FORUMS

[SCRIPT] (Depreciated) Wipe Encrypted Data Without Wiping Internal Storage

1,849 posts
Thanks Meter: 61,020
 
By topjohnwu, Senior Recognized Developer / Recognized Contributor on 7th May 2016, 10:53 AM
Post Reply Email Thread
Update: The latest TWRP is already capable of decrypting data. This method is now unnecessary and depreciated. Use factory reset in TWRP menu instead

Disclaimer: This mod will wipe your data. I am not responsible for data loss after using this mod.
I tested on my device several times, it's working for me so internal storage is always preserved, but I cannot guarantee if anything is messed up on your side. Please read the post carefully before using this mod!
Always backup your important data before modifying your phone's software!


To compensate the mistake I have done in the modified SuperSU script (I fixed it eventually though ), I decided to release a mod I consider quite useful for most people.
I've used the 10 for quite some time, and I've been messing with it from day 1.
Since the encryption is required for the phone to have proper radio signal (more info here), we are forced to keep our devices encrypted.
And because HTC uses proprietary encryption method, TWRP is unable to decrypt our data partition, which causes the recovery unable to read anything from data.
This is actually quite a big problem. If you want to full wipe and clean flash your favorite custom rom, the "Factory Reset" option in TWRP is not available, so you are forced to wipe the whole data partition, which will cause all your personal files stored in internal storage to be removed.
If you're a flashaholic like I am, you are forced not to store anything important in the phone storage because it will be wiped every time trying to clean flash a rom.
To breakthrough this inconvenience, I created this flashable zip to accomplish something similar to the "Factory Reset" option in TWRP.

Requirement: You have to use the systemless root of SuperSU to use this mod. If you want to flash the wipe script with SuperSU, flash SuperSU first, then flash the wipe script.
Important: If you have chosen "Require PIN/password/pattern to start device" in the "Secure startup" page during the initial setup, you CANNOT use this mod!
If you have to enter your PIN/password/pattern before your device booted up, this means that you have secure startup enabled. You CANNOT use this mod!
If secure startup is enabled and you flash this zip, your encryption will be messed up and you will have to format the whole data partition eventually to make your phone working again.


After flashing the mod, your data will not be wiped immediately in recovery because we cannot do so. It will wipe the data AFTER you rebooted back to system. It will reboot again after the wipe is done. If you flashed SuperSU at the same time with this mod, you will experience 2 consecutive reboot loops. This is normal behavior, don't panic.

If devs are interested in including this zip into your rom, you can use it in the same way as SuperSU:
Code:
package_extract_dir("wipe", "/tmp/wipe");
run_program("/sbin/busybox", "unzip", "/tmp/wipe/wipe.zip", "META-INF/com/google/android/*", "-d", "/tmp/wipe");
run_program("/sbin/busybox", "sh", "/tmp/wipe/META-INF/com/google/android/update-binary", "dummy", "1", "/tmp/wipe/wipe.zip");
For those who are interested in what this zip actually do, here is a brief explanation:

If secure startup is disabled, data will be decrypted as soon as the device booted up. We can only access data after it is decrypted. So our only choice is to wipe data after the device has booted up.
I created a script to wipe all data except SuperSU app, su binary image, and your internal storage.
SuperSU will automatically run scripts inside the directory /su/su.d, so after putting the script into the folder, SuperSU will the wipe script at boot time.
The problem is: su.img is also located in /data, how can we push files into the image? Fortunately, our master Chainfire has thought of this problem. The image /cache/su.img will be merged with /data/su.img during boot. So I just need to place the script into /cache/su.img, then Chainfire's script will do all the rest of the work automatically. If you're interested in the merging process, take a look at launch_daemonsu.sh in the ramdisk of a SuperSU modified boot for more details.
Attached Files
File Type: zip FullWipe_encrypted.zip - [Click for QR Code] (2.5 KB, 792 views)
The Following 23 Users Say Thank You to topjohnwu For This Useful Post: [ View ]
9th May 2016, 03:50 PM |#2  
stonew5082's Avatar
Senior Member
Flag Atlantis
Thanks Meter: 430
 
More
Is this helpful in regards to initial routing and flashing a rom or only afterwards to flash a new one?
The Following User Says Thank You to stonew5082 For This Useful Post: [ View ] Gift stonew5082 Ad-Free
9th May 2016, 04:07 PM |#3  
StickyEyez's Avatar
Senior Member
San Diego
Thanks Meter: 33
 
More
Quote:
Originally Posted by topjohnwu

Disclaimer: This mod will wipe your data. I am not responsible for data loss after using this mod.
I tested on my device several times, it's working for me so internal storage is always preserved, but I cannot guarantee if anything is messed up on your side. Please read the post carefully before using this mod!
Always backup your important data before modifying your phone's software!


To compensate the mistake I have done in the modified SuperSU script (I fixed it eventually though ), I decided to release a mod I consider quite useful for most people.
I've used the 10 for quite some time, and I've been messing with it from day 1.
Since the encryption is required for the phone to have proper radio signal (more info here), we are forced to keep our devices encrypted.
And because HTC uses proprietary encryption method, TWRP is unable to decrypt our data partition, which causes the recovery unable to read anything from data.
This is actually quite a big problem. If you want to full wipe and clean flash your favorite custom rom, the "Factory Reset" option in TWRP is not available, so you are forced to wipe the whole data partition, which will cause all your personal files stored in internal storage to be removed.
If you're a flashaholic like I am, you are forced not to store anything important in the phone storage because it will be wiped every time trying to clean flash a rom.
To breakthrough this inconvenience, I created this flashable zip to accomplish something similar to the "Factory Reset" option in TWRP.

Requirement: You have to use the systemless root of SuperSU to use this mod. If you want to flash the wipe script with SuperSU, flash SuperSU first, then flash the wipe script.
Important: If you have chosen "Require PIN/password/pattern to start device" in the "Secure startup" page during the initial setup, you CANNOT use this mod!
If you have to enter your PIN/password/pattern before your device booted up, this means that you have secure startup enabled. You CANNOT use this mod!
If secure startup is enabled and you flash this zip, your encryption will be messed up and you will have to format the whole data partition eventually to make your phone working again.


After flashing the mod, your data will not be wiped immediately in recovery because we cannot do so. It will wipe the data AFTER you rebooted back to system. It will reboot again after the wipe is done. If you flashed SuperSU at the same time with this mod, you will experience 2 consecutive reboot loops. This is normal behavior, don't panic.

If devs are interested in including this zip into your rom, you can use it in the same way as SuperSU:

Code:
package_extract_dir("wipe", "/tmp/wipe");
run_program("/sbin/busybox", "unzip", "/tmp/wipe/wipe.zip", "META-INF/com/google/android/*", "-d", "/tmp/wipe");
run_program("/sbin/busybox", "sh", "/tmp/wipe/META-INF/com/google/android/update-binary", "dummy", "1", "/tmp/wipe/wipe.zip");
For those who are interested in what this zip actually do, here is a brief explanation:

If secure startup is disabled, data will be decrypted as soon as the device booted up. We can only access data after it is decrypted. So our only choice is to wipe data after the device has booted up.
I created a script to wipe all data except SuperSU app, su binary image, and your internal storage.
SuperSU will automatically run scripts inside the directory /su/su.d, so after putting the script into the folder, SuperSU will the wipe script at boot time.
The problem is: su.img is also located in /data, how can we push files into the image? Fortunately, our master Chainfire has thought of this problem. The image /cache/su.img will be merged with /data/su.img during boot. So I just need to place the script into /cache/su.img, then Chainfire's script will do all the rest of the work automatically. If you're interested in the merging process, take a look at launch_daemonsu.sh in the ramdisk of a SuperSU modified boot for more details.

Is the systemless one the one you patched?

Sent from my LG-H830 using XDA-Developers mobile app
9th May 2016, 04:34 PM |#4  
OP Senior Recognized Developer / Recognized Contributor
Flag Taipei
Thanks Meter: 61,020
 
Donate to Me
More
Quote:
Originally Posted by stonew5082

Is this helpful in regards to initial routing and flashing a rom or only afterwards to flash a new one?

It functions the same as "Factory Reset" in TWRP, which means it will wipe all data, but your personal files stored in internal storage will remain on the device.

Quote:
Originally Posted by StickyEyez

Is the systemless one the one you patched?

Sent from my LG-H830 using XDA-Developers mobile app

Actually you can use the original version. But I suggest you to use my patched one, in case you accidentally wiped your whole data partition (this mod will not do this), you will stay encrypted, and your data signal will be fine
The Following User Says Thank You to topjohnwu For This Useful Post: [ View ]
9th May 2016, 09:56 PM |#5  
Junior Member
Thanks Meter: 1
 
More
Hi topjohnwu

@ jollywhitefoot suggested you might be able to help to wipe userdata from download mode.

My phone will not get passed message "Your phones is encrypted" "TO DECRYPT YOUR PHONE. ENTER YOUR SCREEN LOCK PASSWORD" I had no screen lock password... i have different passwords to decrypt . Each time i put a password in it resest phone and does factory rest and then reboots straight into Bootloader again.

Phone has no recovery " Failed to boot into recovery mode" red writing on a black screen.

Phoned has OEM Relocked ....cant fastboot or unlock bootloader again

Please can you help
10th May 2016, 05:44 AM |#6  
OP Senior Recognized Developer / Recognized Contributor
Flag Taipei
Thanks Meter: 61,020
 
Donate to Me
More
Quote:
Originally Posted by tailor999

Hi topjohnwu

@ jollywhitefoot suggested you might be able to help to wipe userdata from download mode.

My phone will not get passed message "Your phones is encrypted" "TO DECRYPT YOUR PHONE. ENTER YOUR SCREEN LOCK PASSWORD" I had no screen lock password... i have different passwords to decrypt . Each time i put a password in it resest phone and does factory rest and then reboots straight into Bootloader again.

Phone has no recovery " Failed to boot into recovery mode" red writing on a black screen.

Phoned has OEM Relocked ....cant fastboot or unlock bootloader again

Please can you help

You can try to unlock your bootloader again.
If you cannot unlock it, then I regret to say that your phone might be doomed.
Never try to relock your phone if it's not in 100% stock condition and perfectly working.
10th May 2016, 07:46 AM |#7  
Junior Member
Thanks Meter: 1
 
More
Quote:
Originally Posted by topjohnwu

You can try to unlock your bootloader again.
If you cannot unlock it, then I regret to say that your phone might be doomed.
Never try to relock your phone if it's not in 100% stock condition and perfectly working.

I have tried unlocking boot loader again. The log shows oem needs to be unlocked.

When a RUU comes out, would that help recover the phone?

Sent from my ONE A2003 using XDA-Developers mobile app
10th May 2016, 11:24 AM |#8  
LeeDroid's Avatar
Recognized Developer
Flag Newton Aycliffe
Thanks Meter: 45,891
 
Donate to Me
More
Quote:
Originally Posted by tailor999

Hi topjohnwu

@ jollywhitefoot suggested you might be able to help to wipe userdata from download mode.

My phone will not get passed message "Your phones is encrypted" "TO DECRYPT YOUR PHONE. ENTER YOUR SCREEN LOCK PASSWORD" I had no screen lock password... i have different passwords to decrypt . Each time i put a password in it resest phone and does factory rest and then reboots straight into Bootloader again.

Phone has no recovery " Failed to boot into recovery mode" red writing on a black screen.

Phoned has OEM Relocked ....cant fastboot or unlock bootloader again

Please can you help

Assuming you have a stock recovery image..

Boot to bootloader then recovery.

Long press power for a few seconds then tap volume up.

You can then factory reset in stock recovery
10th May 2016, 02:24 PM |#9  
Junior Member
Thanks Meter: 1
 
More
Quote:
Originally Posted by LeeDroid

Assuming you have a stock recovery image..

Boot to bootloader then recovery.

Long press power for a few seconds then tap volume up.

You can then factory reset in stock recovery

Oh dam it, just seen your post a bit late. Car phone warehouse has just collected my handset - im sure they'll send it back saying ive lost warranty
10th May 2016, 02:29 PM |#10  
LeeDroid's Avatar
Recognized Developer
Flag Newton Aycliffe
Thanks Meter: 45,891
 
Donate to Me
More
Quote:
Originally Posted by tailor999

Oh dam it, just seen your post a bit late. Car phone warehouse has just collected my handset - im sure they'll send it back saying ive lost warranty

Oh dear....
The Following User Says Thank You to LeeDroid For This Useful Post: [ View ]
11th May 2016, 06:43 PM |#11  
SacredDeviL666's Avatar
Retired Senior Moderator - May You Rest in Peace - "Like Duh"
¤No Man's Land¤
Thanks Meter: 8,861
 
More
Quote:
Originally Posted by topjohnwu


Requirement: You have to use the systemless root of SuperSU to use this mod. If you want to flash the wipe script with SuperSU, flash SuperSU first, then flash the wipe script.
Important: If you have chosen "Require PIN/password/pattern to start device" in the "Secure startup" page during the initial setup, you CANNOT use this mod!
If you have to enter your PIN/password/pattern before your device booted up, this means that you have secure startup enabled. You CANNOT use this mod!
If secure startup is enabled and you flash this zip, your encryption will be messed up and you will have to format the whole data partition eventually to make your phone working again.

the thing is i have selected no for secure boot but whenever i setup a fingerprint and boot then it gets enabled again even if i had disabled it...

any way around or am i missing on something.. currently on lee's rom
Post Reply Subscribe to Thread

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes