Tags

, , , , , ,

Continuing where I left off in my last post, the basic software is completed. I’ve posted it on SourceForge along with the README file (download here). It should work on any system (even Windows) with dd and foremost utilities installed.

One thing I’d strongly recommend is checking the volume name and path before running the program, just to be absolutely certain you’re wiping or imaging the correct partition. I use the $df command for this. When testing the software, you might also use a USB drive with a flashing LED that indicates when a read/write operation is in progress.

XeroDrive should/must be run as root:
#cd [directory]
#./XeroDrive

If the following UI appears, it’s working.

xerodrive-ui-main

Finishing off the software was basically just a matter of adapting the following code to the other sections in the program and retesting it:

appwin.addstr(2, 1, "Volume to erase: ", curses.color_pair(2))
Volume = appwin.getstr(2, 20).decode(encoding="utf-8")
appwin.addstr(4, 1, "Erasing volume. This might take a while...")

subprocess.call("dd if=/dev/urandom of=" + Volume + " bs=512k", shell=True)

xerodrive-ui-erase

This will perform a complete erase of the filesystem, so if the volume or partition disappears after this, use GParted to format it with a new filesystem.

Things get a bit messy when dealing with two variables in the same command. The following reads the target volume path in /dev, and generates xerodrive-image.img in the specified path:

TargetVolume = appwin.getstr(2, 25).decode(encoding="utf-8")
ImageTo = appwin.getstr(4, 25).decode(encoding="utf-8")

subprocess.call("dd if=/dev/urandom of=" + TargetVolume + " of=" + ImageTo + "xerodrive-image.img" + " bs=4096" + " conv=notrunc,noerror,sync", shell=True)

xerodrive-ui-imaging

The data recovery feature uses the file carving technique to reconstruct files within a disk image. This is pretty effective against accidental deletions and some disk-wiping tools. Here the program creates a directory called ‘xerodrive-recover[timestamp]‘ and an associated log file called ‘recoverylog.txt‘:

ddImage = appwin.getstr(2, 18).decode(encoding="utf-8")
dumpPath = appwin.getstr(4, 18).decode(encoding="utf-8")

subprocess.call("foremost -i " + ddImage + " -o " + dumpPath + "/xerodrive-recover -T >> " + dumpPath + "/recoverylog.txt", shell=True)

xerodrive-ui-recover

So now I have the basic software complete, and it’s not that far off being commercial-grade with a few additions and refinements.

Advertisements