HDD Firmware Hacking
jsploit
167 points
20 comments
May 14, 2026
Related Discussions
Found 5 related stories in 107.0ms across 8,303 title embeddings via pgvector HNSW
- Remote Firmware Injection in Popular Solar Inverters mrlnstk · 13 pts · March 04, 2026 · 52% similar
- Remotely unlocking an encrypted hard disk janandonly · 112 pts · March 05, 2026 · 51% similar
- Codex Hacked a Samsung TV campuscodi · 234 pts · April 16, 2026 · 49% similar
- My first in-prod corrupted hard drive problem r1chk1t · 41 pts · May 08, 2026 · 47% similar
- CPU-Z and HWMonitor compromised Wingy · 122 pts · April 10, 2026 · 46% similar
Discussion Highlights (9 comments)
morpheuskafka
This article might be handy for someone interviewing at that firm (Red Balloon) that sends you a "weird" hard drive as the interview CTF? I still have it sitting around but it arrived around finals season so I never really looked at it, but since they bothered to send a whole drive and SATA-USB adapter, it obviously must have something to do with the drive itself. If someone had a ton of money, it would be funny to just send the thing to a data recovery lab, have them swap the platters onto an unmodified model and get a raw image of the data to work with. (Or maybe the key is hidden inside the drive firmware chip itself?)
boricj
There's also another very good series of articles about hacking the firmware of a HDD, with modifications of /etc/shadow hashed passwords: https://spritesmods.com/?art=hddhack
throw0101c
Congrats OP, you can work for the NSA: * https://www.cbc.ca/news/science/nsa-hid-spying-software-in-h... * https://www.wired.com/2015/02/nsa-firmware-hacking/ :)
Modified3019
Related, someone decompiled Samsung’s 840 EVO ssd firmware, before Samsung later started encrypting it: http://www2.futureware.at/~philipp/ssd/TheMissingManual.pdf Came across it looking how to deal with multiple different samsung drives caught in bad states due to shitty firmware. My original salty post warning about vendor branded Samsung drives on eBay is here: https://news.ycombinator.com/item?id=37165189
monocasa
Since this is xb360, this is SATA rather than IDE, but in a similar vein I am really looking forward to my PicoIDE to play with adversarial hdd controllers in real systems.
turpentine
The obfuscation hardware vendors do is so trivial, why do they even bother? One of the current vendor provided consumer SSD firmware update utilities for Linux as a live-usb decrypts the firmware and writes it out to disk decrypted before uploading it, so simply using seccomp to fail a rmdir syscall nets you the decrypted version without having to reverse engineer any of the updater/decryption code. I deleted my own negative rant about SSD manufacturers not opting in to lvfs/fwupd when drives have a high risk of bricking without firmware updates.
ElenaDaibunny
The fact that vendors still ship firmware with trivial obfuscation in 2026 is wild. I wonder how many data recovery shops already reverse-engineer these routinely but just don't publish.
system7rocks
One of my favorite things to do is update the firmware of devices. I know it is often ill-advised because if it is working fine, why risk something going wrong? But it’s kind of fun to imagine gaining tiny speed increments with optimizations. I like to do it on Fridays - Firmware Fridays - vacuum cleaners, hard drives, motherboards, ip cameras, Apple IIGS expansion cards, Bluetooth scales, and on and on.
self_awareness
A similar project: https://agaccount-stack.github.io/ASM1166_hang_fix/ But instead of hard drivers, this patches the firmware of a cheap disk controller and changes its behavior.