User:Andy Crowd/sandbox/wipe storage
This article is not about wiping of a single file but about wiping the whole partition and/or a storage media. The most important parts is a gathering of the necessary information about storage physical geometry and passing it to the different command line program or other specialized scripts.
Make free disk space full with dd without errors
Fill in all free space with dd
without out-of-space errors by creating a single file that is suitable to use in loops:
In this example will be used /tmp/dd.to_del
as a destination. If the partition is mounted then df
command will show correct values where block size is 1024 and the amount of free blocks is 3357700.
$ df /tmp/ -P
Filesystem 1024-blocks Used Available Capacity Mounted on /dev/sdc3 8754576 4929116 3357700 60% /tmp
This will do two dd
runs, it uses /dev/zero
as a source, the first run fill free space up to 99,9% and second will fill in the rest. The array variable contains block size in ${FreeS[0]}
and available free blocks in ${FreeS[1]}
.
FreeS=($(df -P /tmp/ | awk '{if(index($0,"/") != 0){print $4}else{A=$2;I=index($2,"-")-1;print substr($2,0,I)}}')) dd if=/dev/zero iflag=fullblock count=$((FreeS[0]-1)) bs="${FreeS[1]}" of=/tmp/dd.to_del FreeS=($(df -P /tmp/ | awk '{if(index($0,"/") != 0){print $4}else{A=$2;I=index($2,"-");print substr($2,0,I-1)}}')) dd if=/dev/zero iflag=fullblock count=${FreeS[0]} bs="${FreeS[1]}" >> /tmp/dd.to_del
Links
frag_find - rec by Indigo
Verify
Check is any data left after filling haddisk with with zeros you can do with a hexdump utility. In the last line shows only a descriptor that device is ended.
hexdump /dev/sdXY 0000000 0000 0000 0000 0000 0000 0000 0000 0000 * eee00000
Wipe all known partition table descriptions
To remove all traces of the partitions parameters use the wipefs -a /dev/sdX
command and to reload/update information about partition tables use the partprobe /dev/sdX
.
Wipe free space by creating a file
Example for creation of a single file that takes all available free space.
ZZ=$(df /path_to_mounted_partition -B1 | tail -1 | awk '{print $4}') dd if=/dev/zero |pv|dd oflag=direct iflag=nocache of=/path_to_mounted_partition/filename count=$((ZZ * 2))
Use rar. Rar removes all created files due an error that makes it halt when data ends without EOF. Pre-test rar
ZZ=$(df . -B1 | tail -1 | awk '{print $4}') dd if=/dev/urandom bs=512 count=$((ZZ * 2))|pv| rar a -sistdin -p${RANDOM}"$(dd if=/dev/urandom bs=4086 count=1)" -v${RANDOM}m test.tmp
Anti SSD - destroy free space
#### # # Creates random encrypted files of the random predefined size # #### openssl enc -aes-256-ctr -pass pass:"$(dd if=/dev/random bs=128 count=1 2>/dev/null | base64)" -nosalt </dev/zero \ | 7z a -si -t7z -v${RANDOM}m -m0=lzma -mx=9 -mfb=64 -md=32m -ms=on -p"$(dd if=/dev/urandom bs=512 count=1)" test.file
Detect if it is a device or a partition of device and wipe
Use info about storages by getting data know by kernel
Uncomment commented to begin wiping of partition/harddrive
#!/bin/bash ZZ="$1" if [ -b $ZZ ];then CC='[0-9]+$'; PP=$(echo $ZZ | sed 's/[0-9$]//m') PyS=$(cat /sys/block/${PP##*/}/queue/physical_block_size) if [[ "${ZZ}" =~ $CC ]];then echo The $ZZ Is partition of the': ' $PP PStart=$(cat /sys/block/${PP##*/}/${ZZ##*/}/start) PSect=$(cat /sys/block/${PP##*/}/${ZZ##*/}/size) PSize=$((PyS * PSect)) echo PyS = $PyS , PStart = $PStart , PSect = $PSect , PSize = $PSize #openssl enc -aes-256-ctr -pass pass:"$(dd if=/dev/random bs=128 count=1 2>/dev/null | base64)" -nosalt </dev/zero \ # | pv -bartpes $PSize | dd bs=$PyS count=$PSect of=/dev/${PP##*/} seek=$PStart oflag=direct iflag=nocache ## write to partition found on hard-drive ##dd if=/dev/zero bs=$PyS count=$PSect | ##pv -bartpes ${PSize} | ##dd bs=$PyS count=$PSect of=/dev/${PP##*/} seek=$PStart oflag=direct iflag=nocache else echo The $ZZ is a device'!'; DSect=$(cat /sys/block/${PP##*/}/size) DSize=$((PyS * DSect)) echo PyS = $PyS , DSect = $DSect , DSize = $DSize #dd if=/dev/zero bs=$PyS count=$DSect| pv -bartpes $DSize | of=/dev/${PP##*/} seek=0 oflag=direct iflag=nocache fi; else echo Is not a block device'!' fi;
Getting info with fdisk
Prepare necessary info about storage for dd wipe from fdisk -l
output
St_info=($(fdisk -l /dev/sda | grep ^'Disk /'));D_Size=${St_info[4]};D_Sectors=${St_info[6]};Physical_Sec_Size=$((St_info[4]/St_info[6]))
With lsblk
Get info with lsblk -b -o SIZE
D_Size=$(lsblk -b -o SIZE /dev/sda | head -2 | tail -1); Physical_Sec_Size=$(cat /sys/block/sda/queue/physical_block_size); D_Sectors=$((D_Size / Physical_Sec_Size))
A basic knowledge about path for info
In the /sys/block/
keeps a warriors information about all known by kernel currently connected block devices but in some cases need to use the partprobe command to update it.
/sys/block/<disk>/<partition>/start /sys/block/<disk>/<partition>/size
Script by Andy
This is a simple script that uses known by kernel data about all currently connected storage block device to the computer. It reads data by patterns
For the storage disk
/sys/block/<disk>/queue/physical_block_size /sys/block/<disk>/size
For the partition
/sys/block/<disk>/<partition>/start /sys/block/<disk>/<partition>/size
The start
includes offset in the physical sectors from the beginning of the disk where a partition starts. The size
includes the size in the physical sectors of a partition or of the disk. To calculate the size in bytes of a partition or a disk you will need to multiply size
with the physical_block_size
.
wipemydisk.sh - on github
The script detects automatically if it is a storage block device or a partition on it passed to it the command line. If you will give a path to partition then it will destroy the partition including all data on it even meta data that used by the file system itself and you will not be able to mount it again without formating first. You can also use it without a command line just by defining path to the disk storage in the PathToDevice
variable. To begin wiping you will need to uncomment those parts that contains dd command, they represents in a commented blocks, one that uses openssl for creating patterns and another one uses zero as a pattern by getting input from the /dev/zero
device.