Hacking The Kingston Wi-Drive

[Andrew] got his hands on a Kingston Wi-Drive, and being the responsible Hackaday reader he is, spent the better part of a weekend figuring out how to get root on this shiny new toy

The Kingston Wi-Drive is a small battery-powered Flash drive with a wi-fi adapter in a small, compact case. Even though Kingston is going after a fairly niche market by advertising the Wi-Drive to expand the storage of iOS and Android devices, a network attached storage solution that can fit in a pocket is somewhat interesting. Unfortunately, Kingston decided to lock down the Wi-Drive; [Andrew] can’t even get a terminal running on this little box.

After a weekend, [Andrew] is no closer to his goal of getting root on the Wi-Drive. He suspects the problem may be there simply isn’t a terminal for Telnet to bind to. [Andrew] realized he was a bit out of his league on this hack and decided to open up his research to people much more experienced in embedded Linux environments. If you’ve been playing around with a Wi-Drive, or you want a tiny battery-powered NAS, send us something on the tip line and we’ll follow up on this post.

56 thoughts on “Hacking The Kingston Wi-Drive

  1. I wish these things were more useful. 250gig and can be accessed as a SMB share from a laptop? Great idea. 32 gig for a ipad? what a waste, I’ve already got 64 gig in there, I’m looking to carry a lot more or have a pocket wifi file server so I can have a friend copy all the latest ios’s I found to his laptop.

    Anyone know of a larger unit that takes real laptop hard drives and has the wifi part?

    1. Hard drives need to spin up and spin down, and require alot more current to operate than solid state storage devices. Obviously, this unit’s storage circuits should only draw more than a few milliamps of current when it is being accessed, while the mechanical hard disk drive would require current during spin up and access. For a small battery powered device, it wouldn’t make much sense if you wanted to be able to instantaneously access data at will. A standard HDD might work if you are prepared cache the full file(movie or song) you were accessing, but that all seems somewhat inconvenient…

  2. Man doesn’t hack anything. Gets a post about how he did not in fact hack anything. But he is still trying to hack it. He may succeed. But he has not done so yet. But this is still hack worthy. Or something.

    I mean, hacking this is cool and I encourage him to do so but err… he hasn’t actually been able to do so yet? Isn’t the format of Hackaday to exhibit and show off actual finished or nearly finished hacks?

    1. Apparently he found out how to run commands on it so he really did hack it. The problem was finding stuff that he could execute.

      He actually did something and documented it that is really worth something. I think it was an interesting try, and hope someone can make something more out of it.

    2. Totally agree. I was super disappointed after reading this article. My brother has one of these and I was hoping I could help save him from his rather unfortunate purchase.

    3. Sounds like he hacked it as well as he could, and I think this post is useful.

      Maybe someone has gone further or can go further and they will respond or merge efforts.

  3. The Airstash is the original such device, and supports SDHC/SDXC cards instead of having a set amount of storage. Probably easier to hack too, at least it has more features as you can upload files to it from the iPad and other devices instead of just accessing files. There are hrd drives out there too though, seagate has one, goflex satellite

  4. I love how outside companies have to produce products to overcome the shortcomings(features)of Apple products.

    Re-moveable storage, no we can’t have that. Why not drag the floppy into the garbage can to eject it, Mac – Think way different.

    1. Shouldn’t be too hard actually, sounds like the scripts can be used to copy over both a telnet server and a login shell. If the device was ten euro instead of 50, I’d buy one just for the hell of it.

      1. @Sprite_tm It came out last year, so likely it’ll be heading to the discount warehouse stores soon. The trick is to snag them at the right price before the stock runs out…

    2. i have a rogers mifi one of them novatel wireless 3g/wifi portable hubs. very similar in design. would love a hack t use it as a repeater for my own network. id send it to you but you’d have to guarentee its return. with an affidavit or something guaranteeing it.

      1. Can’t guarantee a return in working condition, sorry. One of the first things I’d do is try to find the serial/jtag-port, which is hardware work and would mean a chance of destroying it. Even if i weren’t to do that, there’s always a chance of writing to the wrong part of flash and overwriting the bootloader, bricking the thing.

      2. you don;t really understand how the process works my friend :) Destruction is almost guaranteed as part of the learning process. We generally break stuff as much as we succeed – we either learn from it (a bricked device is a valid scientific result) and then usually strip it for useable parts to recover the financial loss. Nothing is wasted, most is recycled into future projects. Benevolent gifting is the norm if you can afford it. If you can’t afford it, do it yourself(!) or offer to test embryonic hacks (like beta testing) on your own hardware at your own risk.
        In this way history is written. We shall prevail against the ever-rising tide of over-marketed super-shyte that ovewhelms us nowadays.

  5. The goflex satellite has a terrible stock interface but has a 500GB internal drive, runs for 7 hours, supports wifi pass-through, and runs linux (so you can smb that mofo). Enough people have hacked it that it’s pretty easy and well documented on seagate’s support forum. Probably not worth the $199.99 though…

  6. i was able to get it to almost a webserver but i need help with the part about .shtml something about needing a style script also when it reboots any work save in config is saved compared against the cd filesystem any files extra in config get wiped.

    1. Yeah /config gets wiped everytime you reboot. You can over come this by replace the script on the CD partition. Takes 5 minutes with a hex editor and a copy of the CD Updater.

      However, this isn’t necessary as the whole drive is accessible on the web server (I know right!) – so just stick the script on the root of your drive and it’ll work fine :)

      I think some people didn’t read the whole post (can’t expect that) – but I did get Busybox with telnet on there, but couldn’t get it to work, rather frustratingly.

      I’m not sure the JTAG route is even necessary – I backed up the firmware pretty easily, and if I could have mounted the JFFS2 partition, then I could modify and reflash pretty easily without resorting to cracking the thing open. You could also do the actual flash using an .shtml file – so if done, it would be a very very simple firmware hack.

      Spode – the author

  7. Im just wondering if someone has opened one up yet. Maybe extend the battery and find a way to add more storage. The seagate drive is a lot bigger and a lot more expensive.

    1. I opened mine up- the case is hard to open without damaging it. I didn’t care about a few dents and scratches. The internal 16GB drive is attached to a USB port and is removable. I had a spare 64GB pen drive that I stripped from its case so that it would fit inside the Wi-Drive. I managed to get it working eventually despite the lack of help online.

      The original 16GB drive when inserted into a PC mounts as a virtual DVD drive that contains the software and the storage partition.
      The self mounting DVD isn’t writable nor can you delete it.
      So to create a self mounting DVD drive on the 64GB stick I re-programed the flash controller and made a self mounting DVD drive partition.

  8. get or make an ARM device with a wifi SoC and SD slot.. or even better USB host contol. This thing is way to expensive hence why nobody cares if it is hacked, much like linear purpose gaming consoles..

  9. Yah this thing gets me. dang apache2 server. I just want to make it an web site terminal because it could be considered going green but mainly because some times the thing needs work and uptime is important. Any help or suggestions on how to do would be awesome also you can map the drive is network sorage thats how i accessed it over wifi and played with it also turn it on then let it load up and you can plug it in to the wall adpter and keep it on and running.

  10. A tiny portable WiFi Apache server? Hmm. There have been times when I’ve wanted one of those for event information sites to cover a small location. i.e. a campsite, where lugging even a netbook would be painful.

    As I understand, this unit could also act as a relay to extend the coverage of an actual Internet AP. Bonus! (Although an external antenna hack might be useful.)

    Even if it can’t be hacked wide open, there could be some interesting re-purposing possible.

  11. Just saying but i really wish someone would crack one open possible the 16gb model. It would help to know whats in it and possibly upgrade the storage? It could have clips around it that hold it tightly.

  12. i own this thing and just want to allow computers to access its contents. the network it creates shows up on computers but it cannot be accessed… has anyone figured this out yet? i bought it to share files in the classroom without involving wires but it does not do what i thought it did.

  13. I found a way to hack the Kingston Wi Drive.
    I have been trying to figure out a way to add files to my Kingston Wi Drive without a PC or Laptop, since I don’t travel with my Laptop much.

    Found your post among a few others and I decided to play around with it.

    I connected my Android phone to the Wi Drive wireless.
    Then I used an App call WiFi Analyzer to look at the connection.
    I found a few IP addresses: IP Address:192.168.200.100 did NOT Work!
    but I used the IP with the following headings worked
    Gateway:192.168.200.254
    DNS1:192.168.200.254,
    Server:192.168.200.254

    I then opened the file Explorer called ES File Explorer and add a network FTP then WEBDAV and used the 192.168.200.254 with the default Port 80
    and was then able to use it as another drive. Upload/Download. etc.

    I am not very well versed in Networking but I am learning and try to experiment and re-purpose everything.

    I hope this helps you.

    The Config IP is also the same when you go into settings with the Wi Drive APP
    http://192.168.200.254/config/en-us/k_config.shtml

    1. You’re using a network broadcast address which means everything you send out is sent to every address on that network. Frankly I’m surprised it works, but you may want to dig deeper into it and see which addresses exactly are responding to the ACK.

          1. Very well then.
            Just thought it would be easier to use ES File Explorer for everything instead of using the Wi-Drive App. Probably will set up a sync to automate the process.

      1. I think you´re not rigth here. that ip it’s not a broadcast addr, maybe 255 instead of 254, but in that case you will get no response at all, correct me if i´m wrong please.

        excelent post, I was looking a way to open the wi-drive case and i got stuck in the thread.

        thanks!

  14. you seem to be doing a lot of work on this little box?
    I have had one some time now and use it with my iPhone.
    The biggest hang up I have is I can’t run or install apps to it or even save app data to it.
    Any one now if it will ever be able to do this with some hack/software

  15. hi guys, i just thinking about bought some wireless drive, but, as a power user, need something with more juice..
    This thread is dead from 2015, but i wanna know if there’s news on the hacks.

    cheers¡¡

    1. The Wi-Drive app is not available anymore. You can still access the data from a Web browser by browsing to the Wi-Drive IP address. If you want to upload data you have to utilize WebDav. There are plenty of WebDav clients in the App store.

  16. Hello. If anyone is wondering how to get into the Wi-Drive.. I found that it is listening on TCP port 8888 HTTP protocol (http://192.168.200.254:8888). Connect to the Wi-Drive and go to that URL. It will prompt you for a username/password. The username is “super” and the password is “super”. I looked through the source code that Kingston had on their site and I was able to locate this after a day of looking through the code :). Anyways.. the device is a Realtek wireless AP.. and when you log in as specified above… you get the AP GUI… pretty neat.

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.