in as possible from the Infosec briefing and confused the two.

Off to google to find a pre-written script (or show me how to loop) LMGTFY: mhdd script module western digital