Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
HDD Firmware Hacking(icode4.coffee)
128 points by jsploit 9 hours ago | 11 comments
Modified3019 6 hours ago | parent | next [-]

Related, someone decompiled Samsung’s 840 EVO ssd firmware, before Samsung later started encrypting it: http://www2.futureware.at/~philipp/ssd/TheMissingManual.pdf

Came across it looking how to deal with multiple different samsung drives caught in bad states due to shitty firmware. My original salty post warning about vendor branded Samsung drives on eBay is here: https://news.ycombinator.com/item?id=37165189

alecco 3 hours ago | parent [-]

This deserves its own blog post and HN submission. Since SSDs have been 2x to 4x prices people are now more likely to buy used and could get burned.

BTW thank you for raising this.

morpheuskafka 7 hours ago | parent | prev | next [-]

This article might be handy for someone interviewing at that firm (Red Balloon) that sends you a "weird" hard drive as the interview CTF? I still have it sitting around but it arrived around finals season so I never really looked at it, but since they bothered to send a whole drive and SATA-USB adapter, it obviously must have something to do with the drive itself.

If someone had a ton of money, it would be funny to just send the thing to a data recovery lab, have them swap the platters onto an unmodified model and get a raw image of the data to work with. (Or maybe the key is hidden inside the drive firmware chip itself?)

jareklupinski 4 hours ago | parent | next [-]

i still have mine too! managed to talk to the microcontroller and dump its firmware, but didn't know enough about how to make it arbitrarily run code without worrying about ruining it all

red_balloon 6 hours ago | parent | prev [-]

Appreciate the (unaffiliated) shout out! No comment on the drive recovery idea...

The fundamentals in the article are all relevant to the hard drive challenge, though the actual multi-step solution to our CTF is rather different.

If hacking hard drives sounds intriguing to you, we're hiring reverse engineers and security researchers! See our whoishiring posts and careers page for details:

- https://news.ycombinator.com/item?id=47977643

- https://redballoonsecurity.com/careers/

Be sure to mention Hacker News if you apply.

dmitrygr an hour ago | parent | next [-]

May I have the challenge drive just for the challenge (not interested in switching jobs)?

busterarm 6 hours ago | parent | prev [-]

I'm glad you all are still doing this challenge. Ang handed one to me at Defcon 6 or 7 years ago and it's one of the most interesting challenges I've ever attempted.

Didn't finish it but learned a ton.

For anyone reading, Red Balloon is a great place with great people and I highly recommend anyone remotely interested give them a look.

HDBaseT 43 minutes ago | parent [-]

The Red Balloon website looks AI generated.

boricj 6 hours ago | parent | prev | next [-]

There's also another very good series of articles about hacking the firmware of a HDD, with modifications of /etc/shadow hashed passwords: https://spritesmods.com/?art=hddhack

throw0101c 6 hours ago | parent | prev | next [-]

Congrats OP, you can work for the NSA:

* https://www.cbc.ca/news/science/nsa-hid-spying-software-in-h...

* https://www.wired.com/2015/02/nsa-firmware-hacking/

:)

monocasa 3 hours ago | parent | prev [-]

Since this is xb360, this is SATA rather than IDE, but in a similar vein I am really looking forward to my PicoIDE to play with adversarial hdd controllers in real systems.