eMMC to SD Hack Rescues Data from a Waterlogged Phone

How do I get the data off this destroyed phone? It’s a question many of us have had to ponder – either ourselves or for friends or family. The easy answer is either spend a mint for a recovery service or consider it lost forever.  [Trochilidae] didn’t accept either of those options, so he broke out the soldering iron and rescued his own data.

A moment’s inattention with a child near a paddling pool left [Trochilidae’s] coworker’s wife with a waterlogged, dead phone. She immediately took apart the phone and attempted to dry it out, but it was too late. The phone was a goner. It also had four months of photos and other priceless data on it. [Trochilidae] was brought in to try to recover the data.

The phone was dead, but chances are the data stored within it was fine. Most devices built in the last few years use eMMC flash devices as their secondary storage. eMMC stands for Embedded Multimedia Card. What it means is that the device not only holds the flash memory array, it also contains a flash controller which handles wear leveling, flash writing, and host interface. The controller can be configured to respond exactly like a standard SD card.

The hard part is getting a tiny 153 ball BGA package to fit into an SD card slot.  [Trochilidae] accomplished that by cutting open a microSD to SD adapter. He then carefully soldered the balls from the eMMC to the pins of the adapter. Thin gauge wire, a fine tip iron, and a microscope are essentials here. Once the physical connections were made,  [Trochilidae] plugged the card into his Linux machine. The card was recognized, and he managed to pull all the data off with a single dd command.

[Trochilidae] doesn’t say what happened after the data was copied, but we’re guessing he analyzed the dump to determine the filesystem, then mounted it as a drive. The end result was a ton of recovered photos and a very happy coworker.

If you like crazy soldering exploits, check out this PSP reverse engineering hack, where every pin of a BGA was soldered to magnet wire.

Raiders of the Lost OS: Reclaiming A Piece of Polish IT History

In today’s digital era, we almost take for granted that all our information is saved and backed up, be it on our local drives or in the cloud — whether automatically, manually, or via some other service.  For information from decades past, that isn’t always the case, and recovery can be a dicey process.  Despite the tricky challenges, the team at [Museo dell’Informatica Funzionante] and [mera400.pl], as well as researchers and scientists from various museums, institutions, and more all came together in the attempt to recover the Polish CROOK operating system believed to be stored on five magnetic tapes.

MEERA-400 Tape Recovery 1

Originally stored at the Warsaw Museum of Technology, the tapes were ideally preserved, but — despite some preliminary test prep — the museum’s tape reader kept hanging at the 800 BPI NRZI encoded header, even though the rest of the tape was 1600 BPI phase encoding. Some head scratching later, the team decided to crack open their Qualstar 1052 tape reader and attempt to read the data directly off the circuits themselves!!

Continue reading “Raiders of the Lost OS: Reclaiming A Piece of Polish IT History”

CASUAL seeks to make Android hacking OS agnostic


[Adam Outler] tipped us off about a cross-platform Android hacking suite he’s been working on. The project, which is called CASUAL, brings several things to the table. First and foremost it breaks down the OS requirements seen on some hacks. It can perform pretty much any Android hack out there and it doesn’t care if you’re using Linux, OS X, or Windows.

We’ve embedded two videos after the break. The screenshot seen above is from the first clip where [Adam] demonstrates the package rooting the Oppo Find5 Android phone. He then goes on to show off the scripting language CASUAL uses. This layer of abstraction should make it easier to deploy hacking packages, as CASUAL handles all of the underlying tools like the Android Debug Bridge, fastboot, and Heimdall (an open source Odin replacement which brings the low level tool to all OS platforms) . The second video demonstrates a Galaxy Note II being rooted, and having a new recovery image flashed.

Continue reading “CASUAL seeks to make Android hacking OS agnostic”

Recovering a corrupted EEE PC BIOS


[Jeremy] had an ASUS EEE PC 1000HE netbook on his hands which had succumbed to a corrupted BIOS. In most situations, people replace a motherboard when the BIOS is damaged beyond repair, but considering the price of motherboards, especially those built for portable devices, he simply refused to go that route.

Instead, he took it apart and did a little investigation to find out what SPI flash chip ASUS used in the netbook. With that information in hand, he put together an SPI flash programmer using a breadboard and a DLP-USB1232H USB to UART module. He couldn’t program the flash chip in-circuit, so he had to desolder it and deadbugged it onto his programmer. Using a few Linux-based flashing tools, he was able to reprogram the chip with a functioning BIOS in short order, saving him from a costly motherboard replacement.

While some motherboard manufacturers have built in secondary BIOS chips to prevent the need for this sort of recovery, it’s nice to know that the process is relatively straightforward, provided you have some basic soldering and Linux skills.

This also isn’t the first time we’ve seen someone recover an EEE PC from the brink – if you’re looking for an Arduino-based alternative, be sure to check this out.

IDE bus sniffing and hard drive password recovery


shackspace member [@dop3j0e] found himself in a real bind when trying to recover some data after his ThinkPad’s fingerprint scanner died. You see, he stored his hard drive password in the scanner, and over time completely forgot what it was. Once the scanner stopped working, he had no way to get at his data.

He brainstormed, trying to figure out the best way to recover his data. He considered reverse engineering the BIOS, which was an interesting exercise, but it did not yield any password data. He also thought about swapping the hard drive’s logic board with that of a similar drive, but it turns out that the password is stored on the platters, not the PCB.

With his options quickly running out, he turned to a piece of open-source hardware we’ve covered here in the past, the OpenBench Logic Sniffer. The IDE bus contains 16 data pins, and lucky for [@dop3j0e] the OpenBench has 16 5v pins as well – a perfect match. He wired the sniffer up to the laptop and booted the computer, watching SUMP for the unlock command to be issued. Sure enough he captured the password with ease, after which he unlocked and permanently removed it using hdparm.

Be sure to check out [@dop3j0e’s] presentation on the subject if you are interested in learning more about how the recovery was done.

Recovering photos with PhotoRec


A coworker approached us today with a corrupted SD card. It was out of her digital camera, and when plugged in, it wasn’t recognized. This looked like the perfect opportunity to try out [Christophe Grenier]’s PhotoRec. PhotoRec is designed to recover lost files from many different types of storage media. We used it from the command line on OSX, but it works on many different platforms.

It’s a fairly simple program to use. We plugged in the card and launched PhotoRec. We were prompted to select which volume we wanted to recover. We selected “Intel” as the partition table. PhotoRec didn’t find any partitions, so we opted to search the “Whole disk”. We kept the default filetypes. It then asked for filesystem type where we chose “Other” because flash is formatted FAT by default. We then chose a directory for the recovered files and started the process. PhotoRec scans the entire disk looking for known file headers. It uses these to find the lost image data. The 1GB card took approximately 15 minutes to scan and recovered all photos. This is really a great piece of free software, but hopefully you’ll never have to use it.

Data recovery tools

In your zeal to delete your data, you may have accidentally deleted files that you wanted to keep. Lifehacker has posted this handy list of data recovery tools to help you get those files back.

As you may know, whenever you delete a file, the only thing that changes is the file system. The data of the deleted file is still on the hard drive, but the file system sees the space containing the file as “blank” writable space. Data recovery software typically looks into the directory where the file was stored and scans it, finding any files not listed in the file system.

The program you choose for this task will not only be determined by your OS, but also by the specifics of your recovery needs. Do you need to recover a single file? Many files? A whole hard drive? An unbootable drive? A really scratched optical disk? Specialized tools for all of these needs are available, and this article will help you find the right program for yours.