Jump to content











Photo
- - - - -

MyDiskEraser


  • Please log in to reply
5 replies to this topic

#1 joakim

joakim

    Silver Member

  • Team Reboot
  • 912 posts
  • Location:Bergen
  •  
    Norway

Posted 15 April 2012 - 08:50 PM

Posted Image

File Name: MyDiskEraser
File Submitter: joakim
File Submitted: 03 Apr 2012
File Category: Security

So I decided to create my own disk eraser, and document how to do so. DBan (Darik's Boot and Nuke) is a popular and good choice, and I have used it before. But, I wanted to show myself it is not rocket science to create a specialized bootdisk for erasing/overwriting internal harddisks. In my case, since it is by far the most easy to customize, I wanted to use WinPE as base. WinPE 3.1 to be exact (based on Windows 7 SP1). So I needed a tool to do the actual disk erasing, and I decided to write one such myself. This one is of the simplest kind, and can only write 00's. That said, it is still to be proven unsufficient for datarecovery purposes. However, if you have top secret sensitive information that you are worried about someone being able to recover from a found disk sometime in the future (whenever and if, super advanced datarecovery methods unknown today, have been disclosed). So I guess you're safe for now. Or maybe you just want to clean out the disk before a fresh install. Anyways the basic tool I made uses at the core some winapi's like CreateFile, WriteFile and SetFilePointerEx, and is nothing fancy. But it is worth describing just how it works. And source is provided for those wanting to customize it further for their own need.

Description:
Based on what Windows version version the WinPE is based on, any mounted volumes will be dismounted before proceeding. And only volumes from fixed disks will be dismounted, with exception for wherever systemroot and the tool itself is located. Next the tool will attempt overwriting \\.\PhysicalDrive0 and up to 30. That means it will auto-erase all connected \\.\PhysicalDriveN. This tool was made for use in nt6.x based WinPE. Furthermore, protection is in place, to prevent any harmful actions from an accidental execution on a regular live system. I therefore added a special boot configuration, where you need to add the LoadOptions string "DiskEraser". To set this entry in your target BCD store run this command;


"bcdedit /store path\to\BCD /set {GUID} loadoptions DISKERASER"


When WinPE is booted with that boot configuration, it will be written into the registry, and that's where the tool identifies the correct environment for execution.
Now to configure all this to boot up and erase the HDD completely automatic wihtout the need for any interaction, we need to make the tool launch when booting is finished. Several ways exist, but the one I chose, was with startnet.cmd. Since that script is autoexecuted when present in System32 (unless overrided by winpeshl.ini), we just put the name of the tool into startnet.cmd so it looks like this;


MyDiskEraser.exe


Put the tool into System32 (inside boot.wim), or you have to specify the path to it inside startnet.cmd.

So what about performance?
Have not really compared it, except a few tests with DBan, for which it performed kind of equal. The actual disk writing was roughly the same, but the boot time of DBan was horribly slow, which slowed its process down considerably.

I take no responsibility for what you do with this tool, and you are expected to know what you're doing before using this.

Anyways, this was probably more meant like a tutorial than than a contribution of a highly advanced tool.

Click here to download this file
  • Nuno Brito likes this

#2 wimb

wimb

    Gold Member

  • Developer
  • 2290 posts
  •  
    Netherlands

Posted 16 April 2012 - 05:05 AM

Quite Interesting :)

Thanks for making and sharing such tool.

:cheers:

#3 steve6375

steve6375

    Platinum Member

  • Developer
  • 6728 posts
  • Location:UK
  • Interests:computers, programming (masm,vb6,C,vbs), photography,TV,films,guitars
  •  
    United Kingdom

Posted 16 April 2012 - 08:56 AM

Has it been tested on disks of over 2TB?

#4 joakim

joakim

    Silver Member

  • Team Reboot
  • 912 posts
  • Location:Bergen
  •  
    Norway

Posted 16 April 2012 - 09:47 AM

Has it been tested on disks of over 2TB?

No.

#5 Guest_Boot_Monkey_*

Guest_Boot_Monkey_*
  • Guests

Posted 14 June 2012 - 07:28 AM

I highly recommend you add the ability to issue the "Secure ATA Erase Command"

This would be your best feature. It's often used on SSD's to bring back the performance to the drive.

#6 Blackcrack

Blackcrack

    Frequent Member

  • Advanced user
  • 357 posts
  •  
    Germany

Posted 3 weeks ago

maybe a Gui for add at the mbr for setting up a Password by reading the record,
if not 3x correct, eraseing the disk .. kill the records,partitions and writing
the with 0 or other method

best regards
Blacky




2 user(s) are reading this topic

0 members, 2 guests, 0 anonymous users