0

So I wanted to create a fake 2TB USB flash drive (for comedic purposes only), and came across this question. Apparently someone bought a fake hard drive from China, and inside was a few nuts to give it some weight, and a (probably very low capacity) USB flash drive that had some sort of "looped mode".

Essentially what would happen was whenever you would write a large file (larger then the real capacity of the actual flash drive inside) it would "re-write" itself, AKA erasing itself and starting over, and continuing to do that until the file transfer was complete.

I was already able to make my USB flash drive appear as 2TB (made a Linux SH script, will provide if requested), but I'd really like to know how they are set to "re-write" themselves.

Thanks in advance! Leo

This question is different from the one here because I was requesting more detailed information on how these faked USB devices were set into "loop" mode. The other question was general information about fake USB devices.

Community
  • 1
Leo Takacs
  • 3

1 Answers1

0

From what I have seen, sellers modify the firmware of the controller on the drive.

Sellers are known to do one of the four:

  • Set a "loop back" mode, overwriting data when needed.
  • When over the actual capacity, write the data to a "dev/null" like area
  • When over capacity, ignore any further data (usually displays an error)
  • Change the file allocation table (FAT) on certain file systems.

I haven't been able to find anything on how this is done exactly, probably as it's a "trade secret". It's fairly easy to detect, because after the physical space has run out (the 1GB, 2GB, or 8GB chip), the files will be corrupted.

Web Links:

http://www.rmprepusb.com/tutorials/-fake-usb-flash-memory-drives

http://www.passmark.com/support/bit_fake_USB_detection.htm

dark_st3alth
  • 436
  • 2
  • 11