分区序列号修改工具.rar (643 K) 下载次数:0 �UX03"g�X
QQ377718625
">03�~:o�A 1 求个修改系统分区卷GUID C++源码(编译后能改成功的)
x[z��K�tX� 2 下面内容里面的有问题仅供参考。
�Id; mn}+~ 3 执行到下面标记位置程序就秒退了。
aIY$5��^�x #define _CRT_SECURE_NO_WARNINGS
4{c`g$j�> #include <windows.h>
yZQ1]
'^31 #include <winternl.h>
T�Z)(ZKX*R #include <stdio.h>
�_$~ex �~v 34HF�r��Mi //
https://docs.microsoft.com/en-us/windows-hardware/drivers/ddi/wdm/ne-wdm-_fsinfoclass PsacXZNs\N X*(�gT1"�t typedef enum _FSINFOCLASS {
Z8N@e<!*~8 FileFsVolumeInformation = 1,
"~�B~{ _<j FileFsLabelInformation,
&?&'
"c{;m FileFsSizeInformation,
H�rM)jC<~� FileFsDeviceInformation,
�':9%3Wq]j FileFsAttributeInformation,
`�1}HWLBX. FileFsControlInformation,
)WzGy�~p8K FileFsFullSizeInformation,
A6�32 :�V� FileFsObjectIdInformation,
�x� A@|�I# FileFsDriverPathInformation,
qFB9�,cUqh FileFsMaximumInformation
�EG�8%~k+R } FS_INFORMATION_CLASS, * PFS_INFORMATION_CLASS;
\���>&@�lA �Q3'(f�9
x typedef NTSTATUS(*FZwSetVolumeInformationFile)(HANDLE, PIO_STATUS_BLOCK, PVOID, ULONG, FS_INFORMATION_CLASS);
�Tq_1wX�'\ �2�&3e�AJC typedef NTSTATUS(*FZwQueryVolumeInformationFile)(HANDLE, PIO_STATUS_BLOCK, PVOID, ULONG, FS_INFORMATION_CLASS);
��+F#=`+�V })h'""i&xn int main(int argc, char* argv[])
y��=y/d>=w {
R �V_MW�v� const wchar_t* device = L"\\.\c:";
9C�g�X��c5 ;F"�
�k��D HANDLE h = CreateFileW(device, 0x40000000, 3, 0, 3, 0x80, 0);
bgkb�w
�E� if (h == INVALID_HANDLE_VALUE) return 0;
R;5�Q�D�`� printf("handle is %d \n", h);
e�G a#$x?. qe�n44;\L� HMODULE m = GetModuleHandleW(L"ntdll.dll");
h'�z+8X_�t if (!m) return 0;
Wo�C\�a^�V printf("module is %p \n", m);
f]O5V$!RuE s:qx�AUi\/ FZwSetVolumeInformationFile _ZwSetVolumeInformationFile = (FZwSetVolumeInformationFile)GetProcAddress(m, "ZwSetVolumeInformationFile");
iPR!�JX
_ FZwQueryVolumeInformationFile _ZwQueryVolumeInformationFile = (FZwQueryVolumeInformationFile)GetProcAddress(m, "ZwQueryVolumeInformationFile");
�qJ�e&jLZa if (!_ZwSetVolumeInformationFile || !_ZwQueryVolumeInformationFile) return 0;
h Kp,4D>2_ printf("_ZwSetVolumeInformationFile %p \n", _ZwSetVolumeInformationFile);
:..E:HdYO� printf("_ZwQueryVolumeInformationFile %p \n", _ZwQueryVolumeInformationFile);
yHV^a0e7EH k���:��&?$ NTSTATUS s;
`�Pz!�SJ|� const int size = 1024 * 10;
i!/�h3�%=� char* buf = new char[size];
3 LZL!^ 5N memset(buf, 0, size);
&VtW�Sq�-) IO_STATUS_BLOCK status{ 0 };
w �yuJS��B <ls�i.x\y< typedef struct _FILE_FS_VOLUME_INFORMATION {
*+�4>i�L*: LARGE_INTEGER VolumeCreationTime;
\rB/83�[;u ULONG VolumeSerialNumber;
Fj4l� %=�� ULONG VolumeLabelLength;
�7M&.UzIY` BOOLEAN SupportsObjects;
0`aH�wt�/F WCHAR VolumeLabel[1];
%FXI�lH�5� } FILE_FS_VOLUME_INFORMATION, * PFILE_FS_VOLUME_INFORMATION;
3�M`hn4�)K s = _ZwQueryVolumeInformationFile(h, &status, buf, size, FileFsVolumeInformation);
4ok��HAv8; PFILE_FS_VOLUME_INFORMATION p1 = (PFILE_FS_VOLUME_INFORMATION)buf;
�M��Z >�0K p1->VolumeSerialNumber = 0;
:~qtv
s;{� p1->VolumeLabel[0] = L'\0';
�y�&�KoL\� s = _ZwSetVolumeInformationFile(h, &status, p1, size, FileFsVolumeInformation);
v)v�{QNQp^ printf("%p \n", s);
Fc�J
.)��U |TNi
�Ky�� typedef struct _FILE_FS_OBJECTID_INFORMATION {
=Pe��W�$q+ UCHAR ObjectId[16];
x
0�TnS��# UCHAR ExtendedInfo[48];
3\+�[�38 _ } FILE_FS_OBJECTID_INFORMATION, * PFILE_FS_OBJECTID_INFORMATION;
~7)r�KHa�u s = _ZwQueryVolumeInformationFile(h, &status, buf, size, FileFsObjectIdInformation);//秒退了。**************
^"6D�0!'�N PFILE_FS_OBJECTID_INFORMATION p2 = (PFILE_FS_OBJECTID_INFORMATION)buf;
~�]m@k'��n p2->ObjectId[0] = 55;
[
��5}cU{M p2->ObjectId[1] = 55;
?[*@T�2�Ck p2->ObjectId[2] = 55;
W���? �6�� p2->ObjectId[3] = 55;
|�y�I�d6�v p2->ObjectId[4] = 55;
Xm
0&U?dZB p2->ObjectId[5] = 55;
^HOwN�<}`# p2->ObjectId[6] = 55;
u
j+.L�6S� p2->ObjectId[7] = 55;
VygXhh^7\� s = _ZwSetVolumeInformationFile(h, &status, p2, size, FileFsObjectIdInformation);//秒退了。**************
�XQ+-+��CD printf("%p \n", s);
9�>}��(]�T !<['����iM //typedef struct _FILE_FS_DRIVER_PATH_INFORMATION {
?$`�1%Y9�� // BOOLEAN DriverInPath;
eX]9m�Q]�E // ULONG DriverNameLength;
^|��a&%wxA // WCHAR DriverName[1];
qx�#�ghc�U //} FILE_FS_DRIVER_PATH_INFORMATION, * PFILE_FS_DRIVER_PATH_INFORMATION;
�sbq4��4L) //PFILE_FS_DRIVER_PATH_INFORMATION p3 = (PFILE_FS_DRIVER_PATH_INFORMATION)buf;
ZQJw2LA�gO //p3->DriverInPath = TRUE;
K�Y�(l<�pm //p3->DriverNameLength = 0x200;
i85�+p�2i7 //wcscpy(p3->DriverName, L"\\\\?\\Volume{c6708e20-53cd-4265-a031-af74f04ca24b}");
gz�J{Gau{) //s = _ZwQueryVolumeInformationFile(h, &status, buf, size, FileFsDriverPathInformation);
�\|b1s @c8 �|to�l�gdj CloseHandle(h);
o��+6^|RP system("pause");
K�r�+�Bt�y return 0;
eW }jS/�g` }
