This article demonstrates how to securely delete files and all content from a disk, and then attempt to recover files form that disk.
Warning: There is a risk you’ll make a mistake and wipe the wrong disk. So be careful.
Identify the disk you want to work with:
For me, it’s “/dev/sda”.
Optionally, place a file on the disk so we have something to work with when we’re validating our efforts to securely wipe the disk.
mkdir /dev/sda1 /media/sda1 echo "Try recover me once cleared" > /media/sda1/README umount /media/sda1
Assuming that’s the partition where the contents are.
Install the “scrub” program to do the content removal.
apt install scrub
Do the removal. Warning, this is where we securely wipe the disk resulting in complete removal of the content from the target disk.
Note: This process took about 10 minutes for an 8GB USB-2 disk.
Now we can try to recover the contents from the disk. We’ll use the “testdisk”.
apt install testdisk
“testdisk” is interactive. Start it using the command:
If you deleted the contents of the disk using normal methods, you will likely have some luck and get the files back. However, if you used the secure method to wipe the disk, the files should not be recoverable with this tool. Try the tool below.
Let’s try with another recovery tool called “photorec”. Despite the name, it works for all kinds of files. This tool look similar to “testdisk” but works differently.
Again, this is an interactive tool. Go through the process and see if it has success. This process can take a long time.