mirror of
https://gitea.tendokyu.moe/eamuse/docs.git
synced 2024-11-13 18:10:55 +01:00
JS-based generator
This commit is contained in:
parent
9fd61d1453
commit
7104bb1390
@ -32,8 +32,6 @@
|
||||
<p>This can be bypassed either by extracting the password used, or by first powering on the Ring* system with the drive
|
||||
connected, then hotplugging the SATA data cable on the drive while keeping the drive powered.</p>
|
||||
|
||||
{% markdown %}{% include relative("~ata.md") %}{% endmarkdown %}
|
||||
|
||||
<details>
|
||||
<summary>Why does this work?</summary>
|
||||
<p>The following is the sequence of possible security modes for an ATA drive:</p>
|
||||
@ -254,6 +252,45 @@
|
||||
<p>This allows us full read-write access to the drive without ever knowing the password!</p>
|
||||
</details>
|
||||
|
||||
{% markdown %}{% include relative("~ata.md") %}{% endmarkdown %}
|
||||
|
||||
<h3 id="ata-gen">Generate drive passsword:</h3>
|
||||
<table>
|
||||
<tr>
|
||||
<td>Model number:</td>
|
||||
<td><input id="ata-model" placeholder="Type model number here"></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>ATA password:</td>
|
||||
<td><code id="ata-password"></code></td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
<script>
|
||||
function charset_index(x) {
|
||||
if (x == 0) return 0x55;
|
||||
const index = "/-AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz0123456789".indexOf(x);
|
||||
if (index == -1) return 0x55;
|
||||
return index;
|
||||
}
|
||||
|
||||
document.getElementById("ata-model").addEventListener("input", function () {
|
||||
password = new Array(32);
|
||||
for (let i = 0; i < 32; i++) {
|
||||
const a = charset_index(this.value[i] || 0);
|
||||
const b = charset_index(this.value[39 - i] || 0);
|
||||
if (i == 0) console.log(a, b, this.value[39 - i], this.value[39 - i] || 0);
|
||||
|
||||
if (i % 2 == 0)
|
||||
password[i] = (((i ^ a) & 0x1f) << 3) ^ ((b & 0x2e) >> 1);
|
||||
else
|
||||
password[i] = (((i ^ b) & 0x3b) << 2) ^ ((a & 0x66) >> 1);
|
||||
}
|
||||
|
||||
document.getElementById("ata-password").innerText = password.map(x => x.toString(16).padStart(2, "0")).join("");
|
||||
});
|
||||
</script>
|
||||
|
||||
<h2 id="windows">Windows Password</h2>
|
||||
<p>It seems silly to mention, but it's worth noting. <code>AppUser</code> will automatically log in, but if you need to
|
||||
log back in, or wish to login as <code>SystemUser</code>, you'll need the passwords.</p>
|
||||
|
Loading…
Reference in New Issue
Block a user