Go to file
Dan Puttick 47f25c07b5 Adjustments to match repo to working image 2017-02-06 17:43:18 -05:00
deb Fix #11 2013-10-09 17:33:54 +02:00
diode_controller Re-add LED files 2017-02-06 17:43:18 -05:00
doc Reorganizing structure of project 2016-12-27 12:38:37 -05:00
fs_filecheck Adjustments to match repo to working image 2017-02-06 17:43:18 -05:00
fs_get_shell/etc Reorganizing structure of project 2016-12-27 12:38:37 -05:00
kernel_config Re-enable updates of the system 2014-05-09 18:43:33 +02:00
midi midi grooming tunes 2013-10-09 21:41:25 +01:00
shell_utils Debug udev rules 2017-01-24 15:20:17 -05:00
tests Reorganizing structure of project 2016-12-27 12:38:37 -05:00
.gitignore Initial version of the standalone python module 2015-05-11 01:46:48 +02:00
CHANGELOG Typos 2016-02-10 10:05:11 +01:00
CONTRIBUTING.md Improvements to README.md, wrote CONTRIBUTING.md 2017-01-05 15:46:56 -05:00
LICENSE LICENCE->LICENSE 2014-07-08 13:07:17 +02:00
README.md Readme update with filesystem info 2017-01-25 01:48:21 -05:00
README_setup.md Improvements to README.md, wrote CONTRIBUTING.md 2017-01-05 15:46:56 -05:00
copy_to_final.sh Merge branch 'master' into dev 2015-12-08 17:04:51 +00:00
mount_image.sh Added information to README_filecheck.md 2016-12-28 20:22:17 -05:00
proper_chroot.sh make it easyer to run the tests 2014-03-27 00:02:48 +01:00
run_tests.sh Rework the way we select which partition types to test and introduce the concept of file test sets. Remove redundant old-style partition data sources. 2015-10-09 17:47:04 -04:00

README.md

CIRCLean

CIRCLean logo Cleaner in action

How To

Graphical how-to and pre-built image.

To prepare the SD card on Windows, you can use Win32DiskImager.

And the linux way is in the command line, via dd (see in copy_to_final.sh)

If you'd like to contribute to the project or build the image yourself, see contributing and the setup readme. This is a work in progress - contributions are welcome.

Why/What

This project aims to be useful when you get/find a USB key that you can't trust, and you want to look at its contents without taking the risk of plugging it into your computer directly.

CIRCLean is currently tested to work with USB keys that have FAT32, NTFS, or ext2/3/4 filesystems. Currently, exFAT is not supported due to lack of support for this format in pmount. The vast majority of USB keys will be FAT32 or NTFS.

The content of the untrusted key will be copied or/and converted to the second (blank) key following these rules (based on the mime type as determined bylibmagic):

  • Direct copy of:
    • Plain text files (mime type: text/*)
    • Audio files (mime type: audio/*)
    • Video files (mime type: video/*)
    • Example files (mime type: example/*)
    • Multipart files (mime type: multipart/*)
    • xml files, after being converted to text files
    • Octet-stream files
  • Copied after verification:
    • Image files after verifying that they are not compression bombs (mime type: image/*)
    • PDF files, after marking as dangerous if they contain malicious content
    • msword|vnd.openxmlformats-officedocument.|vnd.ms-|vnd.oasis.opendocument*, after parsing with oletools/olefile and marking as dangerous if the parsing fails.
  • Copied but marked as dangerous (DANGEROUS_filename_DANGEROUS)
    • Message files (mime type: message/*)
    • Model files (mime type: model/*)
    • x-dosexec (executable)
  • Compressed files (zip|x-rar|x-bzip2|x-lzip|x-lzma|x-lzop|x-xz|x-compress|x-gzip|x-tar|*compressed):
    • Archives are unpacked, with the unpacking process stopped after 2 levels of archives to prevent archive bombs.
    • The above rules are applied recursively to the unpacked files.

Usage

  1. Power off the device and unplug all connections.

  2. Plug the untrusted key in the top USB slot of the Raspberry Pi.

  3. Plug your own key in the bottom USB slot (or use any of the other slots if there are more than 2).

    Note: This key should be bigger than the original one because any archives present on the source key will be expanded and copied.

  4. Optional: connect the HDMI cable to a screen to monitor the process.

  5. Connect the power to the micro USB port.

    Note: Use a 5V, 700mA+ regulated power supply

  6. Wait until you do not see any blinking green light on the board, or if you connected the HDMI cable, check the screen. The process is slow and can take 30-60 minutes depending on how many document conversions take place.

  7. Power off the device and disconnect the drives.

Helper scripts

You should use them as examples when you are creating a new image and probably not run them blindly as you will most probably have to change parameters accordingly to your configuration.

IN ALL CASES, PLEASE READ THE COMMENTS IN THE SCRIPTS AT LEAST ONCE.

  • proper_chroot.sh: uses qemu to chroot into a raspbian instance (.img or SD Card)
  • prepare_rPI.sh: update the system, some configuration
  • create_user.sh: create the user who will run the scripts, assign the proper sudo rights.
  • copy_to_final.sh: populate the content of the directory fs/ in the image, contains a sample of dd command to write the image on the SD card. NOTE: TAKE CARE NOT TO USE THE WRONG DESTINATION