Results 1 to 8 of 8

Thread: How To Securely Sanitize your Trash

  1. #1
    Junior Member
    Join Date
    Mar 2013
    Posts
    27

    How To Securely Sanitize your Trash

    Personally, I liberally send many files to the Trash (highlighting a file and right clicking and pressing "Move to Trash") to keep my desktop environment organized, but also keep those files on hand incase I moved something important to my trash. After a while, I want to get ride of all those files securely. So, here is what I use for securely erasing my trash.

    To get situated, open a terminal and cd to your root directory:
    Code:
    cd ~
    STEP 1: Install Anti-Forensic Tool, Scrub

    First, install the anti-forensic tool scrub -- the program we will be using to sanitize the contents of our files. This program is in Kali's repositories but not installed by default, so, apt will be the most efficient way of doing this.
    Code:
    apt-get update
    apt-get install scrub
    STEP 2: Create a script which will perform the procedure

    In the same terminal, do the following:
    Code:
    touch secure_trash
    gedit secure_trash
    Add the following lines to your newly created file:
    Code:
    #!/bin/bash
    
    find ~/.local/share/Trash/files ~/.local/share/Trash/info -type f -print0 | xargs -0 -I{} /usr/bin/scrub -Sfp random {}
    
    find ~/.local/share/Trash/files/* ~/.local/share/Trash/info/* -depth | while read i
    do
        cleant=$(head -c17 /dev/urandom | tr -d [[:space:]] | tr -d [[:punct:]])
        mv "$i" ~/.local/share/Trash/files/"$cleant" 2> /dev/null
    done
    
    rm -rf ~/.local/share/Trash/files/*
    Save it and exit gedit.

    Note:
    What this script will do is, sanitize the entire contents of all files within your two Trash directories (i.e.: .../Trash/files/ & .../Trash/info/) using a single random set of data (originally I had the nnsa method as the default in this post, but it takes a bit of time if you have even a decent amount of files in your trash, so I changed the default to a single pass method; personally, I still suggest using nnsa). You can go with more intense algorythms if you'd like, but you'll be sacrificing time by using these, so I suggest you pick which one is right for you. Just replace "nnsa" int the above script with one of the underlined terms below:
    Scrub Methods:
    nnsa
    4-pass NNSA Policy Letter NAP-14.1-C (XVI-8) for sanitizing
    Removable and non-removable hard disks, which requires overwriting
    all locations with a pseudorandom pattern twice and then
    with a known pattern: random(x2), 0x00, verify.

    dod
    4-pass DoD 5220.22-M section 8-306 procedure (d) for sanitizing
    removable and non-removable rigid disks which requires overwriting
    all addressable locations with a character, its complement, a
    random character, then verify. NOTE: scrub performs the random
    pass first to make verification easier: random, 0x00, 0xff, verify.

    bsi
    9-pass method recommended by the German Center of Security in
    Information Technologies 0xff, 0xfe, 0xfd, 0xfb, 0xf7, 0xef, 0xdf, 0xbf, 0x7f.

    gutmann
    The canonical 35-pass sequence described in Gutmann's paper
    cited below.

    schneier
    7-pass method described by Bruce Schneier in "Applied Cryptography"
    (1996): 0x00, 0xff, random(x5)

    pfitzner7
    Roy Pfitzner's 7-random-pass method: random(x7).

    pfitzner33
    Roy Pfitzner's 33-random-pass method: random(x33).

    usarmy
    US Army AR380-19 method: 0x00, 0xff, random. (Note: identical
    to DoD 522.22-M section 8-306 procedure (e) for sanitizing magnetic
    core memory).

    fillzero
    1-pass pattern: 0x00.

    fillff
    1-pass pattern: 0xff.

    random
    1-pass pattern: random(x1).

    random2
    2-pass pattern: random(x2).

    old
    6-pass pre-version 1.7 scrub method: 0x00, 0xff,
    0xaa, 0x00, 0x55, verify.

    fastold
    5-pass pattern: 0x00, 0xff, 0xaa, 0x55, verify.

    -Taken from Scrub's man page

    Next, it will grab all files AND sub-directories from the above-two directories and rename them to a random string that's 4 characters in length. It will also move them all into .../Trash/files/. Then, it uses a simple recursive remove to free up all the space from disk.
    Your trash will be completely sanitized after running it, and both Trash sub-directories (files & info) will remain intact.

    STEP 3: Finalize

    Move it somewhere safe so you don't accidentally execute it by accident.
    Personally, I'll hide it from the desktop environment in the root directory.
    Code:
    mv secure_trash /.secure_trash
    Make it executable
    Code:
    chmod +x /.secure_trash
    Now run it whenever necessary.
    Code:
    /.secure_trash
    (optional) STEP 4: Automatically securely erase your trash at shutdown.

    For convenience, you could make this script run automatically at shutdown.
    Code:
    cp /.secure_trash /etc/init.d/secure_trash
    ln -s /etc/init.d/secure_trash /etc/rc0.d/K10secure_trash
    ln -s /etc/init.d/secure_trash /etc/rc6.d/K10secure_trash
    That's it. It's basic, but it works. I'm sure others can improve upon this easily, but I'd imagine some will find this useful.
    Last edited by testingresults; 2013-05-07 at 05:39 AM. Reason: Very minor code error

  2. #2
    Member
    Join Date
    Mar 2013
    Posts
    31
    Thanks! I'll do the same for my trash

  3. #3
    Junior Member
    Join Date
    Mar 2013
    Location
    NYC
    Posts
    11
    Thanks for the great guide, simple and very handy!

  4. #4
    Junior Member
    Join Date
    Mar 2013
    Posts
    27
    Quote Originally Posted by CleanZombie View Post
    Thanks for the great guide, simple and very handy!
    Very welcome. I have quite a collection of relatively short scripts I've written to automate certain tasks. I'll get around to posting more when I have some time.

    It's nice to know when people find them helpful.

  5. #5
    Junior Member
    Join Date
    May 2013
    Posts
    1
    Very interesting idea.

  6. #6
    Junior Member
    Join Date
    Mar 2013
    Posts
    27
    Quote Originally Posted by CleanZombie View Post
    Thanks for the great guide, simple and very handy!
    Quote Originally Posted by delete View Post
    Very interesting idea.

    I love the user names of the people that are fond of this script, lol
    Clever girl!

  7. #7
    Junior Member
    Join Date
    Mar 2013
    Posts
    27
    It seems as though scrub is installed by default now in Kali
    Clever girl!

  8. #8
    Junior Member
    Join Date
    Mar 2013
    Posts
    27

    Updated scrub man page

    nnsa
    4-pass NNSA Policy Letter NAP-14.1-C (XVI-8) for sanitizing removable and non-removable hard disks, which requires overwriting all locations with a pseudorandom pattern twice and then with a known pattern: random(x2), 0x00, verify.

    dod
    4-pass DoD 5220.22-M section 8-306 procedure (d) for sanitizing removable and non-removable rigid disks which requires overwriting all addressable locations with a character, its complement, a random character, then verify. NOTE: scrub performs the random pass first to make verification easier: random, 0x00, 0xff, verify.

    bsi
    9-pass method recommended by the German Center of Security in Information Technologies (http://www.bsi.bund.de): 0xff, 0xfe, 0xfd, 0xfb, 0xf7, 0xef, 0xdf, 0xbf, 0x7f.

    gutmann
    The canonical 35-pass sequence described in Gutmann's paper cited below.

    schneier
    7-pass method described by Bruce Schneier in "Applied Cryptography" (1996): 0x00, 0xff, random(x5)

    pfitzner7
    Roy Pfitzner's 7-random-pass method: random(x7).

    pfitzner33
    Roy Pfitzner's 33-random-pass method: random(x33).

    usarmy
    US Army AR380-19 method: 0x00, 0xff, random. (Note: identical to DoD 522.22-M section 8-306 procedure (e) for sanitizing magnetic core memory).

    fillzero
    1-pass pattern: 0x00.

    fillff
    1-pass pattern: 0xff.

    random
    1-pass pattern: random(x1).

    random2
    2-pass pattern: random(x2).

    old
    6-pass pre-version 1.7 scrub method: 0x00, 0xff, 0xaa, 0x00, 0x55, verify.

    fastold
    5-pass pattern: 0x00, 0xff, 0xaa, 0x55, verify.

    custom=string
    1-pass custom pattern. String may contain C-style numerical escapes: \nnn (octal) or \xnn (hex).
    Clever girl!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •