Search the Community

Update: 11/14/2012 - Fixed bug in Freespace erase - it was using sector size by mistake (did not cause failure, but slowed the wipe) - Replaced dir move/remove functions with long file name compatible API functions (thanks KaFu) - Added long path and UNC support to the _FileMapping UDF (this change affected portions of the UDF only used to wipe sparse / encrypted / compressed files on NTFS) - Wiping of these special files is now restricted to local volumes - you cannot get the volume handle required from remote volumes - NOTE: When running under UAC full admin permissions are required to use the defrag API to wipe these special files - Various updates to included _FileEx UDF Update: 10/1/12 - _SecureDirectoryDelete is now an iterative function, instead of recursive. - Added ability to overwrite with random data. To activate this feature, you must use the user array format with the array element corresponding to the random pass set to -1. Note this *will* incur a performance penalty since the buffer is filled with new random data each time it is used. - Registered _SD_FreeBuffers() as an on-exit function. - Changed the way buffer recreation is handled - new buffers are automatically created each time you pass a different value or array for $aPatterns. - Some updates to the included _FileEx UDF. Update: 9/11/12 - _SecureDirectoryDelete returns an array of errors for all errors encountered during recursion. This includes the error number, path at which the error was encountered, and the type of path item (file or folder). Update: 9/10/12 - More optimizations, read new header for important info Optimized buffer creation - done once on first call to any function, survives for life of script.$aPatterns parameter now accepts a single integer 0 <= i <= 255 to indicate a single pass using that byte pattern (-1 for default 3-pass DoD_E)Changed final file / dir removal to restore original file / dir name in case of removal failure.- SCRIPT BREAKING - Changed the order of the $fDelete and $aPatterns parameters, moving the more commonly used $aPatterns parameter to a higher priority. Update: 9/7/12 - Code cleanup and some optimizations - Fixed a bug that could slow down wiping of compressed / encrypted / sparse files if using more than one pass (this bug did not affect the actual wiping of these files) - Added callback functions to monitor the progress of the wipe File: Callback receives bytes written and total bytes.Dir: Callback is passed to file delete and receives bytes written and total bytes per file. Total directory size and bytes is not calculated, as the penalty would be too high for these basic functions. If you need total directory size, do this calculation yourself before calling this function, and keep track of the data written.Freespace: Callback is passed bytes written and total free bytes. Under certain circumstances, total bytes written may not equal total free bytes on the last call.Update: 9/5/12- Major rewrite Rewrote delete function, includes a special method to securely erase NTFS compressed, sparse, and EFS encrypted files.Simplified the parameters. Only need to specify if the file should be deleted after being overwritten, and can specify custom delete patterns.Added a directory deletion function to recursively wipe directoriesAdded a freespace wipe function, based on the Sysinternals SDelete utilityReparse points: symlinks and junctions are now handled, they are simply deleted, NOT followed or overwritten.- The archive includes my _FileMapping UDF and _FileEx UDF for support functions. I tested this A LOT, which also accounts for the delay in releasing. I've tested on NTFS and FAT32 drives, and it functions as it should. That said, I take no responsibility for data loss. If there are testers familiar with data recovery, I'd love tests done on the thoroughness of the wiping, especially the free space wipe. NTFS has some real gotchas that normal apps can't deal with safely, so some stuff may slip through. If so, I'd like to know about it. I plan on working on some sort of cluster tip / slack space wipe to add to the freespace function, but I have to figure out how best to handle that. Update: 8/20/10 - Uses unbuffered I/O to overwrite the file - Added fFileTime and fDelete parameters - Code cleanup EDIT: New version. The buffer creation has been optimized. This one optionally renames the file 10 times to a random name, resets the file timestamps to Jan. 1, 1980, 12:01am, and optionally takes a user array of integer values from 0 to 255 (decimal or hex) to use as the erasing patterns. This way the user can control the patterns used to erase the data and the number of passes. If no array is passed, then the default DoD short method (DoD_E) is used. The last parameter lets the user specify the block size to be used, default is 32768 bytes (32 Kb). Just something I felt like whipping up. This script does a secure erase of any file. It uses the DoD short method as described in the script. Currently it writes in 32Kb blocks which seems to give pretty good performance. Depending on the file size, it may increase the erased file's size by up to 32 Kb. You can play with the size if you feel like it. On my computer, it erased a 5.5 MB file (16.5 MB in total written data) in 0.08 seconds. I verified the results with a Hex editor to be sure. Then it will rename the file 10 times using a randomly generated name. This *should* make the file names unrecoverable as well as the data. Enjoy! Example $r = _SecureFileDelete(@ScriptDir & "test.bin", -1, False) ; use default patterns, do not delete ConsoleWrite($r & " : " & @error & @CRLF) Local $array[3] = [0x00,0xFF,0x1C] $r = _SecureFileDelete(@ScriptDir & "test.bin", $array, False) ; use custom patterns, no delete ConsoleWrite($r & " : " & @error & @CRLF) Dim $array[2] = [0,-1] $r = _SecureFileDelete(@ScriptDir & "test.bin", $array, False) ; two passes, last pass random data, no delete ConsoleWrite($r & " : " & @error & @CRLF)SecureDelete.zip