Skip to content

Instantly share code, notes, and snippets.

@vbratkev

vbratkev/wipe.sh

Forked from UmbrielSecurity/wipe.sh
Created September 4, 2020 12:02
Show Gist options
  • Save vbratkev/47aa3d1d9f28f6147024e0f2ae86dc51 to your computer and use it in GitHub Desktop.
Save vbratkev/47aa3d1d9f28f6147024e0f2ae86dc51 to your computer and use it in GitHub Desktop.
Download ZIP

Revisions

  1. UmbrielSecurity renamed this gist Jan 12, 2017. 1 changed file with 0 additions and 0 deletions.
    0 gistfile1.txt → wipe.sh
    View file
    File renamed without changes.
  2. UmbrielSecurity created this gist Jan 12, 2017.
    189 changes: 189 additions & 0 deletions gistfile1.txt
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,189 @@
    #!/bin/bash

    # Tool declarations, modify as needed.
    AWK="/usr/bin/awk"
    CAT="/bin/cat"
    COMM="/usr/bin/comm"
    CUT="/usr/bin/cut"
    DATE=`/bin/date +%Y/%m/%d`
    DD="/bin/dd"
    GREP="/bin/grep"
    HEAD="/usr/bin/head"
    LSBLK="/bin/lsblk"
    SED="/bin/sed"
    SMARTCTL="/usr/sbin/smartctl"
    SED="/bin/sed"
    WC="/usr/bin/wc"
    XXD="/usr/bin/xxd"

    # Options for DD, bs=16777216 is recommened as it will usually keep the disk
    # buffers full, and improve performace.
    DD_OPTIONS="bs=16777216"

    # DD input file. Use /dev/zero for disk zeroing, or /dev/urandom for over-
    # writing with randomness (this takes much longer than zeroing)
    DD_IF="/dev/zero"

    CONFIG="~/.wipe.conf"
    WIPE_LOG="~/Documents/wipe.log"

    OPTIND=1
    PROGRESS=0
    INITIALIZE=0

    show_help() {
    echo "Disk zeroing utility (UmbrielSecurity)"
    echo "--------------------"
    echo
    echo " # ./wipe.sh ( ( -a | -d dev [-p] ) [-v] ) | ( -i | -h )"
    echo
    echo " -a Automatically detect target device"
    echo " -h This help message"
    echo " -d dev Specify the target device for wiping (required)"
    echo " -p Show progress"
    echo " -i Initialize the tool."
    echo " -v Validate after scanning."
    echo
    echo "Examples:"
    echo
    echo "Examples:"
    echo "# ./wipe.sh -d /dev/sdz"
    echo "# ./wipe.sh -i"
    }

    initialize() {
    if [ -e ${CONFIG} ]; then
    echo "Warning - existing configuration file will be overwritten."
    echo -n "Continue ? "
    read OVERWRITE
    if [ ! "x${OVERWRITE}" == "xy" ]; then
    echo "Quitting."
    exit
    fi
    fi
    ${LSBLK} -dno NAME > ${CONFIG}
    echo "Config file created with:"
    ${CAT} ${CONFIG}
    }

    automatic_detect() {
    KNOWN=`cat ${CONFIG} | sort`
    CURRENT=`${LSBLK} -dno NAME | sort`
    NEW=`${COMM} -23 <(echo "${CURRENT}") <(echo "${KNOWN}")`
    NUM_NEW=`${WC} -l <(echo "${NEW}") | ${AWK} '{ print $1 }'`
    if [[ ${NUM_NEW} -gt 1 ]]; then
    echo "WARNING: Found more than 1 new disk device. Choosing the first alphabetically."
    NEW=`${HEAD} -1 <(echo "${NEW}")`
    fi

    # Check for a new drive
    if [ -z ${NEW} ]; then
    echo "No new drives detected."
    exit
    fi

    DEV="/dev/${NEW}"
    echo "Found ${DEV}"
    analyze_drive ${DEV}
    exit
    }

    analyze_drive() {
    DEV=$1
    if [ -e ${SMARTCTL} ]; then
    MAKE=`${SMARTCTL} -a ${DEV} | ${GREP} "Model Family:" | ${CUT} -d: -f2 | ${SED} -e 's/^[[:space:]]*//'`
    MODEL=`${SMARTCTL} -a ${DEV} | ${GREP} "Device Model:" | ${CUT} -d: -f2 | ${SED} -e 's/^[[:space:]]*//'`
    SN=`${SMARTCTL} -a ${DEV} | ${GREP} "Serial Number:" | ${CUT} -d: -f2 | ${SED} -e 's/^[[:space:]]*//'`
    SIZE=`${SMARTCTL} -a ${DEV} | ${GREP} "User Capacity:" | ${CUT} -d: -f2 | ${SED} -e 's/^.*\[\(.*\)\].*$/\1/'`
    echo
    echo "Found Drive:"
    echo " Make: ${MAKE}"
    echo " Model: ${MODEL}"
    echo " S/N: ${SN}"
    echo " Size: ${SIZE}"
    echo
    wipe ${DEV}
    else
    echo "${SMARTCTL} is required."
    exit 1
    fi
    }

    wipe() {
    DEV=$1
    WIPE_CMD="${DD} if=${DD_IF} of=${DEV} ${DD_OPTIONS}"
    echo
    echo -n "Begin wiping with ${WIPE_CMD} ? "
    read CONFIRM
    if [ "x${CONFIRM}" == "xy" ]; then
    echo "Wiping with ${WIPE_CMD}"
    `${WIPE_CMD}`
    echo "${DATE},${MAKE},${MODEL},${SN},${SIZE}" >> ${WIPE_LOG}
    fi

    # Validate ?
    if [[ ${VALIDATE} -eq 1 ]]; then
    echo "Beginning validation."
    NONZERO=0
    NONZERO=`${CAT} ${DEV} | ${XXD} | ${GREP} -v "0000 0000 0000 0000 0000 0000 0000 0000" | ${WC} -l | ${AWK} '{ print $1 }'`
    if [[ ${NONZERO} -gt 0 ]]; then
    echo "Validation failed!"
    NONZEROBYTES=`expr $(( ${NONZERO} * 16 ))`
    echo "Found approximately ${NONZEROBYTES} of non-zero data."
    exit;
    else
    echo "Validation successful."
    exit;
    fi
    fi
    }
    TEMP=`getopt -o ad:hipv -n 'wipe.sh' -- "$@"`
    eval set -- "$TEMP"
    # extract options and their arguments into variables.
    while true ; do
    case "$1" in
    -a) AUTOMATIC=1 ; shift ;;
    -d) DEV=$2 ; shift 2 ;;
    -h) HELP=1 ; shift ;;
    -p) PROGRESS=1 ; shift ;;
    -i) INITIALIZE=1 ; shift ;;
    -v) VALIDATE=1 ; shift ;;
    --) shift ; break ;;
    *) echo "Internal error!" ; exit 1 ;;
    esac
    done
    if [[ ${PROGRESS} -eq 1 ]]; then
    echo "Progress monitoring not implemented. Ignoring."
    fi

    if [[ ${HELP} -eq 1 ]]; then
    show_help
    exit 0
    fi

    if [[ ${INITIALIZE} -eq 1 ]]; then
    initialize
    exit 0;
    fi

    if [[ ${AUTOMATIC} -eq 1 ]]; then
    automatic_detect
    exit 0;
    fi

    if [ -z ${DEV} ]; then
    echo "No device specified."
    show_help
    exit 1;
    else
    analyze_drive ${DEV}
    fi


    if [ ! -f ${CONFIG} ]; then
    echo "Config file missing, please:"
    echo " 1) Disconnect all extra hard disks, thumbdrives, etc."
    echo " 2) Rerun the tool using the -i option"
    exit 1
    fi
    exit 99;