3

I need to wipe an entire hard drive and the only tools I have are Backtrack 5 RC3 and the internet. Apparently earlier versions of Backtrack had a tool to wipe the hard drive, called wipe.

I need to wipe these two partitions(well, the entire drive really), called WINDOWS and Data.

clever_trevor
  • 135
  • 1
  • 9
  • Does Backtrack come with the hdparm utility? (Considering a secure erase command to let the disk wipe itself. `hdparm --user-master u --security-erase Eins /dev/sda`. Details [here](https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase).) – Hennes Dec 18 '13 at 18:35

4 Answers4

9

You can use the dd-command.

Attention: You need to replace sda with the device name which you want to overwrite. To find the name of your harddrive, use this command. It will provide you a list of all your harddrives.

sudo lshw -class disk

It will take some time, because all data will be overriten with zeros.

sudo dd if=/dev/zero of=/dev/sda bs=1M

If you want to make it more secure, than you should overrite it with random data and not just with zeros. ;) It will take longer than the first suggestion.

sudo dd if=/dev/urandom of=/dev/sda bs=1M
Christian
  • 7,102
  • 1
  • 22
  • 36
  • It couldn't find "sda". I am trying to wipe the entire hard drive, but the two partitions are called WINDOWS and Data – clever_trevor Oct 09 '13 at 11:51
  • 1
    Sorry, I've forgot to say that you have to replace sda with the name of your device-name. – Christian Oct 09 '13 at 11:54
  • I get the error that "dd: opening dev/WINDOWS : No such file or directory" with the command "sudo dd if=/dev/zero of=dev/WINDOWS bs=1M" – clever_trevor Oct 09 '13 at 12:01
  • 1
    @clever_trevor WINDOWS and Data are the label for those partition. You need to find the /dev/xxxx of that particular partition. (/dev/sda or /dev/sdb etc are just samples of commonly used device-name. It may be different with your system) – Darius Oct 09 '13 at 12:05
  • 1
    @clever_trevor you can use `sudo lshw -class disk`to find all harddrives on the system. Than you have to choose the right harddrive. You should only have one. – Christian Oct 09 '13 at 12:09
  • @Chris I did that and found the label called "*-disk" with the description of "ATA Disk" and logical name "/dev/sda" and size of 500gp, so this is definitely it. However, the command is still throwing a "No such file or directory" for "'dev/sda" – clever_trevor Oct 09 '13 at 12:15
  • 1
    @clever_trevor I'm sorry. I dont know, why it doesn't work. Are you really sure, that your disk is called dev/sda and hasn't any additional chars etc? – Christian Oct 09 '13 at 12:22
  • I just re-entered it and now the terminal is just showing my input, but not doing anything. Like, the new lines in terminal aren't including "root@bt" in the beginning. Good? Bad? – clever_trevor Oct 09 '13 at 12:29
  • @clever_trevor Yes leave it, as it was. It is working. :) You have to wait. As I said, it takes a while. – Christian Oct 09 '13 at 12:31
  • You are welcome. :) Hopefully it will work. If not, just ask again. – Christian Oct 09 '13 at 12:40
  • Why it's more secure to overwrite with random data instead of 0's ? – Luc M Oct 09 '13 at 12:50
  • @LucM the zero-method s enough for the normal user. But the /dev/zero isn't as save as urandom because if you write random data on the harddrive it's much harder to restore the data. But don't ask me why. :) I only know how to use it. – Christian Oct 09 '13 at 12:59
  • 3
    Please note that [one pass of zeros is enough to securely wipe a hard disk](http://security.stackexchange.com/a/10474/16228). There's no need to use random bytes. – Adi Oct 09 '13 at 13:18
  • Allright, did not know that. thx for the information. – Christian Oct 09 '13 at 13:19
2

You can use shred for files or partitions/hard drives:

http://www.howtoforge.com/how-to-securely-destroy-wipe-data-on-hard-drives-with-shred

Use sudo if required to gain administrative privileges.

For a partition:

shred -vfz -n 10 /dev/sdXZ

For a drive:

shred -vfz -n 10 /dev/sdX

Note! Substitute "X" and "Z" with the adequate number or letter for partition/drive

For a file:

shred -v -u -n 2 -z moo.txt

$ shred -v -u -n 2 -z moo.txt 
shred: moo.txt: pass 1/3 (random)...
shred: moo.txt: pass 2/3 (random)...
shred: moo.txt: pass 3/3 (000000)...
shred: moo.txt: removing
shred: moo.txt: renamed to 0000000
shred: 0000000: renamed to 000000
shred: 000000: renamed to 00000
shred: 00000: renamed to 0000
shred: 0000: renamed to 000
shred: 000: renamed to 00
shred: 00: renamed to 0
shred: moo.txt: removed

Options:

  -f, --force    change permissions to allow writing if necessary
  -n, --iterations=N  overwrite N times instead of the default (3)
      --random-source=FILE  get random bytes from FILE
  -s, --size=N   shred this many bytes (suffixes like K, M, G accepted)
  -u, --remove   truncate and remove file after overwriting
  -v, --verbose  show progress
  -x, --exact    do not round file sizes up to the next full block;
                   this is the default for non-regular files
  -z, --zero     add a final overwrite with zeros to hide shredding
      --help     display this help and exit
      --version  output version information and exit

If FILE is -, shred standard output.
Savvas Radevic
  • 1,124
  • 7
  • 14
1

Since you have 'internet' as your tool... (and hopefully access to a CD drive, or a USB disk that you can use), get DBAN and it can do secure wipe of HDD content. Just make sure you choose the correct drive.. (if you have multiple HDD, or accidentally wiping the USB where you have DBAN on)

Darius
  • 5,336
  • 2
  • 29
  • 24
  • I didn't include CDs. This normally would be my solution, but I am not able to get my computer repair disks, which includes DBAN. – clever_trevor Oct 09 '13 at 12:16
0

You can use dd and shred like suggested.

You might also use ErAce or download it from SourceForge. This works on the whole drive.

Kevin Panko
  • 7,346
  • 22
  • 44
  • 53
user3104412
  • 1