How to flash a wd hard drive with a new firmware. We expand the standard capabilities of the hard drive. We expand the standard features of the hard drive - "Hacker"

What is a hard drive?

Most PC users have probably heard the concept of “hard drive” (aka hard drive, hard drive or disk drive). Sometimes, together with this concept, there is the phrase “hard disk firmware”. Let's take a closer look at what it is.

This device (hard disk) is intended for long-term storage of information and has an outstanding amount of memory. That is, absolutely all the files and data that you enter into your computer are automatically written to the hard drive.

The principle of operation of a hard drive is similar to that of a vinyl player. But, unlike the player, the reading head does not touch the disk with information, but receives data, being at a distance of several nanometers from the carrier. Yes, and outwardly, the hard drive is similar to a conventional CD-disk or plate, representing round plates coated with a layer of ferromagnetic material.

A hard drive is a device for accumulating and storing information used in computers and laptops. Outwardly, it looks like several CDs located on top of each other that rotate on the same axis.

HDD Main Specifications

Sometimes choosing a hard drive is a problem for professionals, let alone the average user.

There are several basic characteristics that will help form a general idea about the parameters of hard drives.

First characteristic - the size. Most often it is 2.5 and 3.5 inches wide. At the same time, more information can be recorded on a 3.5-inch hard drive. Mostly stationary computers are equipped with them, and smaller hard drives are installed on laptops - they are lighter and consume less energy.

Second- the thickness of the hard drive. This figure varies from 7 to 12.5 mm.

Naturally, the thicker the hard drive, the more information it can hold. At the same time, the standard thickness of a hard drive in a laptop is 9.5 mm.

Third factor - rotational speed. Everything is simple here: the higher the rotation speed, the higher the performance of the computer.

Powerful models have a disk rotation speed of 7200 rpm, but they are noisy. They are used on devices with a good cooling system.

Slower disc models spin at 5200 - 5900 rpm. Their advantage is silence during operation and a low degree of heating.

Amount of hard disk memory is the fourth characteristic that should be addressed Special attention when choosing a product. AT standard laptop a 2.5-inch hard drive with a thickness of 9.5 mm has a memory of 1 terabyte. For most tasks, this is enough. Concerning desktop computers, up to 3.5 inches wide and 12.5 mm thick drives can store up to 4 TB of information.

When choosing a hard drive, you should pay attention to the power ratio of the device and the degree of noise it produces.

Causes of hard drive failure

Even the highest quality and most expensive hard drive can fail. Consider the reasons that can shorten the life of hard drives.

1. Overheat. The most common and banal reason. Sooner or later, a laptop or computer accumulates dust in itself, air access to the hard drive decreases, the temperature inside the device rises ... The result is a laptop for repair. For the same reason, you should not place computers near heating appliances or hot and humid rooms.
2. Poor quality power supply. Sudden power surges adversely affect the operation of the hard drive, as they can damage the surface of the hard drive and are one of the main reasons for its premature failure. At the same time, the computer's power supply does not always prevent such situations. The only way out of this situation is to purchase an uninterruptible power supply.
3. Mechanical damage. If a computer, as a smart and intelligent machine, is able to cope with the problem of overheating or power surges and prevent a breakdown, then it cannot protect itself from shocks and careless operation of the user.
4. Incorrect work with the hard drive. The problem of data loss can occur if the user restarts the computer at a time when the hard drive has not yet completed the partitioning of space. Of course, modern programs allow you to recover data, but the process is very long, laborious and, moreover, financially costly.
5. Marriage in production. From this, unfortunately, no one is safe, and defective products come across, even despite the complex system of product control by the manufacturer. So, if when buying a laptop or computer you are confused by extraneous noises, clicks and crackles, contact the warranty department.

To extend the life of the hard drive, and therefore save all your data, take care of the correct operation of the device. If there are voltage problems, connect an uninterruptible power supply, and use special bags for laptops during transportation in order to protect the machine from shock and damage.

Step-by-step guide when flashing a hard drive

If your computer began to slow down, hang, extraneous noise appeared, or the computer began to get very hot - do not panic. If reinstalling the operating system did not bring positive results, the reason is most likely in the hard drive. It needs an appropriate flashing. There are many programs on the web that can handle this. To search for them, in the search window of the browser, enter the phrase "hard drive firmware", and click the "Search" button.

There is absolutely no difficulty in installing the programs themselves - they are completely automatic. Therefore, even a novice user can cope with them.

However, some points should be taken into account.

Step 1. Find the serial number of your hard drive and use the serial number checker located on the main page of the website. To do this, enter the number in the dialog box that opens and start the check.

Step 2 Wait for the verification to complete. The phrase Drive is not affected means that your hard drive is in order and does not need to be flashed; if not, then perform step 3.

Step 3 Save all your data from the device with which you intend to work on an independent medium. It could be an external hard drive.

Step 4. Create an image of the program for flashing on external media such as a "flash drive" and boot through it. The program will offer to flash the hard drive in A / B / C options. Select the letter that matches your device.

Step 5 Once in the main menu of the program, select the number of your hard drive. We wait. The firmware process has started.

Before flashing, you should disconnect all connected drives, in order to avoid failures or interference during flashing.

Step 6. While the disk is being flashed, the computer cannot be restarted or disconnected from the network. The signal for the end of work will be an independent restart of the computer, or the inscription “Press any key” will appear.

Step 7. Finish working with the utility and enjoy the work of the updated hard drive.

By the way, disk firmware requires at least basic knowledge about the design and operation of computers, so if you are not confident in your abilities, contact professionals for help. After all, the loss of data or the replacement of the hard drive is not included in your plans. And the incorrect operation of the device may not be related to the hard drive, but to have other reasons.

Problems that may arise after self-flashing the hard drive

Let's say you made the HDD firmware yourself. Let's consider what problems may arise:

• the drive does not boot or is not recognized;
• the BIOS displays the wrong media model;
• hard drive capacity is displayed incorrectly.

In such cases, you should immediately contact a specialist. Such errors are eliminated, but an experienced professional should do this. With the help of special software, it can not only bypass damaged areas of the hard drive, but also recover lost information.

Details on how to flash a Seagate HDD without the help of a service center

Today's topic in our virtual school is purely technical question. Let's figure out how to flash a Seagate HDD. For beginners in these matters, we note that we are talking about reinstalling the firmware for Seagate hard drives, the so-called firmware.

What is "firmware"?

In many technical and service centers quite often it is said and written about the possibility of a new firmware or flashing devices. In most cases, this applies to personal embedded devices with built-in operating system, in other words - about mobile phones, smartphones and tablets. But how to flash a Seagate HDD for free, techies are in no hurry to report.

To explain what firmware is to beginners, let's turn to history. The prototype of computer architecture appeared 100 years earlier than we think. This happened between 1820 and 1840, during the period when the first logarithmic and trigonometric tables were compiled by interpolation or the so-called "finite differences". Despite the fact that earlier the first automatic calculations were made by primitive machines of Leibniz, Pascal, Schickard, Charles Babbage's machine can be considered a full-fledged mechanical device for automatic calculation.

In the 1930s, Babbage's architecture interested the American scientist Howard Aiken, who, together with IBM, created one of the first electromechanical computers, the Harvard Mark 1. This machine became the prototype of modern computing devices, as well as the basis for the so-called high-performance Harvard architecture. In the 1940s, due to the high complexity and high cost, a slightly modified and more economical von Neumann architecture was adopted as the mainstream.

During this period, computers and peripherals from different companies were absolutely incompatible. The programs were also characterized by incompatibility. In other words, until the 1960s, all programs, components and devices were not cross-platform. The situation changed radically with the development of the IBM System/360 architecture in 1964. The “360” marking denoted the full compatibility of the new computer, both software and hardware. This was solved by introducing the concept of "interface", which, in turn, could be either software or hardware. Hardware interfaces include well-known PCI buses or more modern PCI Express. Standards were used as the hardware interface for the hard drive: early IDE or ATA, then SATA, SATA I, SATA II and SATA III, and so on, up to Firmware, USB and Thunderbolt. For software compatibility, a special micro application was used, which can be designed for different hard drive connection interfaces and functional features. It is this firmware that is called "firmware" and refers to the Hardware level software. And if you want your disk to work as quickly and correctly as possible, you should constantly update the low-level software provided by the manufacturer. Firmware is usually available for free. You can find updates and new versions of firmware on Seagate drives using the Download Finder application.

Drivers, "firmware": impact on performance Let's figure out what is the difference between a firmware and a driver. The driver is a kernel module, that is, it provides the functionality of the device. “Firmware” is a broader concept that includes the kernel, kernel modules (driver), the daemon process with which the program runs on the computer in the background, as well as initialization scripts.

The microprogram is improved over time, shortcomings are eliminated, more modern technological solutions are being introduced. During life cycle Several firmware versions are released, the installation of which guarantees an improvement in the performance and reliability of the hard drive. If a company releases a new firmware, then it will certainly contain improvements and new more modern functionality. Unsupported drives have a final firmware version that is no longer being improved.

Firmware: follow the instructions

We proceed directly to the question of how to flash a Seagate HDD. To do this, go to the website with updates http://knowledge.seagate.com/ and search for your disk. To find out which firmware is suitable for your HDD. You can use the Drive Detect software to get information about the installed drive.

The update page will list the models and firmware versions. FROM right side The table in the column "Firmware files for download" contains links to installation files and firmware installation documentation. As an example, here is the update page for the Barracuda (1TB/disk platform): http://knowledge.seagate.com/articles/en/FAQ/223651en .

Please note that you must follow the instructions meticulously, errors can lead to data corruption, as well as failure of the hard drive. The Seagate warranty does not cover your files, only the product for the duration of the warranty. For more accurate information, you should refer to the warranty documentation received at the time of purchase. We also recommend that you make a backup using the free DiscWizard Seagate software before updating the firmware, or simply save the files to a separate hard drive. We also note that the purchased Seagate HDDs have a limited right to update the firmware, detailed information about this can be found at the link on the instructions page.

How to update Seagate hard drive firmware step by step:

1. After starting the initialization program, you will need to select the installation language: in our case, Russian.
2. The welcome screen will display the supported products and the firmware version to be installed.
3. At the next stage, the program warns about the risk of data loss and offers backup options.
4. In the fourth step, the user must agree to the license agreement.
5. At the fifth step, the initialization file gives important warnings, for example: — the program is not designed for updating RAID systems; - during the installation, you must not turn off the computer (should be excluded emergency shutdown).
6. And also: - interrupt the program if you have not saved important data; - save everything open files; - close all applications; - disconnect all external storages. The program also informs you that you must not turn off the computer and interfere with the firmware installation process. To continue, you need to check the box next to "Start the process of updating the firmware."
7. If you click "Continue", Windows system The OS will reboot, after which you will see the message "Seagate Loading" on the screen. This procedure cannot be interrupted.
8. In Dos format on the command line, the application will display information about the currently running process. In the eighth step, SeaTools Express will scan all drives and display the model number, serial number, and installed firmware version for each HDD.
9. In the next step, the update utility will download the new firmware and install it automatically. The download and installation process takes a few minutes. When finished, the program will reboot the system. If for some reason this did not happen, this must be done manually. Also pay attention. If the utility determines that the update cannot be installed on any of the available drives, it will terminate the program and reboot into Windows. This will give one of the listed error messages, when installed in English it may look like this: - "Firmware already updated" - the program has already been updated; - "Model matched, no firmware matched" - the model matches, but the firmware version is incompatible; - "No model matched" - the model does not match. As you can see, during a normal boot, the program should correctly check the disk and firmware information and return to the system without damaging the data. In some cases, there may be unforeseen situations in which the health of the disk and / or the preservation of personal files cannot be guaranteed. That is why a backup is recommended.

Conclusion

http://knowledge.seagate.com/articles/en/FAQ/223651en; — Barracuda 7200.12: http://knowledge.seagate.com/articles/ru/FAQ/223651ru; — Barracuda LP: http://knowledge.seagate.com/articles/ru/FAQ/213915ru; — Barracuda Green: http://knowledge.seagate.com/articles/ru/FAQ/218171ru; - Barracuda 7200.11: http://knowledge.seagate.com/articles/ru/FAQ/207951ru; - Barracuda ES.2 (SATA): http://knowledge.seagate.com/articles/ru/FAQ/207963ru; — DiamondMax 22: http://knowledge.seagate.com/articles/en/FAQ/207969en .

As a recommendation. If a problem occurs with the system, you should first fix it using the standard procedure. It is also recommended to check the file system for errors and clean the disks from viruses. Installing the firmware after all the procedures will be as fast as possible. It follows from this that system problems are not always related to the hard drive and the correct operation of the firmware. Before running the update application, there are a number of standard administration steps to take on your system.

Today we will look at:

Not many people know this, however, ordinary 2.5 ”hard drives can be converted to work with the Xbox 360 console. Of course, this process has a lot of nuances and requires special care from the person who decided to do this. However, we assure you that by adopting this material, you will be able to flash your hard drive to work with the Xbox 360 with a 100% chance. Let's get started!

Before we start

First of all, you need to choose the right hard drive, since not all HDDs are suitable for working with the Xbox 360.

First, it must be one of these WD-branded media:

We do not recommend doing this trick with hard drives from other manufacturers, as you can simply ruin the HDD.

Secondly, use a hard disk with up to 320 GB of memory. This figure is a limitation of the console firmware. Of course, you can use a large drive, but flash it for 320 GB. That's just it will not be financially feasible: why buy more if you use less?

Thirdly, as additional tools you will need: archived firmware, a computer with SATA connectors and a flash drive.

Step 1. Preparatory stage

Actually, at the end you should get the following set of files on a flash drive:

Step 2. Getting Started with Hard Drive Firmware

Step 3. Working with Xbox 360

Actually, the hard disk firmware has been completed and, if the above steps are carried out correctly, you can safely use this HDD on your “box”.

Ready. The hard drive firmware is done and the console is working. We have done our job and now we can use the brand new HDD in the Xbox360.

Winchesters Seagate series Barracuda ES.2 were very popular in 2008-2009. Unfortunately, all these hard drives cannot boast of high reliability. The reason is the low quality of drives, due to poor assembly and cheap materials (the manufacturer saved on everything during the global crisis). Failure is unpredictable because the cause of the failure is usually a firmware error (Firmware).

The symptoms of defective hard drives can be very different, usually the computer may suddenly start to “slow down”, freeze, and after a reboot the hard drive is no longer detected by the system, sometimes the drive very quickly begins to be covered with bad sectors and S.M.A.R.T. hard disk marks them as Reallocated (moved) sectors. The last situation is shown in the screenshot after this paragraph. This is a consequence of the self-destruction of the hard drive microcode. The fact that the hard drive is blocked at the same time is only a consequence. But it is better to have a locked disk with serviceable heads, from which it is still possible to recover information, than an unlocked one, but with burns, and not recoverable for any money. Firmware will only cause more trouble if the drive fails again.

So what do we have today? Firmwares that are affected by this problem: SN04, SN05 and earlier. Hard drives SEAGATE made in Thailand or China. NS series hard drives: ST31000340NS, ST3750330NS, ST3500320NS, ST3250310NS. Symptoms: not detected in Bios or instantly appearing thousands of Realloceted Sectors (reassigned sectors).

If, when turned on, the screw emits a low "suffocation sound" or rhythmically "twitches", then further instructions will not help you. This malfunction is nothing more than a jammed spindle motor shaft. Occurs spontaneously or after the fall of the HDD (a very small blow is enough). Blame for this poorly designed hydraulic bearing and low-quality cheap materials.

First we need to get an RS232-to-TTL adapter. You can assemble an adapter based on the MAX232 chip as shown in the diagram:

Scheme note:If it is possible to connect to a stabilized voltage of + 5V, then the circuit can be simplified by throwing out the 7805 stabilizer with two binding capacitors.

Alternate RS232-to-TTL Adapter Schematic:

After that, I would also do (erase) the entire hard drive through Victoria, SeaTools or MHDD. Then I would do Scan + Remap (check with Remap enabled) for reliability.

A hard drive, also known as a hard drive, is not such a simple device as it might seem at first glance. Over the entire history of its existence, since 1956, drives have undergone a huge number of changes. Now it is not just a plate and reading heads, but a whole system with its own logic and software, and therefore, with its features and secrets. In this article, we will try to figure out what a modern hard drive is, and also try to expand its standard capabilities for our hacker purposes.

WARNING

All information is provided for informational purposes only. Neither the editor nor the author is responsible for any possible harm caused by the materials of this article.

HDD Electronics

The design of the hard drive is known to everyone to some extent. In fact, these are several plates that rotate at a speed of 15,000 rpm, a positioning device and a control electronics unit. Add to this the S.M.A.R.T. and other intellectual attributes. In short, you can’t figure it out without half a liter, especially since the technology of individual elements is a trade secret.

More than a dozen articles can be devoted to high positioning accuracy, recording density and other subtleties of modern HDDs, but we, without delving into the mechanics of the disk and the physics of processes, will consider the most interesting part for us - electronics.

INFO

In older models of hard drives, part of the functions of the control electronics was taken over by the MFM or RLL computer controller. But over time due to high speed data transmission, it was necessary to shorten the data transmission path, and the developers abandoned this idea.

A patient

So, we have a board of a typical Western Digital WD5000AAKX hard drive with a capacity of 500 GB (Fig. 1). What we have:

1. DRAM chip. Interest as such is not, the manual can be easily found on the web. The memory of these chips ranges from 8 to 64 MB and corresponds to the size of the hard disk cache.
2. Spindle motor controller. Responsible for the management of mechanics, regulates power and has some analog / digital channels. There are no manuals for the Smooth L7251 3.1 chip, but you can try to look for similar microcircuits.
3. Flash memory. Some hard drives do not have a microcircuit, but flash memory is built into the disk controller chip. Usually has a size ranging from 64 to 256 KB. Used to store the program from which the hard disk controller boots.
4. And the most curious thing for us is the hard disk controller. They are manufactured by Marvell, ST, LSI and others. Some hard drive companies make their own controllers, such as Samsung and Western Digital.

The hard disk controller is designed to manage the conversion and data exchange operations from the read / write heads to the drive interface. Unfortunately, Marvell does not want to publish documentation for its products in the public domain. Well, let's try to figure it out ourselves.

Dig deeper

Our foreign colleague Jeroen "Sprite_tm" Domburg found an interesting way out of this situation - he used the JTAG (Joint Test Action Group) interface to study the controller. This interface is designed for PCB testing and debugging. That is, using JTAG, we can safely connect to a device of interest to us that supports the IEEE 1149 standard. A test port (TAP - Test Access Port) is integrated into the chip, consisting of four or five pins: TDI, TDO, TMS, TCK and, possibly, TRST. The location of these conclusions for the Marvell controller was found by a certain dex, kindly sharing the results on the HDDGURU forum.

Jeroen found out that Western Digital's controllers have an ARM core available through a JTAG port. As well as a serial port, which is not normally used, but may be useful for our purposes.

To study the hard disk controller, we used the FT2232H board, which can be ordered online for 30 euros. It supports JTAG, serial communication, and SPI. To work with it, the OpenOCD program was used.

As a result, it turned out that the microcircuit has as many as three cores. Two Feroceons which are pretty strong ARM9-like cores and a Cortex-M3 which is a bit weaker. All cores have different purposes:

• Feroceon 1 handles physical read/write to the hard drive;
• Feroceon 2 - handles SATA interface, cache and converts LBA to CHS;
• Cortex-M3 - purpose unknown. You can just stop it, but the hard drive will continue to work.

Welcome or No Trespassing

Since we set ourselves the goal of using the hard drive for our insidious purposes, it's time to think about upgrading its firmware. The simplest and probably the hardest to detect way is to change the data on the fly. To do this, you need to find a suitable core - a core that has access to the data traveling between the drive and the SATA cable.

To access the kernel, you can use the DMA (Direct Memory Access) mode. This is such a mode when data is exchanged directly from the read head to memory, without the active participation of the processor. The same applies to the SATA port: the processor only needs to be told where the data is, and the DMA logic will take care of reading the information directly from memory.

The source of information in this case will be the cache memory of the hard drive due to its good location: the data read from the disk will be in the cache, so that they can be copied from there immediately.

The method is rather complicated - it is inconvenient to connect via JTAG every time and poke around in the cache while the hard drive is running. Instead, to save access without connecting an additional board, you can reflash the flash memory chip by unsoldering it and connecting it to the programmer.

However, it would be difficult to modernize the code due to an unknown compression algorithm, instead, you can simply change the execution address and add a special block that will be read before the rest. This makes things a little easier.

As a result of his research, Jeroen created the fwtool tool, which can reset various blocks in flash and translate the code into a text file. Then you can change, delete or add a block and reassemble everything in one firmware file, which can then be safely loaded into a flash.

We change the firmware

Such manipulations with a hard drive require considerable effort, and it is unlikely that anyone will voluntarily give up their drive for hacking. Therefore, it would be nice to find a way to flash the hard drive without any extraneous devices or removing the chip.

Western Digital has special hard drive software utilities - these are DOS-based tools that can download new firmware for the controller, flash memory chip, or service partition. Tools use the so-called Vendor Specific Commands (VSC), however, more on that later.

There is also a set of tools called idle3-tools that can be used to modify hard drive firmware. It also uses VSC using Linux SCSI PassThrough IOCTLs. Jeroen took this code, modified it and integrated it into fwtool. After this modification, fwtool learned to read and write to the flash memory chip.

Now, if a hacker somehow manages to use fwtool on a remote machine, he will be able to reset the drive's flash memory, change it, and "sew" it back. True, eventually the owner will find out about the hack and probably reinstall the system, but the attacker can inject something that will manifest itself after the reinstallation. For example, wait for the machine to read from the /etc/shadow/ file, where all passwords are stored on UNIX/Linux systems, and change the contents. After that, you can simply log in with your password.

By the way, the described technique can serve not only for clandestine experiments, but also for protection purposes. For example, you can create a non-cloneable hard drive that will work fine if the sector access pattern, as usual, turns out to be random. If the hard drive is accessed only sequentially, then the data will be corrupted, which will make the clone different from the original.

INFO

Terminal mode hard drive

When working in terminal mode, the user can interact with the hard drive through diagnostic commands. This method is used to diagnose and repair Seagate and Toshiba drives; Western Digital does not have this option due to the complexity of the connection. The terminal mode actually provides full root - control of the mechanics and logic of the device. It can also be used to update or reload the hard drive firmware. A list of commands for most drives can be found on the Internet. And on the hard disk board there is a special connector for connecting via a serial port.

To access the terminal mode, you will need an adapter device that is needed to convert RS-232 signal levels to TTL levels (such adapters are commercially available, but you can assemble it yourself - all the necessary circuits are freely available, and you can take some models as a basis Arduino). We will take a ready-made FTDI chip that converts USB to a serial interface for the Atmega microcontroller. You need to connect GND and RESET, and use the RX and TX pins to connect.

To work with the COM port, use any program you like - for example, PuTTY or Hiperterminal. Select the connection type, enter the COM port number and other settings:

Speed: 9600 Data Bits: 8 Stop Bits: 1 Parity: None Flow Control: None

To check the operation of the circuit, you need to close RX and TX together. As a result, all typed characters will be displayed in double quantity. This is due to the fact that the entered data will be transmitted on the TX line, and then they will be returned on the RX line. This is done as follows: by disconnecting the SATA cable, we connect the output of the TX disk to the input of the RX adapter, and vice versa - the RX adapter from the TX disk. We connect the power. After pressing the keys , we get the T> prompt (or F> for faulty HDDs) and enter commands. For a list of commands, type /C followed by Q.

because of a large number commands Seagate engineers divided their structure into levels. Commands such as read, write, search, error log are available on several various levels. To switch the hard drive to work at a different level, you need to use the /x command.

Level T - certification tests. Level 1 - memory management commands. Level 2 - commands for tuning the mechanics of the drive. Level 3 - search commands. Level 4 - Servo motor tracking commands. Level 5 - used only in the factory. Level 6 - adaptive control commands. Level 8 - special recording setup commands. Level 9 - commands of the defect control system mode.

In addition to these nine levels, there are two more additional set commands: network and general. The main purpose of network commands is to display a change in the current state of the system. General instructions are used to access registers, buffer memory, and data.

In general, the terminal mode provides many interesting features. For example, a low-level format command can not only wipe the data clean without the possibility of recovery, also, if someone turns off the power during formatting, the hard drive will be able to “format” itself the first time it is turned on. In general, this is a topic worthy of a separate article. We are moving on.

Writing information to HDD service partitions

Any hard drive has service partitions. They are designed to store hard drive utilities such as S.M.A.R.T., early error detection modules, self-diagnostic modules, and so on. Fortunately, all this data does not completely occupy the allocated space, which means that when right approach we can use this bonus space. Service partitions should not be confused with DCO or HPA, which can be easily discovered and accessed via standard ATA commands.

Unlike other methods of hiding information, writing to the service section leaves no traces and is invisible to special search programs used by law enforcement agencies. In a word, this place is ideal for storing text files with addresses, passwords, attendances and other things.

Standard ATA commands are not suitable for accessing information from service partitions; instead, special VSC (Vendor Specific Commands) commands are used for writing and reading. As a rule, manufacturers keep these commands secret, but sometimes they release utilities for working with service partitions - for example, the wdidle3.exe program from Western Digital and its open-source analogue idle3-tools. Another example for WD is the HDDHackr program, which changes entries in HD system partitions.

WARNING

The data in the service partitions is very important for the correct operation of the hard drive. Damage to the recorded information leads to loss of disk performance. Restoring it will not be so easy - to overwrite data in the service partitions, you will need specialized programs (for example, Ace Laboratory PC3000).

The size of the service partition depends on the hard drive model. For example, in a WD2500KS-00MJB0 disk of the Hawk family with a capacity of 250 GB (firmware 02AEC), two copies of files, about 6 MB each, are written to the service partition. The zone size on each surface is about 23 Mb (64 tracks, 720 sectors each). Since this disk has six surfaces (heads 0 to 5), the service partition modules are located in the slot associated with heads 0 and 1, while the slot assigned to heads 2 through 5 is reserved but not used. Thus, the reserved partition takes up about 141 MB, of which 12 MB is in use.

In comparison, the WD10EACS-00ZJB0 model, with a capacity of terabytes and eight surfaces, has a reserved space of 450 MB, of which 52 MB is occupied. Ariel Berkman from Recover Information Technologies LTD wrote an article about working with HDD service departments, and also posted a PoC code for writing 94 MB of information to the service department of a Western Digital 250GB Hawk disk. This is done as follows:

• Find out your SATA IO address using lspci -v .
• To compile, use the command gcc -Wall -O -g -o SA-cover-poc SA-cover-poc.c .
• We create a random file (94 MB in size) and calculate its MD5 hash.
• We write the file to the service section.
• We clean the hard drive using the dd-ing /dev/zero command, which should be distributed to the entire hard drive (or to a separate part, after blocking access to the rest). It is enough to run this code once to destroy the data irretrievably.
• We read the contents of the service section, calculate its hash and verify the data integrity. [email protected]:~/SA# dd if=/dev/urandom count=184320 > random-file ; md5sum random-file [email protected]:~/SA# ./SA-cover-poc -p 0x0170 -w ./random-file [email protected]:~# dd if=/dev/zero of=/dev/sdb bs=1M [email protected]:~/SA# ./SA-cover-poc -p 0x0170 -r after-dding-dev-zero [email protected]:~/SA# md5sum after-dding-dev-zero

HDD recovery software

With low-level experiments, it is possible to encounter such a nuisance as a hard drive failure. You should not immediately resort to draconian measures and format the disk, you can try to restore its performance using some programs.

1. TestDisk is the simplest and most effective HDD recovery software. Designed for searching and reconstructing lost partitions, boot sector, deleted files; fixes the partition table. Works with a large number of file systems. Works in console mode, which achieves high speed.
2. Acronis Disk Director is a whole software package that includes a considerable number of tools for working with HDD. Contains the Acronis Recovery Expert utility, which is used to restore files and partitions. Unlike the previous program, it has a graphical interface, but works with fewer file systems.
3. Paragon Partition Manager is a free program from domestic developers that can do almost everything the same as Acronis, but it's terribly slow.

Conclusion

However, it is time to turn around. In this article, I tried to show the unexplored corners and possibilities of the hard drive. Without delving into the code, we looked at a way to drain information from the drive. Even if this curtain is slightly lifted, a huge field for imagination opens up. You can, for example, reflash the controller to hide a particularly important section from prying eyes. Or corrupt data when trying to clone a hard drive, thus protecting yourself from forensic utilities. In a word, there are many options, so how to use the hard drive is up to you.