WD20EARX-00PASB0 MyBook decryption

[canthashme]

I'm looking for help with decrypting a WD MyBook (WDBACW0020HBK-01) drive. The HDD is a WD20EARX-00PASB0, and the bridge is a JMS538S. Password is unknown.

After some reading through the 'got HW crypto?' paper (https://eprint.iacr.org/2015/1002.pdf), the reallymine and linux-mybook-tools gits, I attempted decrypting with PC3k, but the key still required the user password. I saw a recent post by someone else with the same issue. I started diving into the processes outlined in the 'got HW crypto?' paper to see if I could figure it out myself. I started trying to code something to try to brute force the KEK with the salt and iterations described in the paper, but my coding ability is minimal. I had a look at the RNG vulnerability, but it's beyond my knowledge without a lot more hours put into this. So, of course, I've got to the point now where I know I need help. I was able to dump the necessary eDEK blob with the ASCII WDv1 bytes, and the first 2mb of the drive (which was indicated as needed in the linux-mybook-tools git).

Anyone able to help?

[Doomer]

can you upload the key sector (the one with WDv1), the first 2mb of the drive, and module 02.rpm somewhere, so I can take a look?

[canthashme]

Thanks for your help. I'll have to grab module02.rpm on Monday, but here are the key sector and the 2mb bin files. Also, manufacturing date of the drive is August 4th, 2011.

https://ufile.io/f/6r0aq

[Doomer]

Looks like I don't need the 2.rpm
It can be decrypted - https://easyupload.io/r7xo4s

[canthashme]

That's awesome! Did you manage to do that via a password bruteforce to generate the KEK and decrypt the eDEK, then validate against the first 2mb? Or via a generated DEK lookup table?

How can I go about decrypting the drive?

[Doomer]

You have a PM

[canthashme]

Looks like my forum account doesn't have permissions to send PMs yet. Not sure when that kicks in.

I've sent you a reply via email.