Unlock HDD that are locked after Secure Erase

Undefined Programming

Unlock HDD that are locked after Secure Erase

I normally rely on Synology to do secure erase procedure on any HDD before storing or selling them. I now wish I didn’t as the drive may get locked, so I’ve wasted alot of time to test a bulk of HDD I have done in the past to ensure that they are not locked. Synology should provide a visual aid if the HDD is still locked, and provide a means to prevent the security lock still in place.

Symptoms

In Windows you get the ‘Data error (cyclic redundancy check).’ error, while the Mint Linux would ask for the password for that particular drive.

Manufacture Master Password

These are the commands you needs, but first you need the master password on which ever HDD manufacture you are using. There is a list of passwords from Forensics Wiki

  • Western Digital: WDCWDCWDCWDCWDCWDCWDCWDCWDCWDCWD
  • Maxtor: Maxtor*INIT SECURITY TEST STEP*F (* means 00h)
  • Seagate: Seagate
  • Fujitsu, Hitachi, Toshiba: 32 spaces
  • Samsung: tttttttttttttttttttttttttttttttt
  • IBM:
    • CED79IJUFNATIT
    • VON89IJUFSUNAJ
    • RAM00IJUFOTSELET

Command

Drive Information

sudo hdparm -I /dev/sd[drive letter]

Switching ‘Locked’ into ‘Not Locked’

hdparm --user-master m --security-unlock [Password] /dev/sd[drive letter]

Switching ‘Enabled’ into ‘Not Enabled’ security lock

hdparm --user-master m --security-disable [Password] /dev/sd[drive letter]

Synology

If you still got your Synology, you can telnet into the system.

o [IP Address] [port]

example

o 192.168.1.100 23

Use your admin account to login to the system.

List all drives

cat /proc/diskstats

Find the drive that you wish to poll, then use this command to find which drive letters available could be ‘sda’, ‘sdb’ and so on.

Drive information

sudo hdparm -I /dev/sd[drive letter]

You want to gather the drive information, you only need to look at the security section (near bottom), if it’s says the following ‘enabled’, ‘locked’ and ‘Security level high’ which mean it’s locked.

Now run the disable and unlock command

hdparm --user-master m --security-unlock [Password] /dev/sd[drive letter]

hdparm --user-master m --security-disable [Password] /dev/sd[drive letter]

Check the drive information again, you should see ‘not enabled’ and ‘not locked’ and the security level high message disappeared.

Linux Mint Distribution

If you don’t have an Synology you can use a bootable Linux Operating System, I recommend Linux Mint download their popular edition “Cinnamon 64-bit edition” on their download page.

Please note that you connect the drive directly using SATA not via USB as I could not send the command correctly.

Get Rufus which is the best software to make bootable USB, it’s very tiny and very simple to use. I just download the portable version, and just loaded the ISO Image using the CD disk image icon next to “Create a bootable disk using”. Remember that all data will be deleted ensure you select the correct USB device to start with.

Boot that USB, and open terminal once Mint loaded.

Display drive information and check out the security section. For this example it was the only drive so I know it’s ‘sda’

sudo hdparm -I /dev/sda

You can see that the security is ‘enable’, ‘locked’ and ‘Security level high’.

Run

sudo hdparm --user-master m --security-unlock WDCWDCWDCWDCWDCWDCWDCWDCWDCWDCW /dev/sda

sudo hdparm --user-master m --security-disable WDCWDCWDCWDCWDCWDCWDCWDCWDCWDCW /dev/sda

 

Eventually you get this

To avoid using secure erase you can just send command to write the whole drive with zeros or random bit.
Zeros

sudo dd if=/dev/zero of=/dev/sd[Drive letter] bs=16k

Random

sudo dd if=/dev/random of=/dev/sd[Drive letter] bs=16k

Leave a Reply

Your email address will not be published. Required fields are marked *