Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > NZ Computing > IBM travelstar password recovery.

Reply
Thread Tools

IBM travelstar password recovery.

 
 
Richard
Guest
Posts: n/a
 
      05-14-2007
Anyone local able to recover the password for one of these? Its an old
30 gig one.
 
Reply With Quote
 
 
 
 
Dave Taylor
Guest
Posts: n/a
 
      05-14-2007
Richard <(E-Mail Removed)> wrote in news:464830b7$(E-Mail Removed):

> Anyone local able to recover the password for one of these? Its an old
> 30 gig one.
>


HDD good luck, IIRC they were the first to be a real trouble to crack if
you were a hacker

Ther is some creative google that might get you some info, but from what I
recall it was all dead end.
I would just call Ontrack and pay for data, no data no pay. Do they offer
that? Does R-studio get you anything?
http://www.r-studio.com/


--
Ciao, Dave
 
Reply With Quote
 
 
 
 
Roger_Nickel
Guest
Posts: n/a
 
      05-15-2007
On Mon, 14 May 2007 21:44:57 +1200, Richard wrote:

> Anyone local able to recover the password for one of these? Its an old
> 30 gig one.


Think carefully before clearing CMOS memory. Some
IBM laptops store a hash of the disk password here
and have it linked to the power-up password. If you lose this
memory then the master copy of the disk password is stored on the
service area of the disk and is by all accounts impregnable,
although maybe it could be possible to access it via the JTAG
interface on the disk controller.

 
Reply With Quote
 
Richard
Guest
Posts: n/a
 
      05-16-2007
Roger_Nickel wrote:
> On Mon, 14 May 2007 21:44:57 +1200, Richard wrote:
>
>> Anyone local able to recover the password for one of these? Its an old
>> 30 gig one.

>
> Think carefully before clearing CMOS memory. Some
> IBM laptops store a hash of the disk password here
> and have it linked to the power-up password. If you lose this
> memory then the master copy of the disk password is stored on the
> service area of the disk and is by all accounts impregnable,
> although maybe it could be possible to access it via the JTAG
> interface on the disk controller.


The laptop is not an IBM, so its all ok from that perspective. Just
hoping that I can get the data off it for less then the $800 that one
place quoted me for it.
 
Reply With Quote
 
El Chippy
Guest
Posts: n/a
 
      05-16-2007
On Wed, 16 May 2007 11:25:09 +0200, Miguel wrote:

>
> By the sounds of it, isolating your hard drive from your machine and
> using a bit of free software seems to be a possible solution for you.
> Look at it as a learning experience
>
> And before anyone else says it, I'm not being a linux troll. Just giving
> a bit of encouragement. If I can do it, anyone can do it.
>
> Regards
> Miguel


I think the problem is a bit more complicated than you realise.. Richard is
trying to crack/bypass the password that allows access to the
(unencrypted?) data on the drive. ie. there is no access at all to what
is on the drive until he bypasses this security measure (which is built
into the drive firmware).
This would require at the very least a fair bit of low-level programming
knowledge, and possibly some embedded system debugging tools.

Hence why some people will charge US$295 to unlock it and save the data.

http://www.nortek.on.ca/Password%20R....aspx#HardDisk

Nortek charge US$295 to remove the lock and save the data, or just US$85 to
clear the lock and wipe the data. Even including shipping thats a lot
cheaper than NZ$800
 
Reply With Quote
 
Miguel
Guest
Posts: n/a
 
      05-16-2007

> The laptop is not an IBM, so its all ok from that perspective. Just
> hoping that I can get the data off it for less then the $800 that one
> place quoted me for it.


Can't help you at all with the password Richard. Sorry about that. But
cos you mentioned data recovery I had to throw my two cents in.

Don't spend $800. Do it yourself. (Where's your kiwi initiative)

Last week my sisters' (soon to be ex partner accidentally deleted a
huge amount of data from her computer. Years of accounts, photos, cv etc.
Not all of it was backed up. Her (soon to be ex) partner then had the
bright idea of reformatting the drive and reinstalling XP cos it might
find the deleted data. Not clever at all.

So she sent me the hard drive with a "see what you can do".

First off, the hard disk didn't survive NZ Post cos, when I received it,
it wouldn't spin up. I always thought it was an urban myth but a few
hours in the freezer fixed that.

Next I used dd to clone the newly installed XP partition to a 50GB
partition on my Xubuntu machine.

Then I installed Autopsy from the Ubuntu repository and I was away. It
was incredible how much data from the original installation was still
there. And incredibly easy to recover. Not just complete files, like the
point-and-click commercial recovery software finds, but partially
incomplete files, images, web pages....you name it, Autopsy found it and
displayed it.

I'm no computer genius but by using freely available software and a bit
of patience I recovered heaps of the deleted data from the formatted
partition. And now my sister thinks I'm a superhero.

By the sounds of it, isolating your hard drive from your machine and
using a bit of free software seems to be a possible solution for you.
Look at it as a learning experience

And before anyone else says it, I'm not being a linux troll. Just giving
a bit of encouragement. If I can do it, anyone can do it.

Regards
Miguel

 
Reply With Quote
 
Dave Taylor
Guest
Posts: n/a
 
      05-16-2007
El Chippy <(E-Mail Removed)> wrote in
news:464ad42e$(E-Mail Removed):

>
> I think the problem is a bit more complicated than you realise..
> Richard is trying to crack/bypass the password that allows access to
> the (unencrypted?) data on the drive. ie. there is no access at all
> to what is on the drive until he bypasses this security measure (which
> is built into the drive firmware).
> This would require at the very least a fair bit of low-level
> programming knowledge, and possibly some embedded system debugging
> tools.
>
> Hence why some people will charge US$295 to unlock it and save the
> data.
>
> http://www.nortek.on.ca/Password%20R...l.aspx#HardDis
> k
>
> Nortek charge US$295 to remove the lock and save the data, or just
> US$85 to clear the lock and wipe the data. Even including shipping
> thats a lot cheaper than NZ$800


So the bios HDD lock has been cracked. (for some drives)
A good to know fact for when you need it.

--
Ciao, Dave
 
Reply With Quote
 
Miguel
Guest
Posts: n/a
 
      05-16-2007
On Wed, 16 May 2007 21:51:42 +1300, El Chippy wrote:


> I think the problem is a bit more complicated than you realise.. Richard
> is trying to crack/bypass the password that allows access to the
> (unencrypted?) data on the drive. ie. there is no access at all to what
> is on the drive until he bypasses this security measure (which is built
> into the drive firmware).


Hi El Chippy...I guess I'm proof that good intentions are no substitute
for knowing what you're talking about.

I thought the situation was similar to a Toshiba Satellite 6000 laptop I
worked on a few months ago that also had a Travelstar in it. That laptop
needed a password to get going (Toshiba hardware locked by the mobo
apparently. Not a BIOS password but some sneaky Toshiba software/hardware
protection). I just circumvented the password by removing the hard disk
from the Toshiba, slaving it to my Xubuntu machine then running DBAN.
Threw it back in the Toshiba and re-installed Win98. Job done.

I assumed that, as I could DBAN a Travelstar, I could just as easily dd a
Travelstar. And once I've got an image from dd, as long as it's not
encrypted, I'm practically home and hosed (being the superhero that I am)

I've never come across a password-protected hard drive. I thought it
would have to interact with the mobo pre-password. If it's doing that
then it must be accesible somehow. Live and learn I guess. Would love to
have a play around with one.

Just googled a bit and found the ATA password tool which looks promising.

And there's always my Linux Forensics Boot Disk which has got heaps of
tools on it which I've been dying to try out

Regards
Miguel
 
Reply With Quote
 
~misfit~
Guest
Posts: n/a
 
      05-17-2007
Miguel wrote:
> On Wed, 16 May 2007 21:51:42 +1300, El Chippy wrote:
>
>
> > I think the problem is a bit more complicated than you realise..
> > Richard is trying to crack/bypass the password that allows access
> > to the (unencrypted?) data on the drive. ie. there is no access at
> > all to what is on the drive until he bypasses this security measure
> > (which is built into the drive firmware).

>
> Hi El Chippy...I guess I'm proof that good intentions are no
> substitute for knowing what you're talking about.
>
> I thought the situation was similar to a Toshiba Satellite 6000
> laptop I worked on a few months ago that also had a Travelstar in it.
> That laptop needed a password to get going (Toshiba hardware locked
> by the mobo apparently. Not a BIOS password but some sneaky Toshiba
> software/hardware protection). I just circumvented the password by
> removing the hard disk from the Toshiba, slaving it to my Xubuntu
> machine then running DBAN. Threw it back in the Toshiba and
> re-installed Win98. Job done.
>
> I assumed that, as I could DBAN a Travelstar, I could just as easily
> dd a Travelstar. And once I've got an image from dd, as long as it's
> not encrypted, I'm practically home and hosed (being the superhero
> that I am)
>
> I've never come across a password-protected hard drive. I thought it
> would have to interact with the mobo pre-password. If it's doing that
> then it must be accesible somehow. Live and learn I guess. Would love
> to have a play around with one.
>
> Just googled a bit and found the ATA password tool which looks
> promising.
>
> And there's always my Linux Forensics Boot Disk which has got heaps of
> tools on it which I've been dying to try out
>
> Regards
> Miguel


Hmm, wonder if SpinRite would be of any use?
--
Shaun.


 
Reply With Quote
 
Dave Taylor
Guest
Posts: n/a
 
      05-17-2007
Miguel <(E-Mail Removed)> wrote in news:f2fvuj$8tl$(E-Mail Removed):

> I assumed that, as I could DBAN a Travelstar, I could just as easily
> dd a Travelstar. And once I've got an image from dd, as long as it's
> not encrypted, I'm practically home and hosed (being the superhero
> that I am)


Those travelstars use the chips on the hdd controller to encrypt the data
going onto the platters after it has left the ide controller. (if you turn
that feature on)
They are supposed to be very secure. That means that pulling the drive out
and putting it into a USB cradle, or a 2.5 inch adapter is supposed to show
you a big bunch of random data, not a partition or anything to be found.
IIRC.

--
Ciao, Dave
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
IBM Certification Training Exam - IBM SelfExamEngine.com Mike MCSD 0 12-07-2009 10:38 AM
IBM Certification Training Exam - IBM SelfExamEngine.com Mike Microsoft Certification 0 12-07-2009 10:30 AM
IBM Certification Training Exam - IBM SelfExamEngine.com Mike MCSA 0 12-07-2009 10:19 AM
Sun rejects IBM buyout, IBM withdraws offer Qu0ll Java 42 04-13-2009 10:53 AM
Any IBM POSS Programmers? How do I make a IBM POS VFD Customer Display work? Robert Wells C++ 4 06-24-2008 10:48 PM



Advertisments