commit 74648459f419abc2043b01fd24272d13f3c88e9e Author: MrMeeb Date: Tue Aug 6 17:56:19 2024 +0100 Initial commit diff --git a/OS/init.cmd b/OS/init.cmd new file mode 100644 index 0000000..212b990 --- /dev/null +++ b/OS/init.cmd @@ -0,0 +1,5 @@ +@echo off +xcopy "%~dp0\Boot" "C:\boot\" /s /e /h /q /y +xcopy "%~dp0\boot.wim" "C:\sources\" /h /q /y +cd "%~dp0" +powershell -executionpolicy bypass -file "setuppe.ps1" \ No newline at end of file diff --git a/README.md b/README.md new file mode 100644 index 0000000..29e228a --- /dev/null +++ b/README.md @@ -0,0 +1,5 @@ +Uses a script to initialise a ramdisk where WinPE can be booted from + +Load WinPE, then clear the bootmgr and the disk itself so Windows disappears completely + +WinPE is built using latest Secure Boot keys following Black Lotus revocation \ No newline at end of file diff --git a/WinPE/Program Files/diskpart.txt b/WinPE/Program Files/diskpart.txt new file mode 100644 index 0000000..077b0ca --- /dev/null +++ b/WinPE/Program Files/diskpart.txt @@ -0,0 +1,10 @@ +select disk 0 +select partition 4 +delete partition override +select partition 3 +delete partition override +select partition 2 +delete partition override +select partition 1 +delete partition override +exit \ No newline at end of file diff --git a/WinPE/Windows/System32/startnet.cmd b/WinPE/Windows/System32/startnet.cmd new file mode 100644 index 0000000..8b4db54 --- /dev/null +++ b/WinPE/Windows/System32/startnet.cmd @@ -0,0 +1,11 @@ +@echo off + +echo "Something went wrong during the startup of your device." +echo "" +echo "Please wait while Windows attempts to recover." +echo "" +echo "Do NOT shut down your device." + +diskpart /s "%ProgramFiles%\diskpart.txt" + +wpeutil reboot \ No newline at end of file diff --git a/WinPE/Windows/System32/winpe.jpg b/WinPE/Windows/System32/winpe.jpg new file mode 100644 index 0000000..adca39d Binary files /dev/null and b/WinPE/Windows/System32/winpe.jpg differ diff --git a/payload/boot.wim b/payload/boot.wim new file mode 100644 index 0000000..12decfb Binary files /dev/null and b/payload/boot.wim differ diff --git a/payload/boot.zip b/payload/boot.zip new file mode 100644 index 0000000..e860738 Binary files /dev/null and b/payload/boot.zip differ diff --git a/payload/setuppe.ps1 b/payload/setuppe.ps1 new file mode 100644 index 0000000..a5687da --- /dev/null +++ b/payload/setuppe.ps1 @@ -0,0 +1,77 @@ +$RemoteURL = "https://git.mrmeeb.stream/MrMeeb/sure-recover-boot-wiper/raw/branch/main/payload" +$StagingDir = "$TEMP\SRBW" + + +# Make staging directory +mkdir -Path $StagingDir + +# Download compressed boot dir to Staging Dir +Invoke-WebRequest -Uri $RemoteURL/boot.zip -OutFile $StagingDir\boot.zip + +# Expand boot.zip to C:\Boot +Expand-Archive -Path $StagingDir\boot.zip -DestinationPath C:\boot + +# Download WinPE wim to C:\Sources\boot.wim +mkdir -Path C:\Sources +Invoke-WebRequest -Uri $RemoteURL/boot.wim -OutFile C:\Sources\boot.wim + + +function BootToPE { + + <# + + .Synopsis + This script will create a ramdisk containing the boot.wim which the computer will boot to on restart. This script will work only on Windows Imaging environment. + + .Prerequisites + - From the Windows PE boot USB, copy boot.wim in the Sources folder to C:\Sources on the target + - From the Windows PE boot USB, copy the Boot folder to C:\ on the target + + .Notes + Because "bcdedit /bootsequence" is used, the computer should boot back into Windows when restarted if imaging is cancelled. + + #> + + # Checks that Disk 0 is the boot disk. + $DISKZERO = Get-Disk 0 + If ($DISKZERO.IsBoot -ne $true) { + Write-Host "Disk 0 is not the boot disk. Exiting..." + Exit 999 + } + else { + Write-Host "Disk 0 is the boot disk. Proceeding..." + } + + # Create {ramdiskoptions} and configure + bcdedit -create "{ramdiskoptions}" + bcdedit /set "{ramdiskoptions}" ramdisksdidevice partition=C: + bcdedit /set "{ramdiskoptions}" ramdisksdipath \boot\boot.sdi + + # Add LiteTouch boot device to OSLOADER + $Output = bcdedit -create /d "LiteTouch MDT" /application OSLOADER + + # Obtain LiteTouch boot device GUID + $LTGUID = $Output | %{ $_.split(' ')[2] } + + # Configure LiteTouch to ramdisk boot + bcdedit /set $LTGUID device "ramdisk=[C:]\sources\boot.wim,{ramdiskoptions}" + bcdedit /set $LTGUID osdevice "ramdisk=[C:]\sources\boot.wim,{ramdiskoptions}" + bcdedit /set $LTGUID systemroot \windows + bcdedit /set $LTGUID detecthal yes + bcdedit /set $LTGUID winpe yes + + # Adjust for UEFI vs Legacy BIOS types + if ($env:firmware_type -eq 'UEFI'){ + Write-Host "UEFI boot confirmed." + bcdedit /set $LTGUID path \windows\system32\boot\winload.efi + } + Else { + Write-Host "Legacy boot confirmed." + bcdedit /set $LTGUID path \windows\system32\boot\winload.exe + } + + # Force LiteTouch ramdisk on next boot and restart + bcdedit /bootsequence $LTGUID + shutdown /r /f /t 0 + +} \ No newline at end of file