8 replies to this topic

[Louis XV]

Recently, my friend gave me a special/interesting USB flash drive which separate 2 parts: 1 as CD-Drive, 1 as hidden part (you can't access it normally). I want to find out how it works. Should I retrieve the firmware? How can I do? Do we have any tools to analyse?

[netlord]

Well

 

first of all you have to know what chip youre using with this stick.

Download http://www.antspec.com/usbflashinfo/ and identify your chip.

 

Then we can continue....

 

 

[Wonko the Sane]

Just for the record, there is nothing "special" about that USB stick (though it may be interesting nonetheless) as MOST modern USB stick controllers provide that option.

 

To identify surely the controller I advice to use 3 (three) different tools, see:

http://reboot.pro/to...gb/#entry190777

 

Wonko

[Louis XV]

Just for the record, there is nothing "special" about that USB stick (though it may be interesting nonetheless) as MOST modern USB stick controllers provide that option.

 

To identify surely the controller I advice to use 3 (three) different tools, see:

http://reboot.pro/to...gb/#entry190777

 

Wonko

I read the usbdev.ru site, no specific text details how to retrieve the firmware. As I checked that "special" USB, the manufacturer made a tool and user have to use that tool to access hidden partition. So, I think I should get the firmware, analyse it how it works. Is this possible? Btw, do you know how the partition is hided, Wonko?

Thanks

[Wonko the Sane]

It depends on the actual USB stick Controller.

 

You won't (very likely) get the firmware, but rather the tool that allows to change settings in the firmware.

 

Imagine a PC where you cannot access the BIOS (firmware) normally and you can only change settings in it through a given program, most (but not all) USB controllers manufacturer provide a so-called manufacturer tool (aimed to manufacturers, that often "leak" through Chinese or Russian channels) and a "user oriented" tool usually capable of only creating (or removing) a hidden partition and a program that allow (providing the password) to access it.

 

Conversely (and without any offence intended ) if you are here asking about how to get the firmware, allow me to doubt that you will be able to do much with it,  some (but again not all) manufacturer tool packages may include the actual firmware, but - not completely unlike a BIOS - it is not something that can be easily analyzed or disassembled/understood (even setting aside any possible illegality in doing that) and you do appear like being in a CATCH22 situation, it is already difficult enough to only understand how one of the manufacturer tool is to be operated (due to almost total lack of documentation and the very scarce available usually being in Chinese or Russian).

 

In any case you have to proceed with some order:

1. identify the actual controller used
2. get each and every related tool you can find
3. test the actually found tools to verify that they actually work and work on the given stick (at the risk of botching the stick forever )
4. check if in any of the found packages there is a firmware image or a tool to backup the current one
5. if yes, retrieve the firmware and analyze/disassemble it

As I see it:

#1 is usually trivial

#2 starts being not-so-easy

#3 becomes difficult and risky

#4 depends more on having luck than anything else

#5 is one of those things I can most probably count people I know in the world capable of doing that on my fingers without taking my shoes off and none of them would ask on reboot.pro how to retrieve the firmware

 

 

 

Wonko

[Louis XV]

It depends on the actual USB stick Controller.

 

You won't (very likely) get the firmware, but rather the tool that allows to change settings in the firmware.

 

Imagine a PC where you cannot access the BIOS (firmware) normally and you can only change settings in it through a given program, most (but not all) USB controllers manufacturer provide a so-called manufacturer tool (aimed to manufacturers, that often "leak" through Chinese or Russian channels) and a "user oriented" tool usually capable of only creating (or removing) a hidden partition and a program that allow (providing the password) to access it.

 

Conversely (and without any offence intended ) if you are here asking about how to get the firmware, allow me to doubt that you will be able to do much with it,  some (but again not all) manufacturer tool packages may include the actual firmware, but - not completely unlike a BIOS - it is not something that can be easily analyzed or disassembled/understood (even setting aside any possible illegality in doing that) and you do appear like being in a CATCH22 situation, it is already difficult enough to only understand how one of the manufacturer tool is to be operated (due to almost total lack of documentation and the very scarce available usually being in Chinese or Russian).

 

In any case you have to proceed with some order:

1. identify the actual controller used
2. get each and every related tool you can find
3. test the actually found tools to verify that they actually work and work on the given stick (at the risk of botching the stick forever )
4. check if in any of the found packages there is a firmware image or a tool to backup the current one
5. if yes, retrieve the firmware and analyze/disassemble it

As I see it:

#1 is usually trivial

#2 starts being not-so-easy

#3 becomes difficult and risky

#4 depends more on having luck than anything else

#5 is one of those things I can most probably count people I know in the world capable of doing that on my fingers without taking my shoes off and none of them would ask on reboot.pro how to retrieve the firmware

 

 

 

Wonko

Thanks Wonko. I found the controller is Alcor and can save the image with provided tool. The more difficult step is finding out what is the configuration parameters. Do you know about Alcor?

[Wonko the Sane]

Do you know about Alcor?

Yes .

http://homepage.ntlw...no-answers.html

 

While you are there:

http://homepage.ntlw...ynepollard/FGA/

check also:

http://homepage.ntlw...ard-litany.html

This page:

http://www.usbdev.ru/files/alcor/

lists roughly 400 programs or related files/docs, for no less than 15 (possibly more) controller models.

 

I guess that when you go shopping for a specific spare part for your car you tell to the guy at the shop "I have a Peugeot", right? 

 

Wonko

[Louis XV]

Yes .

http://homepage.ntlw...no-answers.html

 

While you are there:

http://homepage.ntlw...ynepollard/FGA/

check also:

http://homepage.ntlw...ard-litany.html

This page:

http://www.usbdev.ru/files/alcor/

lists roughly 400 programs or related files/docs, for no less than 15 (possibly more) controller models.

 

I guess that when you go shopping for a specific spare part for your car you tell to the guy at the shop "I have a Peugeot", right? 

 

Wonko

 

  I am sorry that I dont ask clearly, Wonko. I has the image from Alcor controller firmware of the USB by using Check Drive tool. My purpose is to create a USB with similar function: the USB has built-in tools in CD-ROM partition which protect USB using password and it enables user copy data between hidden partition and computer.

I think I should analyse the controller firmware to know how they implement it. I cant find the tool to create Alcor firmware. How can I analyse the existing USB firmware? With my purpose, can you suggest the step should I do?

Thanks

[Wonko the Sane]

I will try to be more explicit.

• Post the EXACT model of the Alcor stick you have.
• Post links to the EXACT tools/programs you used.
• Post the EXACT output these tools provided.
• Post the *whatever* you got through the use of the *whatever* tools you used also DESCRIBING IN DETAIL how EXACTLY you extracted it.

The above will allow both of us to have the SAME data and (before or later) find a common language to exchange informations.
Any part of the above 4 point missing leads to the impossibility of communicating between us meaningful informations on this specific topic.

What you have in your hands (my guess at a probability level of 99% ) is not "firmware", and in any case you DO NOT "create" firmware with ANY tool, at the most you may be able to find a manufacturer tool capable of changing settings on an existing firmware.

As well, you won't "analyze firmware" and you will never get to know how they implement it, at the very most you will be able to analyze the manufacturer's tool and discover how the changes in the settings of the firmware are performed.

What you are asking (final GOAL) which should be more or less "How do I create on a specific USB stick a dual LUN setup, with first a CD-like device and second a hd-like one with a hidden partition?" does NOT pass through analyzing the firmware nor through analyzing the manufacturer tool, it rather goes through finding a working manufacturer's tool or similar Alcor utility and learn how to use it to achieve the result.


Wonko