4

I forgot my WD Passport Ultra disk's hardware encryption password and I am having a Delphi software being programmed for finding this password using brute force method. Original WD Security software will be used for password entries, but WD Security software locks itself at every 5 wrong password entries. Then the drive needs to be physically ejected and plugged in to reset this counter.

Therefore the software being programmed must emulate safely removing and plugging in of an external USB hard disk drive on Windows on software level, as this is necessary for resetting the wrong password counter of WD Security software.

Disabling/enabling the drive using "devcon" does not reset the counter.

Finding out the storage location of this counter information would be very helpful. When the counter is at 4, safely removing the drive and plugging in to another computer resets the counter. This made me guess that the counter is stored on the USB drive and it is reset by drive's firmware during plugging in process.

Any ideas will be greatly appreciated.

Luke
  • 965
  • 8
  • 21
  • purchase some USB-over-TCP/IP program ? Most cheap I think is http://www.usb-redirector.com – Arioch 'The Aug 18 '16 at 15:01
  • if you would re-plug the drive (physically) to another USB slot of the same computer (or maybe an usb slot of another USB Controller in the same computer) would it reset counter? – Arioch 'The Aug 18 '16 at 15:03
  • 2
    Ejecting is covered in [this question](http://stackoverflow.com/q/434688/62576). I haven't looked to see what it would take to then reattach, but perhaps it will get you started in the right direction. – Ken White Aug 18 '16 at 15:09
  • 1
    It may be power down and back up that resets the password try count. Anyway the device is designed to make such a brute force approach as difficult as possible - otherwise it would be easy for anyone to hack your data! – Dsm Aug 18 '16 at 15:10
  • @Dsm I also thought it is about power, but the topicstarter says "and plugging in *to another computer* resets the counter", so I am not so sure now. – Arioch 'The Aug 18 '16 at 16:02
  • I think that you need to try a few things, but if it really needs to be another computer then in may store the counter somewhere hidden on the computer - maybe in the registry (possibly in several places) in which case you could really struggle. – Dsm Aug 18 '16 at 16:29
  • @Arioch'The How USB-over-TCP/IP program will help? Can you please explain? – Luke Aug 18 '16 at 17:14
  • 1
    it has a command line utility that can "attach" and "detach" the harddrive from remote computer to your computer. Granted, there would be no power blackout for the hdd, but there would be unplug/plug events for your computer – Arioch 'The Aug 18 '16 at 19:17
  • What if u send WM_DEVICECHANGE from ur app to WD app process? You have to send 2 messages, DBT_DEVICEARRIVAL and DBT_DEVICEREMOVECOMPLETE – Michael Gendelev Aug 19 '16 at 10:31

1 Answers1

1

This page http://www.uwe-sieber.de/drivetools.html contains the best collection of tools related to USB drive handling I know. It provides commandline tools which you could execute from your program. Unfortunately this page is german, so I give you a hint to the most relevant tools:

  1. RemoveDrive: ejects a drive with the given letter or name
  2. DriveCleanup: cleans the usb device tree in the registry. By doing this Windows forgets about this device and installs the drivers again. This also assigns the drive letter again. You might use this to find out if the information on the device that WD Security remembers is depending on the device information stored on your computer (which is most likely according your description)
  3. RestartSrDev: This is finally what you are searching for most. As is written on the site (and this is also my knowledge), it is not possible to restart a usb drive that was once ejected without removing the cable and plugging it back in. This is the bad news. The good news is that this tool tries to reset the hub on which the drive is attached which also reconnects all devices on that hub. This does not necessarily work, but is the only way known to restart a drive without removing the cable.

Your chances are not too good, but with these tools you have all possibilities to first test whether you have a chance to do what you want at all and if this works with the Tools I would recommend not to program this functionality, but to call these commandline programs from you brute force code.

Tools 2 and 3 need admin privilege.

Good luck.

Andre Ruebel
  • 518
  • 3
  • 12