• Updated 2023-07-12: Hello, Guest! Welcome back, and be sure to check out this follow-up post about our outage a week or so ago.

Classic 4/40 with Silverlining 5.4 protected hard drive

petteri

Well-known member
I bought a new project even though I think Apple Macintosh Classic is a rather boring piece of hardware. It came with an ADB Mouse II and an Apple Keyboard II, nothing special there. The case is really yellow but on the hand the logic board is pretty clean. It had original battery and very minimal or no leakage from the capacitors.

Now the interesting part. After booting up from the hard drive the startup process halts right before loading the desktop and it asks password for the mac. In case of a mouse click it reboots. Starting up without extensions has the same behaviour.

I tried to boot it up from an external HD but as soon as I tried to mount the internal drive I got the same password prompt (but it didn't reboot if I dismissed the dialog, just didn't mount the drive). I haven't encountered such protection before but I found a thread about HD protection https://68kmla.org/bb/index.php?thr...-silverlining-password-protected-drive.33004/

I believe the contents of the hard drive are not really encrypted but this is some driver level stuff. Pretty interesting anyways how the SCSI driver is able to inject the password dialog even though the current operating system doesn't have any extensions for it. I attempted couple typical passwords and searched forums but no luck.

This Classic has a programmer's switch so it was time to try that. After several attempts I managed to bypass the protection. The trick was to start without extensions and then hit the switch when the password dialog appears. Then the dialog crashes with an error 28 and the mouse pointer freezes. But the desktop loads up now! It is possible to open folders and navigate around with the keyboard shortcuts. I found a Silver Volumes application which somehow re-enabled mouse pointer after launching it and didn't trigger the password dialog like other applications. At this point I could mount an external drive and copy necessary files from "protected" drive.

I think this simple bypass is only possible if the hard drive has a booting operating system and might not work with any other hardware combination.
 

petteri

Well-known member
Not really, the computer used to belong to some NGO so bunch of administrative documents. Straight to shredder.
 

Phipli

Well-known member
Could you use the computer (other disks) without the password? Or did it lock the whole thing up?
 

petteri

Well-known member
I used an external HD with an operating system to try out. It started up and worked fine but it refused to mount the internal HD without the correct password. I tried various SCSI tools like SCSI Probe and Lido but they either triggered the password prompt or gave an error.
 

Phipli

Well-known member
I used an external HD with an operating system to try out. It started up and worked fine but it refused to mount the internal HD without the correct password. I tried various SCSI tools like SCSI Probe and Lido but they either triggered the password prompt or gave an error.
Did you try installing a replacement driver on the disk without mounting it? I guess you did.
 

petteri

Well-known member
Did you try installing a replacement driver on the disk without mounting it? I guess you did.
No, didn't try that as I didn't want to modify anything yet. I still have the drive in the original state so I could have a go. Any specific tool you would recommend?
 

MrFahrenheit

Well-known member
No, didn't try that as I didn't want to modify anything yet. I still have the drive in the original state so I could have a go. Any specific tool you would recommend?

I usually use FWB Hard Disk Toolkit. For the Classic, and System 7, you should probably try:

 

petteri

Well-known member
I used FWB Hard Disk Toolkit 4.5.2 on my Beige G3 and I plugged the 40MB drive to its internal SCSI.

First I took a block image using Device Copy and saved it.

The partition list shows 4 partitions:

TitleNameTypeStart BlockSize (KB)
Partition MapAppleApple_partition_map131.5
Active SCSI DriverMacintosh_SLApple_Driver6416.0
<:Unreadable:>Mystery DriveApple_HFS040900
Free SpaceExtraApple_Free8189684.0

Next I attempted a driver update but it failed as there wasn't enough free space on the drive to complete the action. I guess the driver provided by FWB is too large for the 16 KB reserved by the original driver.

I will have a look at the block image and see if the contents of the drive are readable with modern linux disk utilities.

Edit: Well, running "strings" command against the block image revealed bunch of cleartext phrases from the documents. So I assume the whole the protection is just some driver magic.
 
Last edited:

Phipli

Well-known member
I used FWB Hard Disk Toolkit 4.5.2 on my Beige G3 and I plugged the 40MB drive to its internal SCSI.

First I took a block image using Device Copy and saved it.

The partition list shows 4 partitions:

TitleNameTypeStart BlockSize (KB)
Partition MapAppleApple_partition_map131.5
Active SCSI DriverMacintosh_SLApple_Driver6416.0
<:Unreadable:>Mystery DriveApple_HFS040900
Free SpaceExtraApple_Free8189684.0

Next I attempted a driver update but it failed as there wasn't enough free space on the drive to complete the action. I guess the driver provided by FWB is too large for the 16 KB reserved by the original driver.

I will have a look at the block image and see if the contents of the drive are readable with modern linux disk utilities.

Edit: Well, running "strings" command against the block image revealed bunch of cleartext phrases from the documents. So I assume the whole the protection is just some driver magic.
Do I remember Apple's HD SC Setup letting you overwrite a driver? I imagine that is quite a small driver.

Might be worth grabbing the patched (any disk) version and testing?

What Has me concerned that it won't work is that it doesn't seem to recognise the HFS partition "Mystery Drive"? Or is that what it is actually called?

If needed :
 

petteri

Well-known member
Do I remember Apple's HD SC Setup letting you overwrite a driver? I imagine that is quite a small driver.

Might be worth grabbing the patched (any disk) version and testing?

What Has me concerned that it won't work is that it doesn't seem to recognise the HFS partition "Mystery Drive"? Or is that what it is actually called?

If needed :
The "Mystery Drive" is the redacted name of the drive.
 

petteri

Well-known member
Alright, I downloaded a 100 MB blank HFS image from https://www.savagetaylor.com/downloads/downloads-macintosh/ and simply copied everything from 0 to 50176 bytes (there are bytes 42 44 and the HFS volume name is around there after those). Now I am able to mount this on linux with hmount and access the contents. Maybe it would work also on a real Macintosh if I would write back on the SCSI drive or similar...
 
Top