How to destroy file contents without deleting files

My goal is to have files of original size that can't be opened (or recovered) in their respective software such as MS Office Word. My purpose is to simulate presence of files while I don't want to share any of the files contents. Ideally file contents should be fully overwritten with random bytes while file size should stay the same as original.

I know that sometimes this can be done with hex editor or even notepad where one could change just few bytes and the file renders unusable. But it may not always work for some formats like images and audio that still could be opened but with artifacts.

For the most inquisitive of users still demanding me to answer the question "Why do you need this?" - I need this because I don't want to share my developments with some people that force me to share the files. Sometimes you just need. You can think of many other use cases - to simulate payload for file copy or backup operations, or to test the software you develop can handle junk gracefully.

I've tested a number of secure shred utilities that are able overwrite files with random data but after that those files get deleted. I haven't seen an option to turn off the deletion step. If such an option existed that would be a solution.

Mike

Posted 2013-06-15T11:11:41.140

Reputation: 213

4@Ramhound: that's ridiculous. The software to do this might not have been already written, but it's almost trivial to write (though a little more than a one-liner in most programming languages). Of course there is a way to query the size of a file and write exactly that many zero (or random) bytes to it! – Celada – 2013-06-15T12:52:48.963

Technically an interesting question, but why would you want to? It sounds vindictive: "If someone copies my files I want his software/system to crash"? Not worth the trouble IMO – Jan Doggen – 2013-06-17T10:21:14.537

2Why do these "destroyed" files have to be the same size as the original? They are unusable. Why would it matter which size they are? – Der Hochstapler – 2013-06-19T12:10:49.960

@OliverSalzburg I need to keep original size in order the files list to look verisimilar in Explorer details view. – Mike – 2013-06-19T16:44:13.743

Answers

I've wrote a quick approach utilizing the Random Data File Creator.

Mike noted that RDFC doesn't correctly fill the file with random data. I've emailed the author and reported this issue. For the time being, I've implemented a drop-in replacement for rdfc.exe. If you want to compile and use it, please see How do you compile a project from source?

This Windows command line script will do what you want:

@ECHO OFF
SETLOCAL
IF "%1"=="" GOTO missingParam
GOTO :begin

:missingParam
ECHO Missing target. Use %~nx0 [DRIVE:\]DIRECTORY
GOTO :eof

:begin
SET RDFC=%CD%\rdfc.exe
PUSHD %1
CALL :treeProcess
POPD
ENDLOCAL
GOTO :eof

:treeProcess
FOR %%f IN (*.*) DO (
  ECHO | SET /P=Shredding %%f... 
  %RDFC% %%f %%~zf B overwrite > NUL
  ECHO %%~zf random bytes written.
)
FOR /D %%d IN (*) DO (
    CD %%d
    CALL :treeProcess
    CD ..
)
EXIT /B

It requires that rdfc.exe is placed in the same directory as the script. The script will require 1 parameter, the target directory. Every single file in the target directory will be replaced with a file of exactly the same size, but filled with random data.

enter image description here

Der Hochstapler

Posted 2013-06-15T11:11:41.140

Reputation: 77 228

I love how you do recursion in the script – Mike – 2013-06-19T16:47:18.490

There's a slight bug with rdfc I guess. On the output I get 2 random bytes followed by 2 zero bytes and so on. – Mike – 2013-06-19T16:51:11.757

@Mike: I actually copied that from http://stackoverflow.com/questions/8397674/windows-batch-file-looping-through-directories-to-process-files

– Der Hochstapler – 2013-06-19T18:08:37.797

@Mike: I never really checked the output, I just figured it provides what it advertises :P There were other suggestions at http://stackoverflow.com/questions/533636/generating-random-files-in-windows though. This was just the most elegant as it seems. And, yes, I obviously create all my answers from other SO answers ;D

– Der Hochstapler – 2013-06-19T18:11:14.607

1@Mike: "I need this because I don't want to share my developments with some people that force me to share the files." - Frankly, I don't see how they will fail to suspect anything if none of the files you share with them will open, unless they are brain-dead. And if they are indeed fooled so easily, does it really matter what sort of (random) data is present in the files? How will totally (pseudo-)random contents affect anything as compared to a repeated sequence of "2 random bytes followed by 2 zero bytes"? – Karan – 2013-06-20T00:55:17.680

@Karan Yes, fair enough. But why not to strive for perfection? 2+2 bytes does not look like noise, and if it's noise I could say that optical disc or USB flash drive has failed. I know that sounds silly but for not super users it may work. – Mike – 2013-06-20T07:59:41.437

1@Mike And you're sure that they won't just ask you to bring another copy? – Der Hochstapler – 2013-06-20T09:55:18.873

1@Mike if an optical disk/USB flash drive fails then they wouldn't be able to read anything, let alone see the files. Even if just a few sectors were corrupted, the majority of files would still be readable (or at minimum, a good portion of their contents). And if you're dealing with files on a network/corporate drive, it's likely they also take periodic backups, rendering this technique even less effective. – Breakthrough – 2013-06-20T12:47:40.030

@Mike I've emailed the author of RDFC and reported the issue. I've also written a small tool to replace RDFC, which you can find on GitHub. Link is in the answer above. – Der Hochstapler – 2013-06-20T13:22:16.423

@Breakthrough Please don't take me wrong, I know that. But it's easier to fool people showing noise than explaining noise-zero columns. – Mike – 2013-06-20T16:01:18.793

PowerShell

Doesn't require an external tool. As a bonus it preserves the LastWrite time. Other times are not altered.

# Get file as item to access content and file dates
$file = Get-Item "C:\Users\Nixda\Desktop\input.txt" 

# Save write time to temp variable for later use
$oldWriteTime = $file.LastWriteTime 

# Create an empty array of the same size as your file size in bytes
$content = New-Object Byte[] $file.length 

# Fill the array using a System.Random object. Here is the magic
(New-Object Random).NextBytes($content)

# Write the array to the same file with System.IO.File
[IO.File]::WriteAllBytes($file,$content)

# Set back old write time
$file.LastWriteTime = $oldWriteTime

Before

enter image description here

After

enter image description here

Inspiration

http://natejones.me/create-random-file-using-powershell

nixda

Posted 2013-06-15T11:11:41.140

Reputation: 23 233

bcrypt will work just fine. Build it in cygwin and bring the cygwin dll along on a usb pendrive.

Edit: Or rather trivially obfuscate it by xoring them with a key of your choosing. That would at least preserve filesizes. Theres no need to alter more than 8 bytes, at most a kb, from the start of the files if you have a lot of documents and just want it done quickly. There has been some ransomware that did this a while ago. Im obviously no cryptographer, but it's pretty boring stuff sifting through files deriving the key used to obfuscate them. Or use dd ( from unxutils.sf.net for windows ) thusly: $ dd conv=swab if=infile of=outfile in a loop across your docs. Warning: Using dd like that will make you look silly. The same command will reverse the process.

user400344

Posted 2013-06-15T11:11:41.140

Reputation: 326

That seems too complicated for such a simple operation, and encrypting the file would slightly alter its size. – None – 2014-12-26T04:46:54.537