Jump to content











Photo
- - - - -

Using G4D to wipe MBR of HDD


  • Please log in to reply
34 replies to this topic

#1 Technotika

Technotika

    Frequent Member

  • Advanced user
  • 419 posts
  • Location:United Kingdom
  •  
    United Kingdom

Posted 23 August 2010 - 06:22 PM

What's the latest? Well is all is looking very good at the moment apart from the latest quirk with a new laptop I need to build using "the project".

Seems like BIOS's really do make things tough for us bootheadz alright.

This latest HP8440P, will not build if the boot order was wrong and the inbuilt HP win7 loader started doing it's set up proceedure on the 250 HDD in the laptop.
Basically not until I have deleted all the partitions using my LIVE-XP, can I get the thing to build.

With this in mind for the menu entry specific to this build I was hoping I could use DD commands to wipe enough of the disk let it build.
I used the inbuilt BIOS based "disk sanitizer" for a split second on one that "hung" the boot process and that was enough to allow the build to carry on.

I have taken a look at some code that may help but I need some assistance getting it to work. I Know and have read it's very experiental, but being a g4d worshipper I would like to extend what I can do with it a bit more.

Firstly I found this

title wipe the MBR

dd if=(cd)/512zero of=(hd0) bs=512 count=1

pause

of course Hd0 would be my USB so that's no good, so my first question is how do I get it to wipe the HDD in the laptop (hd1)?
I expect a mapping command perhaps???

title wipe the MBR

map (hd1) (hd0)

map --hook

dd if=(cd)/512zero of=(hd0) bs=512 count=1

pause

Also is that code ok for my intended task?
Thanks team!
:)

#2 cdob

cdob

    Gold Member

  • Expert
  • 1469 posts

Posted 23 August 2010 - 06:37 PM

of course Hd0 would be my USB so that's no good, so my first question is how do I get it to wipe the HDD in the laptop (hd1)?

Why is USB mapped to hd0?
Do you boot from USB? Do you boot from CD?

Booted from USB and internal hd mapped to hd1:
title wipe the MBR (hd1)

dd if=(hd0)/512zero of=(hd1) bs=512 count=1

pause
Benefit, hd0 has to contain a file 512zero. This is kind of a minimal safety feature.
Store file 512zero only at USB. This dosn't kill USB drive. Be aware, this may kill another drive by accident.

#3 Technotika

Technotika

    Frequent Member

  • Advanced user
  • 419 posts
  • Location:United Kingdom
  •  
    United Kingdom

Posted 23 August 2010 - 06:47 PM

Of course USB is boot, forgot to add that, how do I acquire/create the 512zero file? Thanks

#4 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 16066 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 23 August 2010 - 07:03 PM

Also is that code ok for my intended task?


With all due respect ;) it seems to me like you have this special attitude :) to make things more difficult than actually needed.

I'll do one of my carpenter's comparisons :):
You have seen another guy:
  • take a plank
  • measure it VERY accurately with a meter and make a sign with pencil at exactly 1'4"
  • saw it at that measure, cutting a piece EXACTLY 1'4" long

Now you need a 2'8" piece of timber and your approach is:
  • take a plank
  • measure it VERY accurately with a meter and making a sign with pencil at exactly 1'4"
  • saw it at that measure, cutting a piece EXACTLY 1'4" long
  • take a plank
  • measure it VERY accurately with a meter and making a sign with pencil at exactly 1'4"
  • saw it at that measure, cutting a piece EXACTLY 1'4" long
  • glue the two pieces together :)

:)

The dd command (like most commands) has a syntax.
If you want to apply a command that you have found referencing a source (cd) and a destination (hd0):
dd if=(cd)/512zero of=(hd0) bs=512 count=1
you DO NOT change names to source and destination by re-mapping or whatever, you change the source and the destination in the command line (as cdob suggested :) )

I would make double and triple sure about having the right syntax, target and destination BEFORE using dd (and risking wiping the MBR of the "wrong" drive).

Compare with:
http://www.boot-land...showtopic=12094

Maybe a good idea would be to have a look at what you are going to wipe before, like:

cat --hex --skip=0 --length=512 (hdn)+1

cat --hex --skip=440 --length=4 (hdn)+1


Also, since most of the time hidden sectors are ALREADY 00's, using one of them as "source" could save you the need for a 512 bytes in size, zero filled file.

:)
Wonko

#5 Technotika

Technotika

    Frequent Member

  • Advanced user
  • 419 posts
  • Location:United Kingdom
  •  
    United Kingdom

Posted 23 August 2010 - 08:02 PM

Do you think I have plank envy or somut? ;)

Well
CODE

title wipe the MBR (hd1)

dd if=(hd0)/512zero of=(hd1) bs=512 count=1

pause


Seems like the ticket but still dont get this file thing 512zero how, where?

Please bear in mind we are drilling down into the depths of 0 & 1's I havent got a lot of idea bout?

#6 cdob

cdob

    Gold Member

  • Expert
  • 1469 posts

Posted 23 August 2010 - 08:24 PM

get this file thing 512zero

Run a hex editor, e.g. HxD http://mh-nexus.de/en/hxd/
Create a new file
press 1024 0 chars
save the file

#7 Technotika

Technotika

    Frequent Member

  • Advanced user
  • 419 posts
  • Location:United Kingdom
  •  
    United Kingdom

Posted 23 August 2010 - 09:22 PM

Hi thanks

Did that right I hope NEW FILES and PRESSED 10240 then saved the file as 512zero. Here it is >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

Is it OK?

I tested on my tested machines and said file not found the 512zero is on the root of USB HD0 - thanks!

#8 cdob

cdob

    Gold Member

  • Expert
  • 1469 posts

Posted 24 August 2010 - 07:12 AM

PRESSED 10240

No, 1024 0 is not 10240.
Press 1024 times the key zero.
Resulting file size should be 512 bytes.

file not found the 512zero

boot USB drive. Enter grub4dos command line: press c
run
ls (hd0)/
Which output do you get?

#9 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 16066 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 24 August 2010 - 08:59 AM

Run a hex editor, e.g. HxD http://mh-nexus.de/en/hxd/
Create a new file
press 1024 0 chars
save the file


;)


@Technotika
Are you sure you work in IT, and not as a carpenter?

JFYI:
fsz 512zero.dat 512
More:
http://www.911cd.net...o...=14189&st=9

Have you actually read how you DO NOT actually need a file? :)

:)
Wonko

#10 Technotika

Technotika

    Frequent Member

  • Advanced user
  • 419 posts
  • Location:United Kingdom
  •  
    United Kingdom

Posted 24 August 2010 - 09:45 AM

No I cant get at that web page - can you paste the relevant info

could do with out having to have a file ;)

#11 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 16066 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 24 August 2010 - 10:06 AM

No I cant get at that web page - can you paste the relevant info

could do with out having to have a file ;)


What do you mean "can't get to that page"?

This is the thread:
http://www.911cd.net...showtopic=14189

The link given previously is to post #10 on that thread.

You cannot access the 911CD forum? :)

I see . :)
There is a broken link.

I am still thinking that you need to work a bit on your google-fu, which is very, very low right now.

Or maybe it's lazyness? :)

There is this tool from the DSFOK package:
http://members.ozema...ware/index.html


Look at what you could have found with very little effort:
http://tinyurl.com/3yuma22

Link corrected, anyway:

http://members.ozema...ware/index.html


:)
Wonko

#12 Technotika

Technotika

    Frequent Member

  • Advanced user
  • 419 posts
  • Location:United Kingdom
  •  
    United Kingdom

Posted 24 August 2010 - 10:50 AM

sometimes mr W you drive me mental, I ask for something and you refer me to a whole world of forum entries or to a package YOU know alot about, expect "I" should know about as well, which I don't. In order to avoid a load of abuse I try and work out what I'm supposed to be looking at, get more confused than when I originally posted the original question. I am often trying to do lots of things at once and I cant always "wade" through or "decipher" what you want me to do but thats not your fault. Maybe you need to know.

There's no way I'm lazy I've nearly always gotten to where I want with this booting malarky and everything else.

There's no beef here, you have always sorted me out, and that's top of all things but sometimes, you can't always see things from my end.

That forum is blocked here.

I have dsfok now and looked at the examples is this what I need? Infact I have no idea. I cant see the MBR blanking option.
But now your going to make me feel like a massive "gump" now arnt you - AARRGHHH ;)

#13 cdob

cdob

    Gold Member

  • Expert
  • 1469 posts

Posted 24 August 2010 - 11:58 AM

I have dsfok now and looked at the examples is this what I need? Infact I have no idea.


JFYI:

fsz 512zero.dat 512



#14 dog

dog

    Frequent Member

  • Expert
  • 236 posts

Posted 24 August 2010 - 11:59 AM

Wonko says this will work:
fsz 512zero.dat 512
but that will just create you a file called 512zero.dat which is 512 bytes long and filled with zeros. You would still need to use grub4dos to dd it over an MBR to wipe that MBR.

or on xp you could use:
fsutil file createnew c:\512zero 512

Attached Files



#15 Technotika

Technotika

    Frequent Member

  • Advanced user
  • 419 posts
  • Location:United Kingdom
  •  
    United Kingdom

Posted 24 August 2010 - 12:46 PM

Hi and thanks for the tips I have got the file on root now, and this command in my menu

title wipe the MBR (hd1)

dd if=(hd0)/512zero of=(hd1) bs=512 count=1

pause

However the menu cursor keeps jumping over it as if there is a problem with suntax etc?

edit If I try in command line with USB inserted "error 17: cannot mount selected partiton"

#16 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 16066 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 24 August 2010 - 01:10 PM

Hi and thanks for the tips I have got the file on root now, and this command in my menu

title wipe the MBR (hd1)

dd if=(hd0)/512zero of=(hd1) bs=512 count=1

pause

However the menu cursor keeps jumping over it as if there is a problem with suntax etc?

edit If I try in command line with USB inserted "error 17: cannot mount selected partiton"


As said before you need to understand the syntax, ALWAYS, but EXPECIALLY when dealing with potentially destructive commands :).
  • (hd0) is a HARD DISK (whole disk, PhysicalDrive, hard disk drive, starting on first sector, CHS 0/0/1, LBA 0)
  • (hd0,0) is the First partition (volume, drive letter, filesystem, etc.,*usually* starting at CHS 0/1/1, LBA 63) on that hard disk

You are pointing to a Hard Disk and expect grub4dos to find a partition (or a file in it's filesystem)? :)

:)
Wonko

#17 Technotika

Technotika

    Frequent Member

  • Advanced user
  • 419 posts
  • Location:United Kingdom
  •  
    United Kingdom

Posted 24 August 2010 - 01:14 PM

ok well I didnt know that I thought it was going to destroy WHOLE DISK MBR not the PBR

So should it be this then ?

title wipe the MBR (hd1)

dd if=(hd0,0)/512zero of=(hd1,0) bs=512 count=1

pause


#18 cdob

cdob

    Gold Member

  • Expert
  • 1469 posts

Posted 24 August 2010 - 01:49 PM

Try
title wipe the MBR (hd1)

dd if=(hd0,0)/512zero of=(hd1) bs=512 count=1

pause


#19 Technotika

Technotika

    Frequent Member

  • Advanced user
  • 419 posts
  • Location:United Kingdom
  •  
    United Kingdom

Posted 24 August 2010 - 02:06 PM

thanks but the cursor still wont select the menu option as copied and pasted

live-xp
wipe the MBR
Build1234

flicks over the wipe option, wont let me select it?
:)

WIPE MBR

dd if=(hd0,0)/512zero of=(hd1) bs=512 count=1

pause

edit - HEY IT WORKS FROM THE COMMAND LINE - AWESOME - now to get it runing from menu???

HEY THANKS GUYS - SORTED - GOT IT WORKING FROM A CONFIGFILE Link

and then even better added it to the main menu entry I was wanting this for any way

title Build ELITEBOOK 8440

dd if=(hd0,0)/512zero of=(hd1) bs=512 count=1

pause

find --set-root /BOOT/nousb.ima

map --mem /BOOT/nousb.ima (fd0)

map --hook

root (fd0)

chainloader /io.sys

After pause can I add a message on the screen saying press any key to continue?????

OK I READ THE MANUAL - Another trick under my belt FLIPPING SWEET THANKS CHAPS!!!!!!
pause
grub> help pause
pause: pause [--wait=T] [MESSAGE...]
   Print MESSAGE, then wait until a key is pressed or T seconds has passed.

#20 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 16066 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 24 August 2010 - 03:45 PM

OK I READ THE MANUAL - Another trick under my belt FLIPPING SWEET THANKS CHAPS!!!!!!


You see, READing it helps a bit. :)

:)
Wonko

#21 Technotika

Technotika

    Frequent Member

  • Advanced user
  • 419 posts
  • Location:United Kingdom
  •  
    United Kingdom

Posted 24 August 2010 - 05:57 PM

FOR THOSE INTERESTED HERE IS MY QUICK "QUICK & DIRTY GUIDE" TO USING G4D TO WIPE A FIXED HDD USING USB FLASH AS BOOT DEVICE. CAUTION!

1. Extract this FILE to the Root of your G4D booting USB key.

2. To simply wipe the MBR of a PC..........

Add this.......

title WIPE MBR HD1
configfile /MENU LOCATION/MBRWIPE.LST

MBRWIPE.LST is to contain

dd if=(hd0,0)/512zero of=(hd1) bs=512 count=1

pause

Add another entry to go back to main menu.lst if you want

3. Add the command to pre cursor any other entry. Perhaps you have a stubborn partition structure on a disk that is causing you problems and you just want shot of the MBR to eradicate the problems. , then fire up a UTILITY of some kind.

title WIPE MBR AND START GDISK FLOPPY IMAGE

dd if=(hd0,0)/512zero of=(hd1) bs=512 count=1

find --set-root /win98.ima

map --mem /win98.ima (fd0)

map --hook

root (fd0)

chainloader /io.sys

CAUTION - THIS WAS TRIED AND TESTED SUCCESSFULLY ON A 1 HDD SYSTEM BOOTING OFF USB. IF YOU HAVE A DIFFERENT CONFIG. THIS COULD SMASH THINGS UP REAL BAD! USE ARM BANDS!

thanks to all help recieved on this matter - I couldn't have done it with out you.
I am now armed and really really dangerous. :)

#22 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 16066 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 24 August 2010 - 06:07 PM

An evolution of kids playing with matches...:)
....kids teaching other kids how to play with matches....:)

The Warning should be some thing like:

DO NOT, and I mean DO NOT even THINK of using this approach!

It is EXTREMELY UNSAFE, it means that anyone that casually gets his hands on the device will be put in a condition to inadvertedly wipe the MBR of the MAIN internal hard disk! :)

This menu.lst entry should be AT LEAST:
  • protected by password
  • show a warning notice before executing

:)
Wonko

#23 dog

dog

    Frequent Member

  • Expert
  • 236 posts

Posted 24 August 2010 - 08:49 PM

....kids teaching other kids how to play with matches

I lol'd :)

#24 tinybit

tinybit

    Gold Member

  • Developer
  • 1175 posts
  •  
    China

Posted 25 August 2010 - 12:50 AM

Using G4D to wipe MBR of HDD


To erase all the 512 bytes including the partition table? Why? Are you planning to make a virus?

#25 Technotika

Technotika

    Frequent Member

  • Advanced user
  • 419 posts
  • Location:United Kingdom
  •  
    United Kingdom

Posted 25 August 2010 - 04:00 AM

Somewhere near tika's house....................
:)




http://www.youtube.c...be_gdata_player




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users