Jump to content











Photo
- - - - -

Using G4D to wipe MBR of HDD


  • Please log in to reply
34 replies to this topic

#26 karyonix

karyonix

    Frequent Member

  • Advanced user
  • 473 posts
  •  
    Thailand

Posted 25 August 2010 - 05:32 AM

thanks but the cursor still wont select the menu option as copied and pasted

live-xp
wipe the MBR
Build1234

flicks over the wipe option, wont let me select it?
:)

Up/down arrow keys skip non-bootable menu items.
Try left/right arrow keys.

#27 dog

dog

    Frequent Member

  • Expert
  • 236 posts

Posted 25 August 2010 - 11:43 AM

To erase all the 512 bytes including the partition table? Why? Are you planning to make a virus?

I use it for testing semi-unattended builds, it's quicker than deleting partitions during windows setup.
Malware would use dban...

#28 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 15190 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 25 August 2010 - 11:55 AM

I use it for testing semi-unattended builds, it's quicker than deleting partitions during windows setup.


I don't think anyone is saying that it is not useful, only that it is VERY, VERY dangerous if access to it can happen by mistake.

Personally, I don't see any problem in typing that (or a similar) command on command line, the very reare times I need it, my objection in just in having it "available without protection".

Murphy's Law will prove itself true, before or later. :)

Just like you don't leave a loaded gun, hammer cocked, you shouldn't have potentially destructive commands available without an even minimal protection.

:)
Wonko

#29 Technotika

Technotika

    Frequent Member

  • Advanced user
  • 419 posts
  • Location:United Kingdom
  •  
    United Kingdom

Posted 25 August 2010 - 01:29 PM

Well I now have it passworded and warnings too. I am not even making anyone aware that it's a function, it will only be used in the "rare" cases where the disk needs "blanking" to enable a build process to continue. And of course being the creator of the stick they will need to ring and ask for the password etc, then I can educate, warn, proceeding with caution.

#30 reboot12

reboot12

    Frequent Member

  • Advanced user
  • 248 posts
  • Interests:WinXP, Debian, OpenWrt, gPXE, iPXE, BIOS, UEFI, Coreboot, MS VirtualPC, VMware
  •  
    European Union

Posted 4 weeks ago

How to wipe more sectors. I started G4D from a pendrive and I'm trying to wipe the first 3000 sectors:

dd if=(hd0)/512zero of=(hd1) bs=512 count=3000

but this only zeroes first sector of 512 bytes :mellow:

 

P.S. To wipe the MBR (first disk sector), all you need to do is (not need the bs and count options):

dd if=(hd0)/512zero of=(hd1)


#31 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 15190 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 4 weeks ago

1) the first command means:

copy (exactly) from infile (source (hd0)/512zero) to outfile (target (hd1)) one sector at the time (block size = 512) no more than 3000 blocks (count=3000).

 

Since the source is in size only one block, it copies that.

 

2) the second command is fine in this case (and in this case only) because it says:
copy (exactly) from infile (source (hd0)/512zero) to outfile (target (hd1)) and the default blocksize is 512 and you copy the whole file which is 512 bytes only.

 

To blank 3000 sectors you either have a file made of 3000 sectors (or more) and dd that (but it will take 1500 KB of space on the device[1]) or you make a loop running 3000 times (with bs=512 optional and count=1 as well optonal) that will take a lot of time.

 

The "normal" (maybe better said "classic") dd in Linux (and also the dd for Windows by John Newbigin) can use a "virtual" "/dev/zero" device that can generate zeroes (as well as a "/dev/random") one but - unless i has been added recently - the grub4dos doesn't have one.

 

As a general rule, when using /dev/zero or /dev/random it is vital to use the count= switch to limit the output (as the input is infinite), and as well it is important whenever the source file is larger than intended target.

 

:duff:

Wonko

 

[1] since dd in grub4dos automatically decompresses gzipped files you can try with a 3000 (or more) sectors file 00ed and gzipped, so that it will be very small, a 1 MB (1048576 bytes) 00 file gzipped is about 1300 bytes, a 1500 KB one should be below 2000 bytes.



#32 reboot12

reboot12

    Frequent Member

  • Advanced user
  • 248 posts
  • Interests:WinXP, Debian, OpenWrt, gPXE, iPXE, BIOS, UEFI, Coreboot, MS VirtualPC, VMware
  •  
    European Union

Posted 4 weeks ago

So the only way to wipe 3000 sectors under GRUB4DOS is a 3000zero file and the command ??? :

dd if=(hd0)/3000zero of=(hd1)


#33 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 15190 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 4 weeks ago

 

So the only way to wipe 3000 sectors under GRUB4DOS is a 3000zero file and the command ??? :

dd if=(hd0)/3000zero of=(hd1)

 

No, as I just tried telling you.

 

You can use a loop 3000 times, but it will be slower.

 

If you prefer, if you really need to do it without preparation you can use a loop, but if you plan to do it regularly it would be faster and easier to have a 1536000zero file (possibly gzipped for convenience), to put this in perspective, this latter approach adds some 2000 bytes to the build, i.e. far less than what it would take to have a dedicated program.

 

Or you can find an area of the hard disk that is unused and all 00's for a more relevant number of sectors (a good candidate would be the area between sector 63 and sector 2048 on recent systems, normally they are all '00'sm but surely you can find strains of tens or hunfreds of sectora) and duplicate that.

 

Another approach is - still starting with the minimal 512zero file (or a single sector of all 00's on disk) as initial source, double amount at each iteration, i.e. something *like*:

 

 

dd if=(hd0)/512zero of=(hd1)0+1
dd if=(hd1)0+1 of=(hd1)1+1
dd if=(hd1)0+2 of=(hd1)2+2
dd if=(hd1)0+4 of=(hd1)4+4
dd if=(hd1)0+8 of=(hd1)8+8
dd if=(hd1)0+16 of=(hd1)16+16
dd if=(hd1)0+32 of=(hd1)32+32
dd if=(hd1)0+64 of=(hd1)64+64
dd if=(hd1)0+128 of=(hd1)128+128
dd if=(hd1)0+256 of=(hd1)256+256
dd if=(hd1)0+512 of=(hd1)512+512
dd if=(hd1)0+1024 of=(hd1)1024+1024
dd if=(hd1)0+952 of=(hd1)2048+952

 

which can be largely written as a simple loop in batch, that will need only 11 or 12 iterations.

 

:duff:

Wonko



#34 reboot12

reboot12

    Frequent Member

  • Advanced user
  • 248 posts
  • Interests:WinXP, Debian, OpenWrt, gPXE, iPXE, BIOS, UEFI, Coreboot, MS VirtualPC, VMware
  •  
    European Union

Posted 4 weeks ago

dd if=(hd0)/512zero of=(hd1)0+1
dd if=(hd1)0+1 of=(hd1)1+1
dd if=(hd1)0+2 of=(hd1)2+2
dd if=(hd1)0+4 of=(hd1)4+4
dd if=(hd1)0+8 of=(hd1)8+8
dd if=(hd1)0+16 of=(hd1)16+16
dd if=(hd1)0+32 of=(hd1)32+32
dd if=(hd1)0+64 of=(hd1)64+64
dd if=(hd1)0+128 of=(hd1)128+128
dd if=(hd1)0+256 of=(hd1)256+256
dd if=(hd1)0+512 of=(hd1)512+512
dd if=(hd1)0+1024 of=(hd1)1024+1024
dd if=(hd1)0+952 of=(hd1)2048+952

Oh no, too much typing :o
 
I made a gzip packed 3000zero file (1536000 bytes), I put the file in the G4D floppy bootable image g4d.ima and boot PC from this image over PXE. Now I can wipe 3000 sectors:

dd if=(fd0)/3000zero of=(hd0)

3000zero_gz_G4D.png wipe_3000_sectors_OK.png



#35 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 15190 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 4 weeks ago

Oh no, too much typing :o

Sure, hence the idea of making a batch out of it.

 

Anyway, I had a look around, and two pieces of "news":

1) it is possible to avoid the need of the "base" 00ed file (we can make it in memory)
2) it is even possible to wipe a number of sectors in a couple lines (and even as a oneliner but how many sectors are the limit for this latter is to be seen)

 

Info:

https://sites.google...zeros-or-spaces

 

Test/example batch:





!BAT
setlocal
echo This program will write 00''s to device sectors
echo BE AWARE that it could wipe the wrong device or location

set /a max=3000 > nul
set target=(hd1) > nul
set offset=0
echo target device %target% zero out %max% sectors from offset %offset%
pause
echo -n > (md)0xa000+1

set /a seed=1 > nul
echo dd if=(md)0xa000+1 of=(hd1)0+1
#dd if=(md)0xa000+1 of=(hd1)0+1 > nul

:ddloop
echo dd if=(hd1)0+%seed% of=(hd1)%seed%+%seed%
set /a seed=2*%seed%  > nul

if %seed%<=%max% goto :ddloop
set /a seed=%seed%/2 > nul 
set /a rest=%max%-%seed% > nul
echo dd if=(hd1)0+%rest% of=(hd1)%seed%+%rest%
#dd if=(hd1)0+%rest% of=(hd1)%seed%+%rest%  > nul

#Following few lines may be all that is needed
#but while they will work for a "reasonable" amount of sectors
#they may not be suitable for a larger amount

#set /a max=3000 > nul
#echo -n > (md)0xa000+%max%
#dd if=(md)0xa000+%max% of=(hd1)0+%max%

:duff:

Wonko






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users