AltraMayor / f3

F3 - Fight Flash Fraud
https://fight-flash-fraud.readthedocs.io/en/stable/
GNU General Public License v3.0
2.55k stars 144 forks source link

Could vendor software and firmware be useful? #97

Open unfa opened 5 years ago

unfa commented 5 years ago

I'm working with a Chinese supplier of USB flash memory, we use f3 with a custom bash script to mass-test the drives.

I've recently found out there are so called "MP Tools" (Mass Production). These are programs that use some vendor-specific command to program a USB flash memory controller. They perform low-level formatting, can configure the drives to expose multiple separate drives (some read-only for example). They can also be used to configure the apparent size of the drive.

Often I get memory modules with 16 GB flash chips, that are used as 8GB chips (I guess they have bad sectors that prevent them from being used as 16GB drives).

Recently I was mistakenly given *GB drives where I expected 16GB ones and I discovered I can tell the drives to say they are 16 GB, even though they're not (I could also make them say they're 4 GB, while they're 16 GB - but who'd want that?).

I wonder if that's not a common scam technique.

Some of that Mass Production software is publicly available, and often contains binary firmware payloads that are being written to the drives.

The problem is - every vendor has their own version of the software that talks to their controllers. I wonder if this software and/or firmware could be useful in investigating the problem and countering it.

Maybe if enough of the MP Tools are collected and reverse-engineered we could come up with a unified flash memory programming tool that could really "fix" fake drives and do some other things too (like make your pendrives work as fairy lights by programming different LED flashing patterns... well maybe not.

What do you think of that?

Searching the Internet for "FC mptools" gives a lot of results with these vendor software packages: http://www.flashdrive-repair.com/2014/05/download-fc-mptool-v402-for-fixing.html https://www.softpedia.com/get/System/System-Miscellaneous/FC-MpTool.shtml http://www.flashdrive-repair.com/2014/05/fc-mptool-v305-repair-alcor-AU698x-controller.html https://tradownload.ws/results/fc-mptool-04-00-03.html http://repairusbfakes.blogspot.com/2010/02/step-by-step-instructions-to-reflash-to.html http://www.myblog.bloggybloggy.com/usb-key-fix-mptools-11-05-2008/

I've found a site that even has a catalog of these tools, sorted by vendor: http://www.flashdrive-repair.com/search/label/Flash%20Firmware

Unfortunately all of this software seems to only run on Windows.

AltraMayor commented 5 years ago

It is quite a project. I've added the tag "Help wanted" to this thread in the hope someone will pick the idea up.

brlin-tw commented 3 years ago

There's a Chinese made utility called ChipGenius that is able to detect the controller chip and the NAND chip of a pen drive(assumingly via proprietary protocols), we should really have a free software alternative that does the same.

unfa commented 3 years ago

There's a Chinese made utility called ChipGenius that is able to detect the controller chip and the NAND chip of a pen drive(assumingly via proprietary protocols), we should really have a free software alternative that does the same.

I think reverse engineering such software would be the only way to do this. And yes - I think it'd be amazing to have a unified piece of FOSS that can reprogram at least some of the most popular USB memory controllers.