Hacking a Seagate hard disk

I will document here how to hack a Seagate hard disk that ran into one of these annoying firmware bugs that affected the Seagate Barracuda 7200.11 series lately. If you want to know more about the background you may want to start with the first part of the story.

The friend who brought me the disk kindly came by the next day to help with the operation. According to the recipes I found here and here, we had to connect the hard drives service port to a serial console via a RS232-TTL converter. My friend prepared the RS232-TTL converter, brought a stable power supply as we needed 5V to operate. My task was to prepare the operating table, find a serial cable and a computer with a serial port, a two-pin-connector with wires and to get to know minicom.

So and here is how we did it:

RS232-TTL converter
RS232-TTL converter

First we connected the converter to the devices. The docking station of my notebook has a serial port, so I connected it via a serial cable to the converter. The three wires coming from the converter had to be connected the hard drive directly. We fixed the ground wire with a screw of the board. The Rx and Tx connectors had to be connected to the Tx and Rx connectors of the drive (so just cross them). Thats where we used the two-pin-connector. On the drive the pin next to the SATA connector is the Rx and next to this one is Tx. The other two are reserved and we did not need them.

img_6572

The most tricky part was about to be next. We had to interrupt the power supply for the motor of the platters but keep everything else connected properly. And it must be possible to remove this interruption during the operation. We unscrew all screws a little and pushed a piece of paper between the contacts of the board and the connector, and fastened the screws just a bit.

img_6577

So much for the preparation. Let’s start. Here is my minicomrc I used to communicate with the drives firmware:

$ cat minirc.seagateBug
# Machine-generated file - use "minicom -s" to change parameters.
pu port             /dev/ttyS0
pu baudrate         38400
pu bits             8
pu parity           N
pu stopbits         1

Now we connected the the SATA power cable to the drive and let minicom establish the serial connection. And really, I got first contact with the drive:

img_6584Even the error codes the drive dumped to the screen were correct according to the recipe. So we were on the right track. Now it was just about to properly retype the commands into minicom and patiently wait for the drive to complete the commands. Here is a screenshot with some comments in it.

Hacking the firmware (commented)
Hacking the firmware (commented)

Then finally we were done. But we did not repair the drive, but only reactivated it. Now it can run into the same bug again any time (but only on startup, so we would notice). So we tried to prevent as many restarts as we could. The first thing I did was connect it to an external SATA-2-firewire case and use the first startup of the disk to backup all important data. The second thing I did was connect the drive to the onboard connectors of my workstation and boot from the firmware upgrade CD I downloaded from the Seagate website the day before and deployed the new firmware to finally get rid of the bug.

In the end the disk felt quite well back in its original machine. Fortunately we had nothing more to fix within the installed system (yes, it was the other operating system).

Btw. the commands we sent to the drive took serveral seconds each to process, so we had to wait for for them to finish. Disconnecting power too early would have broken the disk. Thats why I connected all vital systems to my UPS for this hack. If you happen to have such a Seagate drive, my deepest regrets to you and good luck for your recovery hack.

Repair MP3 files

And here comes the next post about a nice tool I found last night: mp3splt (yes, without “i”). It seems like my blog turns into a collection of tips about nice tools.

Anyway, the sound engineer of our choir sent me his USB stick via snail mail. He recorded our last gig with a hardware MP3 encoder which dumped some garbage into the MP3 file and even corrupted the filesystem. He could not copy or play it with his M$ system. So I was interested if it can be repaired.

It turned out to be very easy to fix. The filesystem was just done with a fsck.msdos -a. But for the MP3 file I needed a tool and found mp3splt. I decided to enforce to write new id3 tags and to cut the first 5 seconds and the quite a few minutes at the end of the recording (they were empty anyway). Btw. cutting MP3 files into pieces without to recode the material is the main purpose of this tool. So I just ran:

mp3splt -1 broken.mp3 00.05 118.00

This created a new and valid MP3 file with just our gig – thanks to the mp3splt authors.

Download YouTube Videos

Its been a while that I wrote my last post … seems to have been a busy time.

End of November 2008 I needed to download in entire Picasa Webalbum, so I looked for a nice solution for this. Today a colleague posted me a trick in IRC to easily download YouTube Videos. And right about this evening I needed this trick – need to have 2 short clips offline available.

Now I just want to share this feature. Its quite easy and should work with every browser that supports bookmaks.

The only thing you need to do is to bookmark this link:

javascript:if(document.location.href.match(/http:\/\/[a-zA-Z\.]*youtube\.com\/watch/)){document.location.href=’http://www.youtube.com/get_video?fmt=’+(isHDAvailable?’22’:’18’)+’&video_id=’+swfArgs[‘video_id’]+’&t=’+swfArgs[‘t’]}

Just add this link to your bookmark list (right-click > bookmark this link) and give it a nice name. When you are surfing on youtube and want to download the current video, just click this bookmark link and the video will be downloaded in the best quality – yes, it’s that easy.

I got this trick from a colleague but I also found an online source here.

Download Picasa Webalbum

Did you ever got an invitation eMail from a friend or a colleague to his Picasa Webalbum?

Well actually I do not use these online photo albums (yet). The nice thing about them is, you can show a huge pile of photos to someone without having to send him tens of eMails with 4 or 5 photos attached to each – depending on resolution, file format and the allowed size of attachments of the receivers mail server.

On Saturday, 2008-11-15, I had a concert with my gospel choir Profil and a professional photographer took photos of us. Liberally he offered to send me the images to put them into the gallery of our website. As I am a geek of course I asked for the images in their original resolution (maybe we want to use them in some print material).

Today I finally got an eMail from him, and guess what: He uploaded all the 240 images to his Picasa Webalbum. Its nice to see the slideshow online in the browser or to get a an overview in the thumbnail view. But I wanted to download the real data on my disk to work with it. On the website I did not find any link to download that stuff. I could click around to get the image in original resolution, but only one at a time and it took about 5 clicks to get the real download link.

Google itself told me to install Picasa on my system. Another blog described a way how to download the images with the Firefox plugin Downthemall. I also found a Java applet and a Mono application that could have done the job. But I didn’t want to install some big blob just to download some images from the net – this is insane.

Then, thankfully, I found this page. It provides a simple Bash script that can download Picasa Webalbums just by passing it the URL. It even knows about nested albums and you can specify exactly what you want to download. The script is licensed under GPL3 or later so I’ll host it here as well (to never lose it). Just put it in your ~/bin folder or even in /usr/local/bin

Now assume you got a link to the Picasa album GNULinux of the user abhishek.amberkar. The link you got looks like this: http://picasaweb.google.com/abhishek.amberkar/GNULinux

All you have to do to download this album is this:

mkdir newPictures
cd newPictures
picasaweb-download http://picasaweb.google.com/abhishek.amberkar/GNULinux

See the linked site and the scripts help for the usage. It supports listings of albums and images and once you downloaded something you do not need to specify the full URL any more but can download the next album just by name. Veeeery cool. Thanks “Loïc Cerf” for this great script. Now its a matter of a few seconds to download enire albums.

Unplugged

On Tuesday night the amount of spam delivered to my server dropped to about the half of the former average. My mailserver was still doing well as there were still eMails coming in. But some hours after my discovery I found the explaination in an article of the famous german online and print IT publisher heise.

The two main ISPs of the American hoster McColo pulled the plug of his internet connection. Based in California McColo supposably gave refuge for master servers of several spam bot nets. The Washington Post covered this story as well. According to IronPort, spam levels fell by 66% in this night.

It’s a pity for all reputable customers of McColo’s – sorry, but I welcome this action. I hope you’ll quickly find a new hoster.

Some months ago I set up mailgraph on my server. Mailgraph is nice mail log analyser and visualiser. It watches Postfix or Sendmail log files and creates daily, weekly, monthly and yearly graphs. I regularly check these graphs. So I discovered the unusual low mail reject rates Tuesday night already. And even days later the spam levels stay at that level. Here is my weekly graph two days after McColo went offline:

Mailgraph two days after McColo's internet connection was cut
Mailgraph two days later

But I wanted to have my own numbers. So I quickly did some calculations and compared the first McColo-offline-day (Wednesday) numbers with the former average:

  • overall connections to my mailserver dropped to 48%
  • overall rejects as well are at 48%
  • rejects because of invalid helo hostname even are at 44%
  • mail rejects from known spam sources are down to 38%
  • rejects because of invalid recipient fell to 50%

Now it even got more interesting monitoring the statistics to find out when the spam rates start to rise again. Somehow I doubt that the bot net creators will fail to even get parts of their system back under control.