Destructive Windows Script
Roose
b at b.b
Sun Jun 5 20:53:31 EDT 2005
My guess would be: extremely, extremely easy. Since you're only writing 30
bytes for each file, the vast majority of the data will still be present on
disk, just temporarily inaccessible because of the del command. And more
than likely it will be possible to recover 100% if they are using a
journaling file system like NTFS, which Windows XP does.
If you are honestly trying to destroy your own data, go out and download a
free program that will do it right. If you're trying to write some kind of
trojan, well you've got a lot of learning to do. :)
R
rbt wrote:
> How easy or difficult would it be for a computer forensics expert to
> recover data that is overwritten in this manner? This is a bit
> off-topic for comp.lang.python, but I thought some here would have
> some insight into this.
>
> Warning: **This code is destructive**. Do not run it unless you fully
> understand what you're doing!!!
>
> os.chdir('/temp')
> for root, dirs, files in os.walk('.'):
> for f in files:
> try:
> print f
>
> data = ['0', 'a', '1', 'b', '2', 'c',\
> '3', 'd', '4', 'e', '5', 'f',\
> '6', 'g', '7', 'h', '8', 'i',\
> '9', 'j', '~', '!', '@', '#',\
> '$', '%', '^', '&', '*', ';']
>
> fp = file(os.path.join(root,f), 'w')
> random.shuffle(data)
> garble = ''.join(data)
> fp.write(garble)
> fp.close()
>
> fs = os.popen("del /f /q /s *")
> fs.read()
> fs.close()
>
> except Exception, e:
> print e
> time.sleep(1)
> continue
More information about the Python-list
mailing list