The Hidden Partition

From ArchosDocs

Jump to: navigation, search

After you have opened your device and you have connected the hard drive to a computer running linux, run fdisk -l to list the connected hard drives. There is only one vfat partition visible in the fdisk output, this is the data partition of the device. Here is a sample output: 

Disk /dev/sda: 120.0 GB, 120031511040 bytes
x heads, y sectors/track, 14593 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Disk identifier: 0x00000000

   Device Boot      Start         End      Blocks   Id  System
/dev/sda1               1       14568     ...

Notice the end of the partition, it doesn't match the number of cylinders. Copy the last 25 cylinders with this command (change it according to your fdisk output): 

dd if=/dev/sda ibs=8225280 skip=14568 of=./archos-hidden-original
  • ibs= is the block size of the disk, it will probably be the same
  • skip= is the number of ibs-sized blocks to skip, in this case we want to skip the whole vfat partition. This number will probably be different if you don't have a 120GB drive.

Now the file archos-hidden-original contains an exact copy of the 25 last sectors of the hard drive. Changes you make to it will not affect your Archos. You can now mount the ext3 partition like this: 

mkdir archos-mount
mount -t ext3 -o loop ./archos-hidden-original archos-mount

Now you can see the content of the partition, notice the three cramfs volumes. 

$ ls -R
bitmapfs.cramfs.secure  HDD_STORE600.HDS  lang_el.alz  lang_it.alz  lang_sc.alz  licenses.pdf  NDX6.AVX             providers.xml         sst.dat
dc.dat                  lang_ar.alz       lang_es.alz  lang_nl.alz  lang_tc.alz  lost+found    opera_home           rootfs.cramfs.secure  upselling
etc                     lang_bg.alz       lang_he.alz  lang_ru.alz  lang_tr.alz  mtplib.bak    optfs.cramfs.secure  sc.dat

./etc:
bookmarks.txt  entered_urls.txt  ip_config_ssid  wpa_supplicant_ssid.conf

./lost+found:

./opera_home:
browser.js  cache4        global.dat  jsplugins     opcert6.dat  opssl6.dat   opuntrust.dat            secure   widgets
cache       cookies4.dat  input.ini   opcacrt6.dat  oprand.dat   optrust.dat  override_downloaded.ini  session

./opera_home/cache:

./opera_home/cache4:

./opera_home/secure:
wand.dat

./opera_home/session:

./opera_home/widgets:

./upselling:
upselling_dock_nodc.swf  upselling_dvbtstick.swf   upselling_dvrtraveladapter.swf  upselling_helmetcam.swf
upselling_dock.swf       upselling_dvrstation.swf  upselling_gps.swf               upselling_remotefm.swf


Some files of interest:

  • /etc/bookmarks.txt - Your bookmarks from the Opera browser
  • /etc/entered_urls.txt - Some of the URLs that you typed in manually in the Opera browser
  • /etc/wpa_supplicant_ssid.conf - Details about how to configure some wifi networks, including your plain-text passwords :)
  • /bitmapfs.cramfs.secure - A cramfs volume containing all the pictures for the user interface of the Archos.
  • /licenses.pdf - A copy of the GNU General Public License, Version 2, June 1991
  • /optfs.cramfs.secure - A cramfs volume mounted to /opt just after the device boots
  • /rootfs.cramfs.secure - A cramfs volume containing the filesystem mounted to /mnt/system. You can obtain most of its content from the official sources tarball available on archos.com. However, the avos binary has not been open sourced and thus this is the only way to obtain it.
Retrieved from "http://archos.g3nius.org/index.php/The_Hidden_Partition"
Personal tools