Extracting the HD password from an XBox hard drive
The XBox harddrive uses a fairly old but relatively unused set of security
commands to prevent easy access to it's built in drive. However, since the
password system does not specify any form of challenge/reply system the
password is transmitted in "clear" form. Thus with the right equipment and
a little bit of patience you can easilly read the values.
The ATA spec provides a command labeled SECURITY UNLOCK (command code 0xF2)
which provides a means for passing a 32 byte password to an IDE drive in
order to unlock it. There are two passwords, a master and a user password.
The xbox uses the user passord.
To get to the password you need at least 22 (preferrably 23) probes.
DD(15:0) -- data pins
CS(1:0)- -- Chip Select
DA(2:0) -- Device Address
DIOW- -- Device I/O Write
DIOR- -- Device I/O Read (optional)
When dealing with hardware you need to realise that there is a difference in
the voltage level of a line and the line's meaning. For the "standard" wire
the low voltage condition (usually 0V) corresponds to binary 0 and the high
voltage condition (2.7V, 3.3V, 5V, 12V, or whatever) is binary 1. There are
signals that are "negative logic" in which case the oposite is true: 0V ==
binary 1, +xV == binary 0. The ata spec uses the symbol 'A' (for asserted)
to indicate the high voltage condition, and the symbol 'N' (for negated) for
the low voltage condition.
The CS0-1, DIOW, and DIOR lines are negative logic, which is indicated by
the '-' mark after their names (above and in the spec).
There are several registers in the ATA spec, they are addressed by the
combination of the CS and DA lines. Several of these registers have
different meanings depending on whether they are read or written, the write
meaning is shown first. The values for these registers are:
cs1- CS0- DA2 DA1 DA bits Name
0(A) 1(N) 1(A) 1(A) 0(N) 8 Device Control Reg./Alt. Status Reg.
1(N) 1(N) X X X 16 Data Port
1(N) 0(A) 1(A) 1(A) 1(A) 8 Command Reg./Status Reg.
1(N) 0(A) 1(A) 1(A) 0(N) 8 Device Reg.
1(N) 0(A) 1(A) 0(N) 1(A) 8 LBA High Reg.
1(N) 0(A) 1(A) 0(N) 0(N) 8 LBA Mid Reg.
1(N) 0(A) 0(N) 1(A) 1(A) 8 LBA Low Reg.
1(N) 0(A) 0(N) 1(A) 0(N) 8 Sector Count Reg.
1(N) 0(A) 0(N) 0(N) 1(A) 8 Feature Reg./Error Reg.
1(N) 0(A) 0(N) 0(N) 0(N) 16 Data Reg.
The value to be placed in the register is passed on the DD lines (the data
lines). When setting an 8 bit register the low bits in the data lines (0-7)
The XBox appears to use a standard method for sending ata commands to it's
drives. The SECURITY UNLOCK command doesn't require the use of the sector
count, LBA low/mid/high, or features registers, but they get cleared anyway.
The only register that we are really interested in, to begin with, is the
command register. What we need to do it setup our logic analyzer to trigger
(start capturing) when the command register is written to with a value of
0xF2. The method for doing this is dependant on your analyzer, RTFM. So,
CS1 == 1
CS0 == 0
DA2 == 1
DA1 == 1
DA0 == 1
DIOW == 1
DD(7:0) == 0xF2
At this point the XBox has written the command 0xF2 (SECURITY UNLOCK) to the
drive, which is now expecting the recieve the password over the data lines
in subsequent writes. The mode used to transfer the data is called "PIO
data-out" and transfers 512 bytes of data (that's 256 16 bit writes) over
the data lines, controlled by bits in the Status register. There is a good
diagram in the ATA spec showing the transfer process, and you are encouraged
to have it on hand when going through this the first time (the latest ATA
specs can be found at www.t13.org).
The data to be transferred is:
word #0: bit 0 == 1->Master password, 0->User password
bits 15-1 == reserved (these were 0 in my case)
so the whole data word was 0x0000
word #1: first two bytes of password
word #2: second two bytes of password
word #16: last two bytes of password
words #17-255: reserved (these were all zero in my case)
The transfer does not begin immediately. The device (the ide drive in the
xbox) must first signal that it is read to recieve the data. In the PIO
modes this flow control is done through the Status Register. The bits in
the 8 bit status register are:
bit 7: BSY Busy (the device is busy)
bit 6: DRDY Device Ready (the device is accepting commands)
bit 5: DF Device Fault (device is unable to complete the command)
bit 4: # (Command Specific)
bit 3: DRQ Data Request (device is ready to transfer data)
bit 2: --- Unused (Obsolete)
bit 1: --- Unused (Obsolete)
bit 0: ERR Error (an error ocurred while processing a command)
The transfer of data to the drive cannot occur until BSY == 0. You will see
(if you are watching the DIOR line) that the xbox is polling that register
waiting for the bit to clear. When it does the xbox will begin transferring
the data bytes to the drive.
It is worth while for me to note that on high speed analyzers you will see
the logic lines drift from their previous value to the new value. This is
*normal* and is due to the capacitance of the data bus. You need to be
looking at the stable signal, not at the (possibly multiple) transient
values which occur during the change. This is the reason for the DIOW-
line, to tell the device when the data lines are stable. Slower measurement
devices will (probably) not see these transient results. If you are
unfamiliar with such highspeed devices this can be confusing :)
Options for those without a logic analyzer
I have had a bunch of questions centered mainly on how to do this without
the analyzer or some other specialized equipment. Generally my answer is:
you probably can't. I *seriously* doubt that any generic input device on a
PC can be read at anywhere near the speed required.
If someone really wants to try, my suggestion is to start with the parallel
port. I do not know that much about the parallel port, but you may be able
to program it to read the data at a sufficiently fast rate. It appears to
have at least 9 input lines, (though some are inverted) which can be used to
read the pins on the ide cable. You would have to dedicate 6 of these pins
to the control signals (CS(1:0)-, DA(2:0), and DIOW-), and could use the
other 3 to gather data from the DD pins. This would, of course, require
multiple runs to gather all of the 16 bits for each word in the password.
The two primary questions I can't answer are the capacitance of the input
pins on the parallel port, and the speed with which they can be polled. If
the capacitance is too high you will be ruining the ide signals, and the
xbox will almost certainly not be able to communicate with the drive at all.
If that is the case it may never get to the stage of trying to transfer
the password to the drive (worst case is it could overheat the IDE
controller chipset). If the read speed is too low then you will not be able
to get all of the state changes, and will probably not be able to read
anything of use. My *guess* as to the lowest possible read rate is
somewhere around 25MHz. At this rate you will probably miss some of the
DIOW line changes, but should be able to see all of the actual data bus
If you decide to try this, verify it works on some other drive before using
your xbox drive, as I have no idea what kinds of problems might come up if
Good luck, and happy hacking.