4 Modules get changed for fixed device
76 views
Skip to first unread message
Monjur
Feb 19, 2016, 11:21:28 AM2/19/16
to HDDSuperTool Discussion Forum
Hi Scott,
When I extract modules from service are for a fixed device with same model and firmware version; I find that 4 modules get changed for different combination of disk state. For instance, I extracted modules when dick is: not partitioned, partitioned but without data, disk filled with 0/1, disk filled with random data. I have attached these 4 modules: module21, module22, module6f and /module4002. For example, module21.bin before partition and after partition gets changed.
Conceptually, the service are should not be accessed from user mode; so my concern is whether hddsupertool extracts correct data. Can you explain the changes of these modules for the same device. The followings are the device details :
Model= WDC WD1003FBYZ-010FB0
Firmware revision= 01.01V03
Scott Dwyer
Feb 19, 2016, 7:00:14 PM2/19/16
to HDDSuperTool Discussion Forum
The user does not have direct access to the SA. But the SA is not just all code, there are data tables and other information, most of which I do not know at all how to decipher. That other data can be changed by the drive itself. It likely has no idea of partitions or data written, but it will log certain things (look up smart data as one example).
As for knowing if it is retrieving accurate data, the dump all script currently does not perform any checks on the modules that are read, except for mod01. I think I will add the basic checks (check for ROYL signature, make sure module id and size match, and perform a checksum check). Maybe I will do this soon if I have time. But until then you can check the module header yourself based on the info previously provided, and new link provided below, although you will need to use software to calculate the checksum (look at how the script does it).
Look here for Analysis of Western Digital ROYL firmware MOD 02:
http://www.hddoracle.com/viewtopic.php?f=59&t=821&hilit=analysis+of+mod+02
The top of the very first post has info on how to decode the header of a module.
As for knowing if it is retrieving accurate data, the dump all script currently does not perform any checks on the modules that are read, except for mod01. I think I will add the basic checks (check for ROYL signature, make sure module id and size match, and perform a checksum check). Maybe I will do this soon if I have time. But until then you can check the module header yourself based on the info previously provided, and new link provided below, although you will need to use software to calculate the checksum (look at how the script does it).
Look here for Analysis of Western Digital ROYL firmware MOD 02:
http://www.hddoracle.com/viewtopic.php?f=59&t=821&hilit=analysis+of+mod+02
The top of the very first post has info on how to decode the header of a module.
Monjur
Feb 22, 2016, 4:36:21 PM2/22/16
to HDDSuperTool Discussion Forum
My concern is that why does the tool produce different results set for running it repeatedly. If I run wd_royl_dump_mod_all script repeatedly with the same device, without changing anything, the the 3 module module21, module22 and module6f gets changed. That means our tools is reading different data at the same address without any change. Any idea??
Scott Dwyer
Feb 22, 2016, 5:41:22 PM2/22/16
to HDDSuperTool Discussion Forum
I am attaching a script that can read a single mod by choice, and process it. Make sure to use "0x" before the mod# (example 0x22). This output will show the checksum read from the module and also calculate the checksum and show that (along with the word good or bad), so that you can see if they match. I read mod21 and mod22 a couple times on a drive, and both times the checksum was good, but it changed between reads indicating that the data did indeed change. But it is up to you to figure out why. I am only providing the tool to show the checksum so you can see that the reads are good or not.
Reply all
Reply to author
Forward
0 new messages