Disclaimer: This is an independent project attempting to get a Western Digital My Passport drive to work in Linux. It is in no way sponsored by or connected with Western Digital. My research is based around sending SCSI commands to the drive to unlock it. Although I intend to take every precautions in verifying that the commands sent are the same as generated by the WD utilities, sending raw SCSI commands can be dangerous. You could brick your device, void your warranty, or worse. Use any of the information contained in this repository at your own risk, I accept no responsibility.
The Western Digital My Passport drives are available in sizes from 500G to 2TB. The drives contain hardware encryption, but the software to control this hardware was released only for Windows and OSX. Unlocked they act as a standard USB drive under any OS.
When encrypted/locked the drive will mount a virtual CDROM disk with an unlock utility. This unlock utility generates the required SCSI commands to unlock the disk.
This repository will start with simply unlocking a device already setup in a supported OS, and could later be expanded to changing passwords, enabling encryption and other features of the utilities.
Plug in the drive in Linux and give it a few seconds to settle.
In a terminal run: dmesg | grep sg | grep "type 13". This should return
one line that contains an sgN where the drive is connected. Remember this value.
Create a password.bin file by using the cookpw.py script. More information
will be included below on how it works, but for now just run:
./cookpw.py <password> >password.bin
Verify your password.bin is exactly 40 bytes.
Install the sg3_utils package for your distro.
Run the following command to unlock your dive, replace sgN with your value:
sg_raw -s 40 -i password.bin /dev/sgN c1 e1 00 00 00 00 00 00 28 00
There is currently no indication that this works, I'm working on a script to show the status. Simply try to mount the partitions.
User passwords are first salted, then converted to Unicode, and finally run through a hashing algorithm many times. This is called key stretching and can be used to make brute-forcing the key more difficult when you have the hashed key. In this case if you have the hashed key you have the actual key, so I'm not sure it provides much benefit.
The salt used in the password is the string "WDC.". At the drive level this can be configured and is stored in the configuration section of the disk. At the software level this value is hard-coded in multiple places, so it's unlikely to change.
The number of iterations is also configurable at the drive level. The default is 1000 rounds. The hashing algorithm used is SHA-256.