Sign in to follow this  
Followers 0
60aside

Help Needed Protecting USB flash drive in WinPE

8 posts in this topic

Hi,

I have created a bootable USB Flash Drive to deploy Windows Images to clients.

The flash drive boots into WinPE 2.1 based on MS Vista.

Part of the procedure is to use Diskpart to clean and then format Disk0 before the image is applied.

However, if a reimage is attempted on a machine with a faulty hard disk, then the USB flash drive could become Disk0 and the

Diskpart clean will wipe the USB flash drive. (This has happened to me during testing.)

A write protect switch would be good - but larger flash drives do not seem to have this, therefore a software solution is necessary.

I did try adding the reg key below. This protects a format, but not a clean using Diskpart.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\StorageDevicePolicies]

"WriteProtect"=dword:00000001

Is there a way that I can query the volume label of Disk0, so that I can avoid running the diskpart if the volume label is the same as the usb flash drive? I can only see functions for drives (not disks) in the help files.

Any help on this would be greatly appreciated.

Thanks Guys.

Share this post


Link to post
Share on other sites



You can retrieve the partition (volume) info for disk 0 (via diskpart) before "cleaning" and compare it to the path of the source disk (@ScriptDir). You'll have to parse out the info you want, but that's one way to do it.

Share this post


Link to post
Share on other sites

Hi,

I have created a bootable USB Flash Drive to deploy Windows Images to clients.

The flash drive boots into WinPE 2.1 based on MS Vista.

Part of the procedure is to use Diskpart to clean and then format Disk0 before the image is applied.

However, if a reimage is attempted on a machine with a faulty hard disk, then the USB flash drive could become Disk0 and the

Diskpart clean will wipe the USB flash drive. (This has happened to me during testing.)

A write protect switch would be good - but larger flash drives do not seem to have this, therefore a software solution is necessary.

I did try adding the reg key below. This protects a format, but not a clean using Diskpart.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\StorageDevicePolicies]

"WriteProtect"=dword:00000001

Is there a way that I can query the volume label of Disk0, so that I can avoid running the diskpart if the volume label is the same as the usb flash drive? I can only see functions for drives (not disks) in the help files.

Any help on this would be greatly appreciated.

Thanks Guys.

Share this post


Link to post
Share on other sites

That's an idea, but i'm struggling parsing the info.

If I launch diskpart and type:-

sel disk 0

detail disk

there is Type: USB

which would be ideal to use because I could exit the script if this is the case.

can anyone help with this?

Thanks

Share this post


Link to post
Share on other sites

You could capture the output from diskpart and see if your PE Volume Label show up.

$data = ""
$pid = Run(@WindowsDir & "\system32\diskpart.exe", @SystemDir, "", 0x1 + 0x8)
If Not $pid Then Exit

$data &= _Read($pid)
_Send($pid,"select disk 0" & @CR)
$data &= _Read($pid)
_Send($pid,"detail disk" & @CR)
$data &= _Read($pid)
_Send($pid,@CR)
$data &= _Read($pid)
ConsoleWrite($data & @CRLF)

Func _Read($pid)
    If Not $pid Then Return -1
    Local $dataA
    Local $dataB
    Do
        $dataB = $dataA
        sleep(100)
        $dataA &= StdOutRead($pid)
        If @error Then ExitLoop
    Until $dataB = $dataA And $dataA And $dataB
    Return $dataA
EndFunc

Func _Send($pid,$cmd)
    StdinWrite($pid,$cmd)
EndFunc

Share this post


Link to post
Share on other sites

Why not just check for the presence of some unique filename on your USB stick ?

That would allow you to work at drive i.o. disk level.

just my 2c,

whim

Share this post


Link to post
Share on other sites

#7 ·  Posted (edited)

Hi,

you may use WMI to detect which drives are connected:

Global $usbcount = 0, $other = 0
_getinterface ()
Msgbox (0,"Interfaces", $usbcount & " USB drives" & @CRLF & "and" & @CRLF & $other & " other drives found!")
;if $other = 0 you have only USB Drive connected

; Generated by AutoIt Scriptomatic
Func _getinterface ()
    $wbemFlagReturnImmediately = 0x10
    $wbemFlagForwardOnly = 0x20
    $colItems = ""
    $strComputer = "localhost"

    $objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2")
    $colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_DiskDrive", "WQL", _
                                              $wbemFlagReturnImmediately + $wbemFlagForwardOnly)

    If IsObj($colItems) then
        For $objItem In $colItems
            If StringInStr ($objItem.InterfaceType, "usb") Then
                $usbcount += 1
            Else
                $other += 1
            EndIf
        Next
    EndIf
EndFunc

;-))

Stefan

Edited by 99ojo

Share this post


Link to post
Share on other sites

Hi,

you may use WMI to detect which drives are connected:

Global $usbcount = 0, $other = 0
_getinterface ()
Msgbox (0,"Interfaces", $usbcount & " USB drives" & @CRLF & "and" & @CRLF & $other & " other drives found!")
;if $other = 0 you have only USB Drive connected

; Generated by AutoIt Scriptomatic
Func _getinterface ()
    $wbemFlagReturnImmediately = 0x10
    $wbemFlagForwardOnly = 0x20
    $colItems = ""
    $strComputer = "localhost"

    $objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2")
    $colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_DiskDrive", "WQL", _
                                              $wbemFlagReturnImmediately + $wbemFlagForwardOnly)

    If IsObj($colItems) then
        For $objItem In $colItems
            If StringInStr ($objItem.InterfaceType, "usb") Then
                $usbcount += 1
            Else
                $other += 1
            EndIf
        Next
    EndIf
EndFunc

;-))

Stefan

Thanks Stefan,

That should do it. if $other = 0 then I know that there is only the usb Flash Drive present on the machine and I can quit the program.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0