So, there you have it. While the hard disk controller is a beast without much data known about it, it's still perfectly well possible to reverse engineer it and to write custom code for it. The unknown-ness of the controller does make it harder to write generic hacks, which makes me doubtfull that a thing like the evil firmware patch will ever be seen in the wild: it's much easier to just get another zero-day software exploit than reverse engineer the firmware of every single hard disk every server you stumble upon has.

I also hope to have proven that a broken hard disk is something you can still use. While the mechanics of a broken HD probably are shot, the PCB still contains an usable embedded system, which actually is pretty powerful considering you can usually get broken hard disks for free.

Releasing the source-code for a security project always is a nasty subject. I want to release code, but I do not want to be responsible for a lot of permanently hacked servers... I decided to compromise: you can download the code I used here, but I removed the shadow-replacement code. Make note: I'm not going to support the process to get all this running in any way; it's a hack, you figure it out.

« Prev 8 

Last 10 comments Show all

xorxor wrote at 7 Jan 2015, 13.18:

one addition, this independent foftware for the third wheel.. core has been commercially available for many years already *f*in some places*, ehm and it has been known to mysteriously brick SSD drives; I guess it was due to the whole boot firmware incompatibility thing. what is even more amazing that I heard it happening inside of that big country that is exempt from it happening there...; so no guarantee as to who had it put it there. anyway, the tool to install it is in the catalog as published by der german mirror newspaper.

xorxor wrote at 7 Jan 2015, 13.12:

I've been thinking about the disk-only MP3 player ever since there were 400GB hard drives with the TI-430 or something like that... it is time we finally built a primitive audio/video player/recorder. imagine security or logging system with just a camera and a hard drive; no external SATA or operating system to worry about/maintain.

0xafad wrote at 5 Jan 2015, 9.06:

Does this mean it's a race to the first HD-only music player?

Disceater wrote at 4 Jan 2015, 22.45:

If you wrote a patch to do simple data compression/decompression on the fly, could a hdd store more than eg its rated 2TB?

Sigrunen wrote at 2 Jan 2015, 23.12:

LOVE your site, and your initiative. Stumbled across this while trying to research a way to change the TLER timeouts, now that WD Red drives no longer support RAID. ZFS and NAS systems are still workable, as they have a longer timeout threshold. Would love to see if this is the right approach for such a project.....Thanks

david wrote at 10 Dec 2014, 8.11:

Do you have the password for this site http://www.griol.com/ftp/?

HDD Firmware Guy wrote at 30 Nov 2014, 16.57:

This is why any embedded system should always have its JTAG port disabled and all firmware-update mechanisms requiring digitally signed firmware images. Your HDD vendor screwed up.

Jaztec wrote at 28 Nov 2014, 0.52:

This is one great article! Awesome man.

koala_man wrote at 27 Nov 2014, 22.49:

This is pure awesome.

indu wrote at 27 Nov 2014, 18.52:

thank you for your time! low level of literacy for this kind of stuff, but I love utilizing abandoned hardware for projects like this and learning a bit more each time. great to see someone with more knowledge use the technique to greater effect.

Leave a comment:

Your name:

What does this picture say?
Sorry, this is a captcha

Your comment:

© 2006-2014 Sprite_tm - Contact