Skip to content

KALI – How to use DD to wipe your USB pen – The Visual Guide


Yesterday we discovered the most efficient tool to overwrite and destroy data is the dd command. Kali has this installed by default, so lets use this to securely delete any data on an old USB drive.  Neither Windows nor MAC deletes the file, they remove the pointer not the contents of the file.  This is like removing the house number and pretending the house isn’t there.  Of course, the house, TV and contents are all still operational… it’s just the house number that’s gone.  This is horrendous for privacy, or simply if you wish to resell equipment.

Step 1 – Find the right drive

We can use either mount or dmesg.


vm mount usb 2

dmesg | grep “\[sd”

Here we find the KINGSTON USB pen is /dev/sdb1

Look at the output… make sure you’re overwriting the right drive… as there is no way back… Try it out on a USB pen first, to get a feel for the procedure.


Step 2 – Unmount the drive

You must make sure you unmount the drive first.  The Unmount command is actually umount {watch out for this GOTCHA}.

umount /dev/sdb1

umount usb step 3

Step 3 – Use DD to zero over the USB pen data

This command writes an endless stream of zeroes to the usb pen /dev/sdb1.  DD will write zeroes to the drive until it runs out of space – which is how we know that it’s finished.  We’ll get an error “No space left on drive”… woohoo!!

dd if=/dev/zero of=/dev/sdb bs=1M

vm overwrite all zeroes step 4When it’s finished, you’ll see “No space left on device” and the wiping speed ie 69 MB/s.

vm drive wiped

Step 4 – Super Secure Overwriting

Instead of all zeroes next we use all random gibberish from the /dev/urandom function.  This fills the USB pen with random gibberish.  Again it’s a constant stream of gibberish, rather than just zeroes.

You’ll probably find urandom much slower than zeroes.

dd if=/dev/urandom of=/dev/sdb bs=1M

vm random wipe code

dd is heavy on your CPU = here we see a whopping 98% of CPU usage is dd.

vm dd heavy on cpu with arrowNotice how much slower /dev/urandom is – a mere 9.3 MB/s.

vm dd random finishedThe drive will need to be reformatted to use it.  Windows issues this notice to format the drive.

vm format usb in windows

So what next?  How do we make our USB totally secure?


Step 5 – Combine both Zero and /dev/urandom wipes

We start by assigning a variable instead of the /dev/sdb drive name, as this makes less work for us.  Start by assigning the WIPEUSB variable to the correct drive – again, don’t make a mistake here, or you’re in big trouble…


echo $WIPEUSB {to double check /dev/sdb is assigned}

vm variable set wipeusb


dd if=/dev/zero of=$WIPEUSB bs=1M;

dd if=/dev/urandom of=$WIPEUSB bs=1M;

dd if=/dev/zero of=$WIPEUSB bs=1M;

Military standards are 6 overwrites, here we have specified 3 overwrites.  So double this and we’re at military standard data destruction.


Step 7 – Make  a BASH script to wipe your USB drives for you.

Use the dmesg | grep “\[sd” option in a script…

Test this out using nano… to ensure that you can locate /dev/sdb

nano {create the script in nano – use Ctrl+O to save}

chmod +x {make the script executable}

./ {./ means the current directory}

vm nano usbwipe script

Now edit the script to run an all zero wipe on /dev/sdb – enter in the commands from Step 3.  And execute the script.


vm nano full script zeroesvm nano script runningDid we forget a “umount” in the script?  Okay, we’ll need to go back and insert that step.

vm umout command


If you want to add a user prompt

echo -n “Enter the USB drive to wipe eg /dev/sdb1: ”
read usbwipe
echo “Hello, you selected $usbwipe”

echo “About to unmount $usbwipe”
umount $usbwipe

echo “You are about to overwrite usb $usbwipe with zeroes”
dd if=/dev/zero  of=/dev/sdb bs=1M

echo “USBWIPE has completed”


A script with user input and wipe with random data (slow)

echo -n “Enter the USB drive to wipe eg /dev/sdb1: ”
read usbwipe
echo “Hello, you selected $usbwipe”

echo “About to unmount $usbwipe”
umount $usbwipe

echo “You are about to overwrite usb $usbwipe with random data:”
dd if=/dev/urandom of=/dev/sdb bs=1M

echo “ has completed”

That’s it.  Yay!! We can now nuke our USB pens using the dd command.


VMWare users

How to connect the USB drive in VMware

VM > Removable Devices > Drop down list of USB Drives > Connect (Disconnect from Host)

vm connect usb*****

KALI – First things to do after installing Kali Debian Linux – The Visual Guide

  1. herpinderpinsplotch permalink

    Wiping the USB with zeros and then random characters is not forensically secure. There is a more secure Unix command called shred, which writes 3 passes of random bits.


    • Thanks for commenting. Yes Shred and Bleachbit are both great tools for secure erase. The one thing that surprised me is that magnetic erasure patterns do not work on SSD’s. So SSD’s basically have to be destroyed, as they can contain up to 16 copies of a file… and the manufacturers erase coding generally doesn’t work. Which doesn’t inspire us with confidence. You would expect manufacturers to know what they’re doing.
      And in over 2/3rds of SSD erasures… they simply failed to work.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: