Beyond eXtreme Forensics Update 3Q / 2016 by Alvaro Soto
-
Upload
ec-council -
Category
Technology
-
view
88 -
download
0
Transcript of Beyond eXtreme Forensics Update 3Q / 2016 by Alvaro Soto
© Legal Disclaimer…
CopyrightDisclaimerUnderSec6on107oftheCopyrightAct1976,allowanceismadefor"fairuse"forpurposessuchascri6cism,comment,newsrepor6ng,teaching,scholarship,andresearch.FairuseisausepermiDedbycopyrightstatutethatmightotherwisebeinfringing.Non-profit,educa6onalorpersonaluse6psthebalanceinfavoroffairuse.Allmaterials/trademarksusedinthispresenta6onbelongtotheirrespec6veowners.
What we do in Forensic Lab…
What we do in the forensic lab…
Goals for this update from the lab...
Takeaquicklookaround:
• Share“storiesfromtrenches”• Giveanawarnessofpoten6alissues/fixes• GiveyousomeresourcesforR&DandFunJ• Ques6ons/Answers…
AlvaroAlexanderSoto-LabDirector/[email protected]
HDD Storage components review.
HDD Storage components review.
Our main resources… and suggesBon for you to use too..
AlvaroAlexanderSoto-LabDirector/[email protected]
IoT / Firmware everywhere… but…
AlvaroAlexanderSoto-LabDirector/[email protected]
Inside HDD… Diags..
• SAcorrup6on..• Motorstuck..• Heads..• Electronics..• Scratches..• ESD• Sounds/Clicks• Naturalelements…
SA in somewhere…NegaBve Tracks..?
• -1FFFFh• -2FFFEh• Etc…
Seagate DiagnosBc Serial Port
Tools..
SA vulnerability / Fix…
• ATAPwd• Change/Off-H• HPA/DCO• Malware/Codeinjec6on• Hiddendata/Tools• S/N• ….
Tools / RE Cracks / Filesystem Hacks
Sample Scenario: Data theQ problem..
• SEDHDDsolu6onshererightnow!!!
• Reallyasolu6on?.....
• Letstakealookaround…
SED HDD
SED HDD
Playing Cops and Robbers
• BIOSMods
Job Done…lets go back to home
Resources • hDps://www.itosaka.com/WordPress/wp-content/uploads/2009/07/Seagate-Diagnos6c-Command.pdf• hDp://openocd.org/
AlvaroAlexanderSoto-LabDirector/[email protected]
THANKS!!!
Q&A–Experiencesharings...