Jump to content











Photo
- - - - -

Fast bootable alternative to DBAN


  • Please log in to reply
16 replies to this topic

#1 Alexander Ceed

Alexander Ceed

    Frequent Member

  • Advanced user
  • 207 posts

Posted 18 August 2015 - 11:44 AM

I'm looking for a fast bootable solution to format all the fixed drives in a machine. I managed to edit the DBAN image to automatically autonuke using the quick methd but it still takes like 2 hours at best, and I was thinking of something like 2 minutes or such. I do not care about data recoverability, not looking for secure wiping, just a quick wipe, like windows does.

 

Thank you.



#2 Rootman

Rootman

    Frequent Member

  • Advanced user
  • 243 posts
  • Location:USA

Posted 18 August 2015 - 02:58 PM

Perhaps a bootable Windows PE with a script using diskpart commands ?  It can delete everything on the entire drive in just a few moments.  If you limit what's on the PE it boot pretty fast.



#3 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 13750 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 18 August 2015 - 03:47 PM

You want to "format" or remove partition/volume info?

If you have no particular issues with wiping, you can just 00 out the MBR or optionally the MBR and all the bootsectors booting with grub4dos (and of course this will be faster booting than anything else and can easily be scripted).

 

:duff:

Wonko


  • pscEx likes this

#4 IAmTheTrueMeaningOfCovfefe

IAmTheTrueMeaningOfCovfefe

    Silver Member

  • Advanced user
  • 560 posts
  • Location:In hiding
  • Interests:An investigation is underway to determine whether Trump has any ties to America.
  •  
    United States

Posted 18 August 2015 - 04:53 PM

Download Partition Magic and boot it, you will see an Erase icon on desktop. Choose the "destroy GPT/MBR data structures" (or similarly named), then just for good measure choose the "zero out drive" option and let it run for a min or so then cancel.



#5 Alexander Ceed

Alexander Ceed

    Frequent Member

  • Advanced user
  • 207 posts

Posted 18 August 2015 - 05:45 PM

Download Partition Magic and boot it, you will see an Erase icon on desktop. Choose the "destroy GPT/MBR data structures" (or similarly named), then just for good measure choose the "zero out drive" option and let it run for a min or so then cancel.

 

That beats the purpose. The ideea is to quickly format.

 

You want to "format" or remove partition/volume info?

 

Removing the MBR would be fine and should be very fast comming from grub4dos. I'm mostly affraid that this will also remove the MBR from the USB drive that grub is booted from.

 

Could I trouble you for an example boot script?



#6 IAmTheTrueMeaningOfCovfefe

IAmTheTrueMeaningOfCovfefe

    Silver Member

  • Advanced user
  • 560 posts
  • Location:In hiding
  • Interests:An investigation is underway to determine whether Trump has any ties to America.
  •  
    United States

Posted 18 August 2015 - 06:09 PM

@ Alexander: Using Partition Magic is quick enough, booting into it and wiping only takes maybe 5 mins max. It removes the partition tables of both GPT and MBR disks, as well as well beyond the starting sectors. It wont touch any drive/partition that you don't explicitly tell it to mess with.If you want a full wipe then there are other bootable programs much faster than DBAN, DBAN is known for being extremely slow. Unless you're hiding info from the NSA DBAN is serious overkill. Wiping with another solution will likely take at least an hour, depending on the size of the drive. You can't realistically expect a full wipe to be finished in a few seconds.



#7 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 13750 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 18 August 2015 - 06:57 PM

That beats the purpose. The ideea is to quickly format.

 

Removing the MBR would be fine and should be very fast comming from grub4dos. I'm mostly affraid that this will also remove the MBR from the USB drive that grub is booted from.

 

Could I trouble you for an example boot script?

Well, you can use a set of commands in the menu.lst, making sure that the booted USB device is first disk (hd0).

99.99% of the times (since you boot from it) the USB device will be (hd0).

 

If we also assume that you have at the most 2 or 3 harddisk-like devices on any machine (besides the booted from USB stick), that could be (without particular complexities) something *like*:

 

title Wipe all MBR's but not (hd0)

set sig=0

cat --hex --skip=440 --length=4 (hd0)0+1 | set sig=

set sig=%sig:~10,11%

if not "%sig%"=="77 7B 99 E4" echo  Oh, oh, USB device is not drive (hd0) && pause && halt

partnew (hd1,0) 0 0 0

partnew (hd1,1) 0 0 0

partnew (hd1,2) 0 0 0

partnew (hd1,3) 0 0 0

 

partnew (hd2,0) 0 0 0

partnew (hd2,1) 0 0 0

partnew (hd2,2) 0 0 0

partnew (hd2,3) 0 0 0

 

 

partnew (hd3,0) 0 0 0

partnew (hd3,1) 0 0 0

partnew (hd3,2) 0 0 0

partnew (hd3,3) 0 0 0

....

 

Of course you need to use your own USB stick disk signature instead of "77 7B 99 E4", and of course instead of a series of partnew commands directly in the menu.lst, you could instead execute a separate grub4dos batch that could be more "flexible" than this simple approach (or provide more overwriting, like zeroing the whole MBR, etc.) .

The time needed should be measurable in seconds, not minutes

 

:duff:

Wonko



#8 Alexander Ceed

Alexander Ceed

    Frequent Member

  • Advanced user
  • 207 posts

Posted 19 August 2015 - 06:16 AM

Thanks Wonko, it works like a charm. 

I will take a look at scipting, sounds intriguing.



#9 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 13750 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 19 August 2015 - 08:47 AM

Thanks Wonko, it works like a charm.

Good. :)

I will take a look at scipting, sounds intriguing.


Check these to get some real life examples:
http://reboot.pro/to...n-as-1st-entry/
http://reboot.pro/to...l-for-grub4dos/
 
The setptn1.g4b is the one possibly more similar to what you want in the end, but it uses WENV, while the mbrview.g4b exists in two versions, the original making use of WENV and the new one using only (more recently added) internal grub4dos commands, of course there is nothing "bad" in using WENV, but it is a loaded module and represents however an unneeded complication/additional layer of complexity.
 
And coincidentally this thread here:
http://www.msfn.org/...-with-a-script/
more or less revolves around a similar enough topic.
 
:duff:
Wonko

#10 Alexander Ceed

Alexander Ceed

    Frequent Member

  • Advanced user
  • 207 posts

Posted 12 September 2015 - 12:43 PM

I need some help guys. I accidently used the script from wonko and deleted all my partition tables. I need to get them back.. Please help i dont have a computer anymore.. Right now i am typing from my phone. Ee

#11 IAmTheTrueMeaningOfCovfefe

IAmTheTrueMeaningOfCovfefe

    Silver Member

  • Advanced user
  • 560 posts
  • Location:In hiding
  • Interests:An investigation is underway to determine whether Trump has any ties to America.
  •  
    United States

Posted 12 September 2015 - 02:58 PM

I cant tell you how to get the table back, but if only the table itself is deleted and not the partitions, you may be able to get it back. Chances are low, this has happened to me and I never recovered my data, but then again I'm just really impatient and shortfused, clean install for me. Anyway, write no data to the drive whatsoever or you risk damaging whatever is there. I'm serious. Just stop trying to fix that PC until someone more experienced can advise. You may accidently do more harm than good.



#12 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 13750 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 12 September 2015 - 04:29 PM

I need some help guys. I accidently used the script from wonko and deleted all my partition tables.

Well, it did what it was supposed to do :ph34r: :(.

I need to get them back.. Please help i dont have a computer anymore.. Right now i am typing from my phone. Ee

You can still boot from the USB stick, don't you?
You can boot from it *any* Linux distro (or a PE if you have it) including TESTDISK:
http://www.cgsecurit...TestDisk_Livecd
http://www.cgsecurit...g/wiki/TestDisk
It should be easy to recover all your partitions if all that was wiped was the partition table entry, follow this:
http://www.cgsecurit...sk_Step_By_Step
If your disk(s) were partitioned originally under XP or previous leave options "as they are", if it was partitioned originally under Vista or later set the options:
http://www.cgsecurit...unning_TestDisk
http://www.cgsecurit...ki/Menu_Options
Cylinder Boundary: NO
Allows partial last Cylinder: YES

If you have doubts, ask for assistance/advise BEFORE doing anything that might make things worse.

:duff:
Wonko

#13 Alexander Ceed

Alexander Ceed

    Frequent Member

  • Advanced user
  • 207 posts

Posted 14 September 2015 - 08:57 PM

Thanks for your help guys. The script only killed my primary drive so the damage done was minimal, but it still is some damage. I used TestDisk, and it recovered only one partition out of two but it got the offset wrong, for instance I create the first partition to start at 64KB and TestDisk recovered it at 3500MB.



#14 Alexander Ceed

Alexander Ceed

    Frequent Member

  • Advanced user
  • 207 posts

Posted 16 December 2015 - 12:02 PM

Well the script is a success but I'm having some issues with truecrypt loader. It deletes the partitions but the truecrypt loader remains. Any way to remove that as well, and if so, could you post an example? I'm using dban right now as it is the only one capable of removing the loader.

 

Thanks


Edited by Alexander Ceed, 16 December 2015 - 12:02 PM.


#15 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 13750 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 16 December 2015 - 01:13 PM

Well the script is a success but I'm having some issues with truecrypt loader. It deletes the partitions but the truecrypt loader remains. Any way to remove that as well, and if so, could you post an example? I'm using dban right now as it is the only one capable of removing the loader.

 

Thanks

Overwite the affected sector(s) with some other sectors using dd or dd a file filled with zeroes.

http://diddy.boot-la...commands.htm#dd

 

Be careful, dd can be destructive, you MUST be sure to be using the RIGHT device as target.

Examples:

dd if=(hd1)20+16 of=(hd1)0+16

or

dd if=(hd1) of=(hd1) bs=512 count=16 skip=20 seek=0

 

should do (provided that the loader is in the MBR + a few hidden sectors and that 16 sectors at LBA 20 are empty), or use a pre-made file, see also:

 http://reboot.pro/to...mmadnline-mode/

 

Please note that if you dd a zeroed sector (or file) to the MBR, you are - in one single pass - also delete the four partition entries, as it was suggested to you earlier.

 

:duff:

Wonko



#16 Alexander Ceed

Alexander Ceed

    Frequent Member

  • Advanced user
  • 207 posts

Posted 16 December 2015 - 01:36 PM

Be careful, dd can be destructive, you MUST be sure to be using the RIGHT device as target.

 

It would be best If I could wipe hd1 but somehow protect the USB drive that grub booted from from being wiped. Am I correct in assuming the script beow will work as expected?

 

title (DD) Wipe MBR of first HDD
set sig=0
cat --hex --skip=440 --length=4 (hd0)0+1 | set sig=
set sig=%sig:~10,11%
if not "%sig%"=="C4 97 8C B6" echo  Oh, oh, USB device is not drive (hd0) && pause && halt
dd if=(hd1) of=(hd1) bs=512 count=16 skip=20 seek=0
configfile /menu.lst 

Edited by Alexander Ceed, 16 December 2015 - 02:05 PM.


#17 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 13750 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 16 December 2015 - 03:37 PM

Yes, but try it to make sure, you can use something like:



title (DD) Wipe MBR of first HDD
set sig=0
cat --hex --skip=440 --length=4 (hd0)0+1 | set sig=
set sig=%sig:~10,11%
if not "%sig%"=="C4 97 8C B6" echo Oh, oh, USB device is not drive (hd0) && pause && halt
echo dd if=(hd1) of=(hd1) bs=512 count=16 skip=20 seek=0
pause

And/or add more/different checks., *like* checking the first few bytes of the MBR (provided that the truecrypt loader or *whatever* has a definite sequence of bytes in some fixed place) so that only hard disks with the given values are actually overwritten, in any case (personally) I would additionally set something like displaying the output of a geometry command (or a cat --hex of the sector) and a request for the user explicit confirmation.

 

 

 

:duff:

Wonko






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users