|
|
 |
|
|
Thread Tools | Display Modes |
May 17th, 2006, 6:39 PM
|
#1 |
|
Professional Programmer
Join Date: Oct 2005
Location: United States
Posts: 447
Rep Power: 4
   |
SecureOverwrite
Hi all. I wrote this program to see if it would really work, and to see how useful it might be. It's a SecureOverwrite program, that takes a file path and overwrites it with random numbers, and then deletes the file. Comments and suggestions on how I might improve the program are welcome. The algorithm for the overwrite method is very simple right now, so any ideas on how I might make it better are welcome. This was compiled without error or warning in Dev-C++.
#include <iostream>
#include <fstream>
#include "KillProcess.cpp"
using namespace std;
int OhNo(string Horrors)
{
cerr << Horrors << endl;
return 1;
}
int main()
{
char fileName[255];
cout << "Enter file to be securely removed: ";
cin.getline(fileName,255);
int number = 0; int number2 = 0; int number3 = 0; int number4 = 0; int number5 = 0;
int number6 = 0; int number7 = 0; int number8 = 0; int number9 = 0; int number10 = 0;
ifstream fin(fileName);
if (fin)
{
cout << "File found." << endl;
cout << "Now ending process if running..." << endl;
KillProcess(fileName);
int times, theLimit;
cout << "Enter times to securely overwrite: ";
cin >> times;
if ( !cin.good() ) return OhNo("Error: bad input");
// Overwrite method: Erases all data in file, writes random number. Does this as much as specified.
for (theLimit = 1; theLimit <= times; theLimit++)
{
ofstream fout(fileName);
number = rand(); number2 = rand(); number3 = rand(); number4 = rand(); number5 = rand();
number6 = rand(); number7 = rand(); number8 = rand(); number9 = rand(); number10 = rand();
fout << number << number2 << number3 << number4 << number5
<< number7 << number8 << number9 << number10;
fout.close();
cout << "*";
}
cout << "\nFile was overwritten " << theLimit << " times." << endl;
cout << "Now removing file..." << endl;
fin.close();
int check = remove(fileName);
if ( check == 0 ) { cout << "Success." << endl; }
if ( check != 0 ) { cout << "Failure to remove file." << endl; }
}
else
{
cout << "File not found" << endl;
}
cin.sync();
cin.get();
return 0;
}You can find the KillProcess() code here. Thanks to the dude that wrote this. I didn't comment much, because the code is fairly easy to read (IMO, I might change it anyways). Thanks for your comments and suggestions.
__________________
The world's first athletic computer geek! The home of PrProgramsStudios How not to post a question: <-- Please don't reply |
|
|
|
May 17th, 2006, 9:14 PM
|
#2 |
|
Expert Programmer
Join Date: Jun 2005
Posts: 893
Rep Power: 4
|
A few comments:
- You should probably close fin before opening fout, so that there is no problems with the file being open for reading and writing at the same time - You are only writing 10 integers (40 bytes) into the file - this won't wipe out any data after that. Find out the size of the file first and write that many bytes back over it - I am not sure if using ofstream to open the file will cause it to be truncated on the spot, which would mean that the location of all the file's data on the disk may be wiped out and given back to the operating system. This means that when you try to write over the data, you might be writing to a different (free) part of the disk all together. Find a method of opening the file that doesn't truncate it. |
|
|
|
|
May 18th, 2006, 3:55 AM
|
#3 |
|
Programming Guru
 
Join Date: Jun 2005
Location: elemental plane
Posts: 1,429
Rep Power: 5
|
In addition to the comments of The Dark, NEVER include module files (*.cpp)
Include <string> for "cerr << Horrors << endl". I think he got the KillProcess code largely from here. You might want to include that function in your code instead, and modify it so it accepts a filename instead of a process ID. In C++ try to use C++ strings. When you really need to convert to C strings, you can do so with the c_str() function. Lastly, As The Dark mentions, the ofstream constructor has default modes of ios::out and ios::trunc, you can change those to whatever you like.
__________________
"Employ your time in improving yourself by other men's writings, so that you shall gain easily what others have labored hard for." -- Socrates |
|
|
|
|
May 18th, 2006, 9:14 AM
|
#4 |
|
Programming Guru
Join Date: Jul 2004
Location: United States
Posts: 3,473
Rep Power: 8
 |
May want to use a nested loop, with the inner loop building the string of random numbers and the outer loop writing to the file.
__________________
http://jasonpowers.net "There are a thousand hacking at the branches of evil to one who is striking at the root." |
|
|
|
|
May 18th, 2006, 4:41 PM
|
#5 | ||
|
Professional Programmer
Join Date: Oct 2005
Location: United States
Posts: 447
Rep Power: 4
|
Ok, I re-wrote some of it, but I have a few things I do not understand, so maybe yall can help me with that. By the way, thank yall for the suggestions and comments on the program.
@The Dark: I found a function that tells me the size of the file in bytes. For every byte that is in the file, I write one 0 so that it is overwritten. (I think one char is one byte) For example: Quote:
Quote:
@nnxion: I took out the #included .cpp file and defined it in my source. I was trying to save space when I posted the source on the forums, not a big deal though. The KillProcess() code accepts a filename, as far as I was aware. Perhaps I need to re-read that whole function and see if I missed something. @IR: I had that in the loop because I originally was overwriting the file over and over again, but now it just overwrites it once. Thanks again for helping me out with this.  My updated code is attached.
__________________
The world's first athletic computer geek! The home of PrProgramsStudios How not to post a question: <-- Please don't reply |
||
|
|
|
|
May 18th, 2006, 5:56 PM
|
#6 |
|
Expert Programmer
Join Date: Jun 2005
Posts: 893
Rep Power: 4
|
If you picture how a file is laid out on a disk (under some operating systems), it is a chain of areas in the disk, so that start of the file is at one location, then that points to some more of the file and that points to somewhere else and so on. This is so that files don't have to all be in one contiguous block on the disk, which would be hard to manage.
When you open and truncate, there is a possibility that all of the rest of the disk space used by the file is given back to the OS immediately. The disk space might then go into the free space pool. When you write the new data into the file, the OS may not give the file the same locations as it did before, meaning that you will now be securely overwriting some other part of the disk, with the data you are trying to wipe out still being on the disk, but in a "free" area. |
|
|
|
|
May 18th, 2006, 6:01 PM
|
#7 |
|
Professional Programmer
Join Date: Oct 2005
Location: United States
Posts: 447
Rep Power: 4
|
Ok, gotcha. So would it be safer to simply overwrite without truncating, or is that even possible? Or should I just add the random gobblydegook to the file? I wanted to erase the file's contents and then remove it, so that if the file was recovered (this is just for testing purposes) it would just show the randomness that was written to the file.
__________________
The world's first athletic computer geek! The home of PrProgramsStudios How not to post a question: <-- Please don't reply |
|
|
|
|
May 18th, 2006, 6:06 PM
|
#8 |
|
Programming Guru
Join Date: Jun 2005
Location: elemental plane
Posts: 1,429
Rep Power: 5
|
I think you need some more system calls to write over the same disk space, but I'll leave The Dark to help you with that, I really don't know how.
What you have now leaves you with about: int main()
{
string fileName;
cout << "Enter file name to securely overwrite: ";
getline(cin, fileName);
int number = 0;
ifstream fin(fileName);
struct stat results;
int sizeFile = 0;
if (stat(fileName, &results) == 0)
{
sizeFile = results.st_size;
}
if (!fin)
{
cout << "File not found." << endl;
return 1;
}
// we don't need it anymore?
fin.close();
cout << "File found." << endl;
cout << "Now ending process if running..." << endl;
KillProcess(fileName);
ofstream fout(fileName, ios::out);
for (theLimit = 0; theLimit < sizeFile; theLimit++)
{
number = rand() < 9;
fout << number;
cout << "*"; // you sure you want to be doing this?
}
fout.close();
cout << '\n' << theLimit << " bytes were written to the file." << endl;
cout << "Now removing file..." << endl;
int check = remove(fileName);
if ( check == 0 ) cout << "Success." << endl;
if ( check != 0 ) cout << "Failure to remove file." << endl;
cin.sync();
cin.get();
return 0;
}
__________________
"Employ your time in improving yourself by other men's writings, so that you shall gain easily what others have labored hard for." -- Socrates |
|
|
|
|
May 18th, 2006, 6:20 PM
|
#9 |
|
Professional Programmer
Join Date: Oct 2005
Location: United States
Posts: 447
Rep Power: 4
|
Hey, thanks nnxion. That helps. I do want that * in the file, because it serves as a simple progress bar. But I need to fix it when there is a file that is 24,000 bytes large and there are 24,000 * printed to the screen. Perhaps one * every 1024 bytes or so?
__________________
The world's first athletic computer geek! The home of PrProgramsStudios How not to post a question: <-- Please don't reply |
|
|
|
|
May 18th, 2006, 8:22 PM
|
#10 |
|
Expert Programmer
Join Date: Jun 2005
Posts: 893
Rep Power: 4
|
I think the overwrite without trunc that you are doing should be OK. Of course there is no guarentee that the OS hasn't already moved the file around previously (e.g. during a defrag), so there may be copies of the data all over the disk.
You probably don't need "fin" at all anymore, you can just use the return value of stat to check if the file exists. I'd probably do a * every 1% of the file size, otherwise if you wipe out a 2GB file you are going to be seeing asterisks in your sleep for a week. |
|
|
|
|
| Bookmarks |
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
| Display Modes | |
|
|
Linear Mode
