1#!/bin/sh 2# 3# THE CLEANER SCRIPT 4# Part of the secure_data_deletion toolkit by van Hauser / THC 5# Run at your own risk. Tested on Linux only. 6# 7# Run this to wipe your system as most as possible with automatic stuff. 8# You should run this in the STOP runlevels 2 and 3. 9# 10# ------------------------------------------------------------------------ 11# 12# Please configure the following variables: 13# 14# 15# WIPE_MODE: 1-3 16# 1: highly secure mode (38 wipes) 17# 2: insecure mode (2 wipes) 18# 3: highly insecure mode (1 wipe) 19WIPE_MODE=3 20# 21# 22# WIPE_FAST: yes/no 23# yes: dont use a secure random number generator, less secure 24# no: use a secure random number generator, secure 25WIPE_FAST=yes 26# 27# 28# WIPE_VERBOSE: yes/no 29# yes: write verbose messages 30# no: only write if error/warnings occur 31WIPE_VERBOSE=yes 32# 33# 34# WIPE_DIRECTORIES: directories you want to wipe completely all files and 35# subdirectories from. Usually /tmp, /usr/tmp and /var/tmp. 36WIPE_DIRECTORIES="/tmp /usr/tmp /var/tmp" 37# 38# WIPE_USER_FILES: files you want to wipe from user directories. Usually 39# .*history*, .netscape/cache/*, .netscape/history*, 40# .netscape/cookies, tmp/*, *~ and core 41WIPE_USER_FILES=".*history* .netscape/cache/ .netscape/history* \ 42 .netscape/cookies .lynx_cookies tmp/* *~ .gqview_thmb/ dead.letter core" 43 44# ------------------------------------------------------------------------ 45# 46# Preparation Phase 47# 48test "$WIPE_MODE" -gt 0 -a "$WIPE_MODE" -lt 4 || { 49 echo "WIPE_MODE must be a value between 1 and 3." 50 exit 1 51} 52test "$WIPE_FAST" = yes -o "$WIPE_FAST" = "no" || { 53 echo "WIPE_FAST must be either yes or no." 54 exit 1 55} 56test "$WIPE_VERBOSE" = yes -o "$WIPE_VERBOSE" = "no" || { 57 echo "WIPE_VERBOSE must be either yes or no." 58 exit 1 59} 60MODE="" 61test "$WIPE_MODE" -eq 2 && MODE="-l" 62test "$WIPE_MODE" -eq 3 && MODE="-ll" 63FAST="" 64test "$WIPE_FAST" = yes && FAST="-f" 65VERBOSE="" 66test "$WIPE_VERBOSE" = yes && VERBOSE="-v" 67 68# ------------------------------------------------------------------------ 69# 70# Starting the wiping process 71# 72 73# Wipe directories 74test -z "$VERBOSE" || echo "STARTING THE CLEANER." 75test -z "$VERBOSE" || echo "CLEANER: Wiping directory contents" 76for i in $WIPE_DIRECTORIES; do 77 test -z "$i" -o "$i" = "." -o "$i" = ".." -o "$i" = "/" || { 78 test -z "$VERBOSE" || echo " $i" 79 cd "$i" && srm $MODE $FAST -d -r -- .* * 80 } 81done 82 83# Wipe files 84test -z "$VERBOSE" || echo "CLEANER: Wiping user files" 85awk -F: '{ print $1 " " $6 }' /etc/passwd | 86while read user homedir; do 87 test "$homedir" = "" -o "$homedir" = "." -o "$homedir" = ".." || { 88 cd "$homedir" && { 89 test -z "$VERBOSE" || echo " $user" 90 for j in $WIPE_USER_FILES; do 91 test -z "$j" || { 92 test -L "$j" || { 93 test -e "$j" && srm $MODE $FAST -d -r -- $j 94# test -e "$j" && "i would wipe: $j" 95 } 96 } 97 done 98 } 99 } 100done 101 102# Wipe free space and inodes 103test -z "$VERBOSE" || echo "CLEANER: Wiping free space and inodes on filesystems" 104for i in `mount|grep -E '^/dev/.* type ext'|awk '{print$3}'`; do 105 test -z "$VERBOSE" || echo " $i" 106 test -z "$i" || sfill $MODE $FAST "$i" 107done 108 109# Now the swap space: 110test -z "$VERBOSE" || echo "CLEANER: Wiping swap space" 111#ACTIVE=`swapoff -s|grep ^/dev/|awk '{print$1}'` 112swapoff -a 113for i in `(grep -w swap /etc/fstab|awk '{print$1}';echo "$ACTIVE";)|sort -u`; do 114 test -z "$VERBOSE" || echo " $i" 115 test -z "$i" || sswap $MODE $FAST "$i" 116done 117 118# Finally the memory: 119test -z "$VERBOSE" || echo "CLEANER: Wiping the memory" 120smem $MODE $FAST 121# 122 123swapon -a 124 125# FINNISHED! 126test -z "$VERBOSE" || echo "THE CLEANER FINNISHED." 127