Page 1 of 2

User forgot password WD10JMVW-11S5XS0

Posted: 22.08.18, 01:37
by zeroalpha
I converted this drive to SATA and it operates healthy. I have cleared modules 123,124,125,126,127 but can't get past this:
Image

Re: User forgot password WD10JMVW-11S5XS0

Posted: 28.08.18, 12:20
by Maxim_TS
Unfortunately if the customer forgot his JMS538S password, there is no solution for now.

Re: User forgot password WD10JMVW-11S5XS0

Posted: 04.09.18, 22:38
by DataMedics
That's encryption doing what it's supposed to do. Keeping out anyone who doesn't know the password.

You sure it's really even their drive? You'd be surprised how often cases like this turn out to be a stolen drive, usually taken from an ex-wife, ex-husband, ex-girlfriend, etc.

Re: User forgot password WD10JMVW-11S5XS0

Posted: 05.09.18, 03:11
by Doomer
JMicron password can be hacked, as was described in this document - https://eprint.iacr.org/2015/1002.pdf
I started doing R&D on it and even re-created full RNG LFSR sequence from Appendix A but dropped this because of lack of financial motivation.

Somebody with a lot of free time and decent knowledge of the subject can do it.

Re: User forgot password WD10JMVW-11S5XS0

Posted: 08.09.18, 08:13
by einstein9
zeroalpha wrote:Source of the post I converted this drive to SATA and it operates healthy. I have cleared modules 123,124,125,126,127 but can't get past this:
Image


Zeroalpha, we can handle such a case here (even without the hdd password)
(more details can be found here http://unixgtc.com/wp/wd-smartware-pass ... l-service/ )


Maxim_TS wrote:Source of the post Unfortunately if the customer forgot his JMS538S password, there is no solution for now.


One day when i visit your Acelab in Prague will Demonstrate this to you and your team Max.

Re: User forgot password WD10JMVW-11S5XS0

Posted: 10.09.18, 02:55
by zeroalpha
Thanks for your response. I will pass your details onto the owner.

Re: User forgot password WD10JMVW-11S5XS0

Posted: 10.09.18, 12:11
by einstein9
zeroalpha wrote:Source of the post Thanks for your response. I will pass your details onto the owner.


You welcome

Re: User forgot password WD10JMVW-11S5XS0

Posted: 11.09.18, 12:56
by Maxim_TS
einstein9 wrote:Source of the post One day when i visit your Acelab in Prague will Demonstrate this to you and your team Max.

Dear Anwer, it would be great if we could see the solution someday :) In website the solution offer for WD SmartWare is presented. Will it solve JMS538S and INIC1607E lost password as well?

Re: User forgot password WD10JMVW-11S5XS0

Posted: 16.09.18, 12:47
by Amarbir[CDR-Labs]
Maxim_TS wrote:Source of the post
einstein9 wrote:Source of the post One day when i visit your Acelab in Prague will Demonstrate this to you and your team Max.

Dear Anwer, it would be great if we could see the solution someday :) In website the solution offer for WD SmartWare is presented. Will it solve JMS538S and INIC1607E lost password as well?



Maxim,
I am also waiting for anwers answer ,Sometimes i do get stuff like this its rare though

Re: User forgot password WD10JMVW-11S5XS0

Posted: 16.09.18, 15:23
by einstein9
Maxim_TS wrote:Source of the post
einstein9 wrote:Source of the post One day when i visit your Acelab in Prague will Demonstrate this to you and your team Max.

Dear Anwer, it would be great if we could see the solution someday :) In website the solution offer for WD SmartWare is presented. Will it solve JMS538S and INIC1607E lost password as well?


Hi Maxtim, sorry for the late replying here, Yes it does work for both, i don`t need the password to access the user data

Re: User forgot password WD10JMVW-11S5XS0

Posted: 17.09.18, 09:14
by AJ2008
My understanding is the password acts as a key encryption key that on correct authentication will decrypt the media encryption key - either the way WD implements it has been compromised, or it is a brute force attack?

Re: User forgot password WD10JMVW-11S5XS0

Posted: 17.09.18, 09:15
by AJ2008
I have many doubts about many things :wink:

Re: User forgot password WD10JMVW-11S5XS0

Posted: 17.09.18, 16:35
by Doomer
AJ2008 wrote:Source of the post or it is a brute force attack?

it's a smart brute force, if done correctly the key should be brute-forced in about half an hour(for JMicron), at least that's the idea.
Initio theoretically could be hacked the same way (I didn't try it but I have a vague idea on how it can be done) but per my understanding
1. the R&D is a lot harder comparing to JMicron
2. brute-force should take significantly longer because of the way RNG LFSR works on Initio

Re: User forgot password WD10JMVW-11S5XS0

Posted: 17.09.18, 16:38
by AJ2008
I guess the main issue with this is that each revision of this encryption engine becomes obsolete relatively quickly which makes you wonder if all the research time and effort is worth it in the long run.

Also, forgotten passwords is not a common issue in data recovery. I see the value in it for forensics and law enforcement, but I can count the number of cases of forgotten smart-ware passwords I ever saw on one hand :o

It is still good info to know though :D

Re: User forgot password WD10JMVW-11S5XS0

Posted: 19.09.18, 09:08
by einstein9
Doomer wrote:Source of the post
AJ2008 wrote:Source of the post or it is a brute force attack?

it's a smart brute force, if done correctly the key should be brute-forced in about half an hour(for JMicron), at least that's the idea.
Initio theoretically could be hacked the same way (I didn't try it but I have a vague idea on how it can be done) but per my understanding
1. the R&D is a lot harder comparing to JMicron
2. brute-force should take significantly longer because of the way RNG LFSR works on Initio


AJ2008 wrote:Source of the post I guess the main issue with this is that each revision of this encryption engine becomes obsolete relatively quickly which makes you wonder if all the research time and effort is worth it in the long run.

Also, forgotten passwords is not a common issue in data recovery. I see the value in it for forensics and law enforcement, but I can count the number of cases of forgotten smart-ware passwords I ever saw on one hand :o

It is still good info to know though :D


Doomer & AJ2008

Quick Question for both, do you know a way to Downgrade the FW ?
WD released a Tool for that to Upgrade (am not sure if still there or not)

You will love the idea :shockable: