FEATURES:
---------
- Take an input hacked firmware and patch it to make firmware stealth
- Incorporates firmcrypt routines into the code (a little slower but
I hope with that somebody will not kill his drive because a forgotten
crypt)
- You will have the following options:
FULL STEALTH:
* All the reads (memdump) will read as 100% original.
NON STEALTH ON MODEB:
* It will read the real hacked firmware when you are on MODEB
(Not very useful for testing LOL)
NON STEALTH ON MODEB AND TRAY OPEN:
* When attached to windows if the tray is closed will read as
original, when you open it will read as real non-stealth
NON STEALTH ON MEMORY VALUE:
* It will lookup an Internal memory value to determine if should
be read as real or as original. You will need to POKE that
memory value before do the dump
ENSURE NO STEALTH:
* This option causes ALWAYS read as real hacked, not very useful
but here is it.
TECHNICAL INFO:
---------------
- Supports 32/36/40/46/47/58/59 versions and ALL present and future
XTREME HACK versions
- Protects the following ranges wich already are SAME_BYTE address
0X0001A0 - 0x000FFF all 0xFF
0X003000 - 0x003FFF all 0xFF
0x005000 - 0x005FFF all 0x74
0x03E800 - 0x03FFFF all 0x74
* That means that you can put your custom code on the above areas
(except the 5000-5FFF, read below) and the custom code will be stealth
- For other areas not covered on the above ranges a "Table of Differences"
is generated based on comparation of original Vs hacked, this is in order
to guarantee 100% stealth and reduce at minimum the data required for stealth
- It uses flash range 0x005000 - 0x005FFF for store stealth data and code
0x005000 - 0x005800 reserved for stealth code
0x005800 - 0x005FFF reserved for stealth data (Table of Differences)
* So on future Hacks dont use that Sections (they are mine, lol)
- If you are a hacker and plan to release something read APPENDIX
HOW TO USE / TEST:
------------------
CASE A) If you already have your drive flashed (any version of XTREME):
- Attach the drive to windows and make it detect it (Use 2 wire trick
or Open Tray on Power Up tweak)
- Do a dump of your hacked firmware on the drive with:
read.bat [your_drive_letter] hacked.bin
* The read.bat is included on the tools directory
- Open Hitachi Stealth-Maker App and select the file hacked.bin that you dump
* To do good test use NON-STEALTH ON MODEB AND TRAY OPEN option
- Click Generate, choose Output file name (stealth.bin by example) and away you go
- Once finished, take the ENCRYPTED file (suffix "-e.bin") and do the following 2
commands IN THAT ORDER (flasher's included on tools subfolder)
47flash [your_drive_letter] stealth-e.bin 90005000 1000
*dont advance until the above command executes without error (if error, retry)
47flash [your_drive_letter] stealth-e.bin 90033000 1000
*NOTES: * DO BOTH COMMANDS IN THAT ORDER !!!,
** On versions 32,36,40 and 46 you must use 46flash instead !!!
*** On versions 47 you must use 47flash instead !!!
**** On versions 59,59 you must use 59flash instead !!!
- If you dont mess any step then your drive is now STEALTH !!! give a try with
read.bat [your_drive_letter] dump.bin
*It must return the original firmware 100%
do it again but with tray open and you will get the real hacked.
- In case you need to RESTORE to un-stealth version you must restore the
sectors on inverse order, so first restore 90033000 and then 90005000
never flash the second sector before flashing sucessfully the first
one or you will brick the drive (no more windows detection) also ensure
to restore from a crypted version of your firmware.
CASE
If your drive is not flashed:
- Until Garyopa and other hackers implement this hack on their releases you
will need to do in 2 big steps:
- STEP 1: flash the xtreme hack you want (follow such instruccions)
- STEP 2: when you have tested it works simply do the stealth hack
as explained on CASE A)
APPENDIX - HOW TO IMPLEMENT ON CURRENT OR FUTURE XTREME RELEASES:
-----------------------------------------------------------------
- Do your homework and make a nice new featured xtreme version
- To avoid hybrids DONT work on an already stealth version, work on a
clean version
- Dont use 5000-5FFF sections, they are mine
- Before release, use this tool to patch your release with the needed
changes to make it stealth
- On the flasher routines (flash.bat) remember that you must flash
sectors 90005000 and then 90033000 in that order, never flash the
second sector before flashing sucessfully the first one or you will
KILL the read routine and brick the drive (no more windows detection)
- You can leave a DOOR OPENED I mean if you choose "Non Stealth on MODEB
and OPEN TRAY" you always will get the possiblity to read the real hacked
firmware on the chip (for verification purposes) but of course that
will leave the door opened for M$
- On the RESTORE routines (restore.bat) you must flash the sectors on
inverse order, so first restore 90033000 and then 90005000
never flash the second sector before flashing sucessfully the first
one or you will KILL the read routine and brick the drive
(no more windows detection)
Maximus Hitachi Firmware Stealth-Maker v1.3
Oct 6 2006, 09:45 PM
