Hard Drive Rootkit Is Frighteningly Persistent

June 8, 2015 by Rick Osgood 82 Comments

There are a lot of malware programs in the wild today, but luckily we have methods of detecting and removing them. Antivirus is an old standby, and if that fails you can always just reformat the hard drive and wipe it clean. That is unless the malware installs itself in your hard drive firmware. [MalwareTech] has written his own frightening proof of concept malware that does exactly this.

The core firmware rootkit needs to be very small in order to fit in the limited memory space on the hard drive’s memory chips. It’s only a few KB in size, but that doesn’t stop it from packing a punch. The rootkit can intercept any IO to and from the disk or the disk’s firmware. It uses this to its advantage by modifying data being sent back to the host computer. When the computer requests data from a sector on the disk, that data is first loaded into the disk’s cache. The firmware can modify the data sitting in the cache before notifying the host computer that the data is ready. This allows the firmware to trick the host system into executing arbitrary code.

[MalwareTech] uses this ability to load his own custom Windows XP bootkit called TinyXPB. All of this software is small enough to fit on the hard drive’s firmware. This means that traditional antivirus cannot detect its presence. If the owner of the system does get suspicious and completely reformats the hard drive, the malware will remain unharmed. The owner cannot even re-flash the firmware using traditional methods since the rootkit can detect this and save itself. The only way to properly re-flash the firmware would be to use an SPI programmer, which would be too technical for most users.

There are many more features and details to this project. If you are interested in malware, the PDF presentation is certainly worth a read. It goes much more in-depth into how the malware actually works and includes more details about how [MalwareTech] was able to actually reverse engineer the original firmware. If you’re worried about this malicious firmware getting out into the wild, [MalwareTech] assures us that he does not intend to release the actual code to the public.

Spin Up An Old Hard Drive With A Solenoid Motor

February 21, 2015 by Adam Fabio 12 Comments

Just about all of us have a few old hard drives in our junk box. There are a myriad of projects out there to put them to work in new and interesting ways. One of those ways is to turn your hard drive into a solenoid motor of sorts. (YouTube link) This isn’t a new hack, videos of it have been kicking around the internet for years. [black1985vette] gives a pretty good explanation of how he’s done it. He used a piece of brass as a connecting rod between the drive head and a pin mounted off-center to the platter hub. One of the platter mounting screws provides the perfect place to set the pin. A bent safety-pin rubs the center of the hub, which is partially insulated with tape. When the pin contacts the hub, the drive head is energized, pushing the whole assembly around. The mass of the platters acts as a flywheel, carrying the motor the rest of the way around.

[Pulverrostmannen] performed a similar mod, though he used a micro switch to time the drive head. Rather than a brass connecting rod, [Pulverrostmannen] used a spare head. With a simple transistor circuit acting as a speed control, his hard drive motor revved up to around 1560 RPM, which is pretty respectable for a bunch of junk parts.

So next time you’re stuck in on cold rainy weekend, pull out some of those old drives and get hacking! Click past the break to several of these projects in action.

Continue reading “Spin Up An Old Hard Drive With A Solenoid Motor” →

PCI I-RAM Working Without A PCI Slot

January 18, 2015 by Rick Osgood 38 Comments

[Gnif] had a recent hard drive failure in his home server. When rebuilding his RAID array, he decided to update to the ZFS file system. While researching ZFS, [Gnif] learned that the file system allows for a small USB cache disk to greatly improve his disk performance. Since USB is rather slow, [Gnif] had an idea to try to use an old i-RAM PCI card instead.

The problem was that he didn’t have any free PCI slots left in his home server. It didn’t take long for [Gnif] to realize that the PCI card was only using the PCI slot for power. All of the data transfer is actually done via a SATA cable. [Gnif] decided that he could likely get by without an actual PCI slot with just a bit of hacking.

[Gnif] desoldered a PCI socket from an old faulty motherboard, losing half of the pins in the process. Luckily, the pins he needed still remained. [Gnif] knew that DDR memory can be very power-hungry. This meant that he couldn’t only solder one wire for each of the 3v, 5v, 12v, and ground pins. He had to connect all of them in order to share the current load. All in all, this ended up being about 20 pins. He later tested the current draw and found it reached as high as 1.2 amps, confirming his earlier decision. Finally, the reset pin needed to be pulled to 3.3V in order to make the disk accessible.

All of the wires from his adapter were run to Molex connectors. This allows [Gnif] to power the device from a computer power supply. All of the connections were covered in hot glue to prevent them from wriggling lose.

Brother Builds “Zerg-Berg” Coffee Table Media Server – 38(!) USB Drives

December 20, 2014 by Matt Freund 152 Comments

After [Travis]’s media server died a couple months ago, his brother [Nick] secretly plotted to replace it for Christmas. Admitting it to be an “asinine Rube Goldberg” arrangement, [Nick] wanted something custom and remarkable for his sibling. Rather than go the normal SATA route, 38 USB hot-swap laptop drives were clustered together inside a custom leather enclosure with a bronzed glass top.

[Nick] picked up 45 of the 500GB drives for only $350 and designed the project around those. He spent $1000 on matching metal docks for each of them, powered by $800 worth of PCIe quad independent USB controllers – no hubs. A $550 Xeon motherboard with 14 USB ports, 16GB of RAM, a basic video card and a 1000W power supply rounded out the electronics.

Under Windows 8.1 all drives are arranged in a single giant array under Storage Spaces, no raid.

Everything was built into a wood-framed coffee table wrapped in high-end leather that [Nick] spent 65 hours hand stitching himself. Fancy brass corner braces hold the frame square. All the wires were run underneath the table so the visible surfaces are clean and clear. The table structure is lifted up on legs made from half-inch square barstock bent into a hairpin and bolted to the underside.

All together [Travis]’s Zerg-Berg media server cost in the range of $4500. [Nick] intends it to be something that lasts him a very long time.

See the video below for [Nick]’s ~~rationalization~~ explanation of the hardware and methods chosen.

Continue reading “Brother Builds “Zerg-Berg” Coffee Table Media Server – 38(!) USB Drives” →

Cloning A Board From Pictures On The Internet

November 22, 2014 by Brian Benchoff 15 Comments

[Andrew] was a pretty cool guy in the early 90s with an awesome keyboard synth that did wavetable synthesis, sampling, a sequencer, and an effects processor. This was a strange era for storage; a reasonable amount of Flash memory was unheard of, and floppy disks ruled the land. [Andrew]’s synth, though, had the option to connect SCSI drives. Like all optional add ons for high-end equipment, the current price for the Ensoniq SCSI card is astronomical and [Andrew] figured he could build one of these cards himself.

Poking around eBay, [Andrew] found the card in question – just a few passives, some connectors, a voltage regulator, and an odd chip from AMD. This chip was a 33C93A, a SCSI controller, and a trip down the Chinese vendor rabbit hole netted him one for $7. Can’t do better than that.

With the datasheet for the chip in hand and a few reasonable assumptions on how the circuit worked, [Andrew] tried to figure draw the schematic. After doing that, he found another hobbyist that had attempted the same project a few years earlier. All the nets were identical, and all that was left to do was sending a board off to the fab.

A quick trip to Front Panel Express got [Andrew] a mounting bracket for the card, and after plugging it in to the synth revealed a new option – SCSI. It worked, and with an ancient SCSI CD-ROM drive, he had boatloads of offline storage for his synth. Great work, and something we’d love to see more of.

Beamboarder Lets You Skate At Night; Won’t Blind Oncoming Traffic

July 18, 2014 by Mike Szczys 11 Comments

beam-boarder-night-skating

Whether you use your longboard as transportation or pleasure riding, night-time sessions can be harrowing if you’re screaming through poorly-lit places. The Beamboarder is a solution that is simple to build and easy to throw in a backpack whenever that giant ball of fire is above the horizon.

Boiled down it’s a high-power LED and a Lithium battery. How’s that for a hack? Actually it’s the “garbage” feel of it ([Lyon’s] words, not ours) that makes us smile. An old hard drive with as high of a capacity as possible was raided for parts. That sounded like a joke at first but the point is that early, large drives have bigger magnets inside. You need a really strong one because that’s all that will hold the LED to the front truck of our board. From there it’s a matter of attaching a CREE LED with thermal adhesive and wiring it up to the Lithium pack that has been covered in shrink tube to keep the elements out.

The headlight is under the board, which is courteous to oncoming traffic. Once you pull off this hack we’re sure you’ll want to go further so we suggest wheels with LED POV displays and there’s always the option of going full electric.

Hard Drive Clock Is Simple And Elegant

June 14, 2014 by Rick Osgood 8 Comments

[Aaron] has been wanting to build his own binary desk clock for a while now. This was his first clock project, so he decided to keep it simple and have it simply display the time. No alarms, bells, or whistles.

The electronics are relatively simple. [Aaron] decided to use on of the ATMega328 chips he had lying around that already had the Arduino boot loader burned into them. He first built his own Arduino board on a breadboard and then re-built it on a piece of protoboard as a more permanent solution. The Arduino gets the time from a real-time clock (RTC) module and then displays it using an array of blue and green LED’s. The whole thing is powered using a spare 9V wall wort power supply.

[Aaron] chose to use the DS1307 RTC module to keep time. This will ensure that the time is kept accurately over along period of time. The RTC module has its own built-in battery, which means that if [Aaron’s] clock should ever lose power the clock will still remember the time. The RTC battery can theoretically last for up to ten years.

[Aaron] got creative for his clock enclosure, upcycling an old hard drive. All of the hard drive guts were removed and replaced with his own electronics. The front cover had 13 holes drilled out for the LED’s. There are six green LED’s to display the hour, and seven blue LED’s for the minute. The LED’s were wired up as common cathode. Since the hard drive cover is conductive, [Aaron] covered both sides of his circuit board with electrical tape and hot glue to prevent any short circuits. The end result is an elegant binary clock that any geek would be proud of.