API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 19th, 2019
85
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.15 KB | None | 0 0
raw download clone embed print report
  1. #!/bin/bash
  2.  
  3. # Script to wipe all of the SATA storage media in a computer
  4. # Absolutely, positively, do not run this script unless you want all of your data
  5. # to be gone.
  6.  
  7. # Copyright 2019 Dalton Durst
  8. #
  9. # Permission is hereby granted, free of charge, to any person obtaining a copy
  10. # of this software and associated documentation files (the "Software"), to deal
  11. # in the Software without restriction, including without limitation the rights
  12. # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
  13. # copies of the Software, and to permit persons to whom the Software is
  14. # furnished to do so, subject to the following conditions:
  15. #
  16. # The above copyright notice and this permission notice shall be included in all
  17. # copies or substantial portions of the Software.
  18. #
  19. # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  20. # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  21. # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
  22. # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
  23. # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
  24. # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  25. # SOFTWARE.
  26.  
  27. trap interrupt INT
  28.  
  29. BOLD='\e[1m'
  30. RED='\e[91m'
  31. NORMAL='\e[0m'
  32. RED_BACKGROUND='\e[101m'
  33. GREEN_BACKGROUND='\e[42m'
  34. YELLOW_BACKGROUND='\e[43m'
  35.  
  36. # Holds the drives which were not able to be wiped
  37. FAILED=''
  38.  
  39. # Holds the drives which may be wiped via SANITIZE operations
  40. SANITIZE_DISKS=''
  41.  
  42. # Holds the drives which may be wiped via SECURE ERASE
  43. SECURE_ERASE_DISKS=''
  44.  
  45. interrupt() {
  46. echo -e "${RED_BACKGROUND} ${NORMAL}"
  47. echo 'Canceled. Press Enter to power down.'
  48. enter_to_off
  49. }
  50.  
  51. success() {
  52. echo -e "${GREEN_BACKGROUND} ${NORMAL}"
  53. echo -e 'Done! Press Enter to power down.'
  54. enter_to_off
  55. }
  56.  
  57. enter_to_off() {
  58. read
  59. sudo poweroff
  60. }
  61.  
  62. wait_for_idle() {
  63. GO=true
  64. while $GO; do
  65. sudo hdparm --sanitize-status "$1" |grep State
  66. if [[ `sudo hdparm --sanitize-status "$1"` =~ 'SD0' ]]; then
  67. GO=false
  68. fi
  69. sleep 1
  70. done
  71. }
  72.  
  73. add_failure() {
  74. FAILED="$FAILED $1"
  75. }
  76.  
  77. get_features() {
  78. sudo hdparm -I "$1"
  79. }
  80.  
  81. show_specs() {
  82. sudo fdisk -l "$1"
  83. sudo hdparm -i "$1" | grep Model
  84. }
  85.  
  86. echo "The following drives are installed in the system:"
  87. lsblk -lbd -o NAME,SIZE
  88. echo ''
  89.  
  90. while read DISK; do
  91. eval "$DISK"
  92. SUPPORTED_FEATURES=`get_features $NAME`
  93. if [ $SIZE -gt 50000000000 ]; then
  94.  
  95. if [[ ! $SUPPORTED_FEATURES =~ 'SANITIZE' ]]; then
  96. echo -e "${RED}${NAME} does not support the SANITIZE feature set.${NORMAL}"
  97. SECURE_ERASE_DISKS="$SECURE_ERASE_DISKS $NAME"
  98. continue
  99. fi
  100.  
  101. SANITIZE_DISKS="$SANITIZE_DISKS $NAME"
  102. fi
  103. done < <(lsblk -bdnpP -o NAME,SIZE)
  104.  
  105. if [[ -z $SANITIZE_DISKS ]] && [[ -z $SECURE_ERASE_DISKS ]]; then
  106. echo -e "${RED}No disks selected for wiping.${NORMAL}"
  107. interrupt || exit
  108. fi
  109.  
  110. echo ''
  111. echo 'The following disks will be erased:'
  112. echo ''
  113. echo 'With SANITIZE operations:'
  114. for DISK in $SANITIZE_DISKS; do
  115. show_specs "$DISK"
  116. done
  117. echo ''
  118. echo 'With SECURE ERASE operations:'
  119. for DISK in $SECURE_ERASE_DISKS; do
  120. show_specs "$DISK"
  121. done
  122.  
  123. echo ''
  124. echo "Press Control-C within the next 30 seconds to cancel, or press Enter to continue"
  125. read -t 30
  126. echo ''
  127.  
  128. SUCCESSFUL=''
  129. FAILED=''
  130.  
  131. for DISK in $SANITIZE_DISKS; do
  132. ADD_DISK=false
  133. SUPPORTED_FEATURES=`get_features $DISK`
  134.  
  135. if [[ $SUPPORTED_FEATURES =~ 'CRYPTO_SCRAMBLE_EXT' ]]; then
  136. echo "Erasing $DISK with SANITIZE CRYPTOGRAPHIC SCRAMBLE"
  137. sudo hdparm --yes-i-know-what-i-am-doing --sanitize-crypto-scramble "$DISK" && ADD_DISK=true
  138. wait_for_idle "$DISK"
  139. ADD_DISK=true
  140. fi
  141.  
  142. if [[ $SUPPORTED_FEATURES =~ 'BLOCK_ERASE_EXT' ]]; then
  143. echo "Erasing $DISK with SANITIZE BLOCK ERASE"
  144. sudo hdparm --yes-i-know-what-i-am-doing --sanitize-block-erase "$DISK" && ADD_DISK=true
  145. wait_for_idle "$DISK"
  146. fi
  147.  
  148. if $ADD_DISK; then
  149. echo "Successfully wiped $DISK"
  150. SUCCESSFUL="$SUCCESSFUL $DISK"
  151. else
  152. echo -e "${RED}${BOLD}Did not find a suitable method to wipe ${DISK}${NORMAL}"
  153. add_failure $DISK
  154. fi
  155. done
  156.  
  157. for DISK in $SECURE_ERASE_DISKS; do
  158. if [[ ! `get_features $DISK | grep frozen` =~ 'not' ]]; then
  159. # Disk is frozen
  160. echo -e "${YELLOW_BACKGROUND} ${NORMAL}\n"
  161. echo "$DISK is frozen. We will now suspend the PC to attempt to unfreeze it."
  162. echo "After the PC is suspended, please wake it up yourself then press Enter again."
  163. echo "Press Enter now to suspend the PC."
  164. read && sudo systemctl suspend
  165. sleep 10
  166. echo "Waiting for you to press Enter again..."
  167. read || interrupt
  168.  
  169. if [[ ! `get_features $DISK | grep frozen` =~ 'not' ]]; then
  170. echo "${RED}Disk is still frozen. I will not be able to wipe this disk.${NORMAL}"
  171. add_failure $DISK
  172. continue
  173. fi
  174. fi
  175.  
  176. echo "Setting security password on $DISK to 'Eins'"
  177. if [[ ! `sudo hdparm --user-master u --security-set-pass Eins $DISK` ]]; then
  178. echo -e "${YELLOW_BACKGROUND}FAILED TO SET DRIVE PASSWORD ON DISK ${DISK}${NORMAL}"
  179. add_failure $DISK
  180. continue
  181. fi
  182. echo "Wiping $DISK with SATA Secure Erase"
  183. if [[ ! `sudo hdparm --user-master u --security-erase Eins $DISK` ]]; then
  184. echo -e "${YELLOW_BACKGROUND}FAILED TO SECURE ERASE ${DISK}${NORMAL}"
  185. echo "The drive password is currently 'Eins', you will need to reset it."
  186. echo "Press Enter to continue."
  187. read
  188. continue
  189. fi
  190.  
  191. echo "Successfully wiped $DISK"
  192. SUCCESSFUL="$SUCCESSFUL $DISK"
  193. done
  194.  
  195. echo "Wiped the following disks: $SUCCESSFUL"
  196.  
  197. if [[ -n "$FAILED" ]]; then
  198. echo -e "${RED}I WAS UNABLE TO WIPE THE FOLLOWING DISKS${NORMAL}"
  199. echo "$FAILED"
  200. fi
  201.  
  202. success
  203.  
  204. [[ -n $SANITIZE_DISKS ]] && echo "The PC may fail to power off automatically. If so, you may force power off."
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!