Page 1 of 2

Brute Force Through WD Password Protection

Posted: Thu May 19, 2016 2:11 pm
by Jared
So I'm considering looking into setting up a hardware brute force decryption machine for the purpose of breaking WD's encryption. Perhaps something like this: https://sagitta.pw/hardware/gpu-compute-nodes/invictus/ only homemade.

According to this article it seems that it's totally doable to crack the user password once you have the key sector stored in the SA. From what the article explains most WD encryption works like this:

User password is used to generate Key Encryption Key (KEK)
KEK is then used to encrypt Disk Encryption Key (DEK - what we normally use to decrypt data)
This results in a eDEK which can be read the normal way by PC-3000 in lieu of the DEK (which was replaced with the eDEK).

So a brute force attack would basically be running every possible AES-256 password possible to see which one results in the key for the eDEK so it can be decrypted back to the DEK and used in PC-3000 to decrypt.

A simple open source tool like hashcat could probably be employed and run on hardware with multiple GPUs to accomplish it.

Of course such a service would only be offered to law enforcement agencies. Doing this commercially would simply be unethical.

Brute Force Through WD Password Protection

Posted: Fri May 20, 2016 12:22 am
by jol
Jared wrote:So a brute force attack would basically be running every possible AES-256 password possible to see which one results in the key for the eDEK

Brute forcing AES-256 will take you awhile
Just kidding it will take billions of years to do that
https://www.reddit.com/r/theydidthemath ... _a_aes256/
Or in other words "impossible"

Brute Force Through WD Password Protection

Posted: Fri May 20, 2016 3:09 am
by pclab
I just wonder if it's profitable....

Brute Force Through WD Password Protection

Posted: Fri May 20, 2016 8:28 am
by Jared
Not according to every article I've read. Would take a billion years if you didn't have the eDEK and had to just gust guess the DEK. However guessing a user pass is much faster as they rarely are 64 digits in length. Most user passwords I've seen are around 10 characters. Also they made the mistake of using a date stamp as part of the DEK and while I've yet to investigate how to use that to help, supposedly it drops the time necessary down to a few hours.

Though it's assumed they did fix that on the latest version.

Sent from my SM-N900V using Tapatalk

Brute Force Through WD Password Protection

Posted: Fri May 20, 2016 9:55 am
by jol
Jared wrote: However guessing a user pass is much faster as they rarely are 64 digits in length.

Digits only ?
Jared wrote:Most user passwords I've seen are around 10 characters.

And what you gonna do with this guy ?
The password I choose was 64 characters long

Brute Force Through WD Password Protection

Posted: Fri May 20, 2016 10:18 am
by Jared
jol wrote:Digits only ?


Characters, digits. Potato, parsnip. What's the difference?

jol wrote:And what you gonna do with this guy ?
The password I choose was 64 characters long


Probably give up. Or do it CIA style and waterboard the password out of him.

Brute Force Through WD Password Protection

Posted: Fri May 20, 2016 11:18 am
by HaQue
I'm with Jared on this. but not brute force... using a decent wordlist with some well defined rules can bring some pretty good results. a 64 char pass would be very uncommon, as well as anything over 9 chars.

But I don't agree with doing it only for law enforcement. Ive seen too many people just screwed because of the lost password. and if it is theirs, the benefit is most times they can give you some info of a likely password, making it much easier. Why should regular people have to lose their files just because it looks kind of questionable? just some basic proof required and I would be happy to do it. Obviously It would be not blindly done for anyone, but I don't like the general public getting screwed

Brute Force Through WD Password Protection

Posted: Fri May 20, 2016 11:55 am
by jol
Jared wrote:
jol wrote:Digits only ?


Characters, digits. Potato, parsnip. What's the difference?

A Hugh difference, if its only digits, then brute force will taka much less time then brute forcing every possible combination of Characters + digits + Potato + parsnip ;)

Brute Force Through WD Password Protection

Posted: Wed Jun 01, 2016 7:28 am
by DRUG
The best way to do this would be with a GPU station. https://www.digitalintelligence.com/pro ... erstation/

However you must keep in mind that this tool and service are kinda of hard to pay off.

1- Power consumption, using this beauties will kill your bill.
2- you wont have many clients willing to pay.
3- hardware lifetime (this kind of hardware usage will make is lifespan short)

If this is a tool for a top notch forensic lab ? Of course.
Would this be viable on a DRlab ? Not in my opinion :/

P.S: You should also setup cracking ranges, like: password is between 4 chars and 10 chars, uses characters with numbers(ANkey) uses symbols, bla bla bla, this would reduce your cracking time!

Brute Force Through WD Password Protection

Posted: Fri Jun 03, 2016 4:57 am
by HaQue
Okay, for the record I don't know anything about the implementation in WD HDDs.. but, I am thinking:

do you know what algorithm you can use to simulate the WD? I mean, what exactly are you going to process? Have you ripped some code from the WD or are able to somehow know what to test against? and how will you know if you have found the key?

When AES is implemented, I assume there isn't one simple algorithm used everywhere, I mean surely you would not:

stored passkey = AES-256(user_password)

would it not make sense to implement AES in some small algorithm? Then it would be extremely difficult to figure out how to use even knowledge of AES to decrypt it?

something like :

temp = backward(user_password)
temp = temp+temp
stored passkey = AES-256(temp)

then you can bang away at AES-256 as much as you want but you won't find the key.

or have I got it wrong and there is knowledge of how to compare a key to an encrypted one without using the drive?