分区序列号修改工具.rar (643 K) 下载次数:0 H��e0=-AR8 QQ377718625
,O1O8TwUB0 1 求个修改系统分区卷GUID C++源码(编译后能改成功的)
r%wA�&FQ8U 2 下面内容里面的有问题仅供参考。
�+��c:�3o* 3 执行到下面标记位置程序就秒退了。
�7Y=cn_
wU #define _CRT_SECURE_NO_WARNINGS
^\� ?O4�,L #include <windows.h>
Y�**�|N�8e #include <winternl.h>
va/m
�~k|i #include <stdio.h>
�-@^Zq���} W-RqN!snJ8 //
https://docs.microsoft.com/en-us/windows-hardware/drivers/ddi/wdm/ne-wdm-_fsinfoclass N�d:R"
p*8 U�t�s�"�aQ typedef enum _FSINFOCLASS {
��fQWI
w�� FileFsVolumeInformation = 1,
L��W#
�M
@ FileFsLabelInformation,
�YF#H�S�f7 FileFsSizeInformation,
"_L�?�2ta FileFsDeviceInformation,
�#L���c�rI FileFsAttributeInformation,
dGZn�tT�2D FileFsControlInformation,
K.tlo^#^B[ FileFsFullSizeInformation,
P7�r'f��fA FileFsObjectIdInformation,
|�|2Q~��*: FileFsDriverPathInformation,
�V�i��!��Q FileFsMaximumInformation
>,C4rC+:XN } FS_INFORMATION_CLASS, * PFS_INFORMATION_CLASS;
ZZ/cq:3$�P
ho�vG�QHg typedef NTSTATUS(*FZwSetVolumeInformationFile)(HANDLE, PIO_STATUS_BLOCK, PVOID, ULONG, FS_INFORMATION_CLASS);
~:;3uL�s,8 N;F)jO
xsl typedef NTSTATUS(*FZwQueryVolumeInformationFile)(HANDLE, PIO_STATUS_BLOCK, PVOID, ULONG, FS_INFORMATION_CLASS);
Jn��D�{J`: ��{s,�+^�7 int main(int argc, char* argv[])
���KH�KS$D {
sK$w�N4��k const wchar_t* device = L"\\.\c:";
�'2J0>B�la fn�z
y5+9" HANDLE h = CreateFileW(device, 0x40000000, 3, 0, 3, 0x80, 0);
P`$�12<\O1 if (h == INVALID_HANDLE_VALUE) return 0;
"r�e-@�Baw printf("handle is %d \n", h);
Q�^}%c
�U0 y-?>*fN��o HMODULE m = GetModuleHandleW(L"ntdll.dll");
71Fe
�D�pe if (!m) return 0;
V�eiE�lU3� printf("module is %p \n", m);
�sf�p,Lq�` u]C`��6)>� FZwSetVolumeInformationFile _ZwSetVolumeInformationFile = (FZwSetVolumeInformationFile)GetProcAddress(m, "ZwSetVolumeInformationFile");
W!$zXwY�}( FZwQueryVolumeInformationFile _ZwQueryVolumeInformationFile = (FZwQueryVolumeInformationFile)GetProcAddress(m, "ZwQueryVolumeInformationFile");
�1
Wg-�x0R if (!_ZwSetVolumeInformationFile || !_ZwQueryVolumeInformationFile) return 0;
7k�{2Up�g; printf("_ZwSetVolumeInformationFile %p \n", _ZwSetVolumeInformationFile);
�@�mw� "W{ printf("_ZwQueryVolumeInformationFile %p \n", _ZwQueryVolumeInformationFile);
U�I���Jx*� {hSG�v� �� NTSTATUS s;
l2v_?j�-)x const int size = 1024 * 10;
��<dA8
'7^ char* buf = new char[size];
RR1�A�65B� memset(buf, 0, size);
gLD`��wfZR IO_STATUS_BLOCK status{ 0 };
<Pqv;WI�|R Pvo#pY^dXX typedef struct _FILE_FS_VOLUME_INFORMATION {
��r�t�]S\
LARGE_INTEGER VolumeCreationTime;
[c� K^+s)N ULONG VolumeSerialNumber;
lYf+V8�{� ULONG VolumeLabelLength;
�;'�T{�li2 BOOLEAN SupportsObjects;
'iSAAwT2aj WCHAR VolumeLabel[1];
-ML��6d&cm } FILE_FS_VOLUME_INFORMATION, * PFILE_FS_VOLUME_INFORMATION;
`Y�?t@�dd� s = _ZwQueryVolumeInformationFile(h, &status, buf, size, FileFsVolumeInformation);
}pNX@C#D�e PFILE_FS_VOLUME_INFORMATION p1 = (PFILE_FS_VOLUME_INFORMATION)buf;
�
R)Q���4� p1->VolumeSerialNumber = 0;
��KcG�sMPJ p1->VolumeLabel[0] = L'\0';
.W�\ve��>; s = _ZwSetVolumeInformationFile(h, &status, p1, size, FileFsVolumeInformation);
xIbMs4'iEx printf("%p \n", s);
XY7Qa!>7�j XR# ;{p+�b typedef struct _FILE_FS_OBJECTID_INFORMATION {
�4Tzd; P6_ UCHAR ObjectId[16];
3{�ra�KM6F UCHAR ExtendedInfo[48];
x�c
1�A$EY } FILE_FS_OBJECTID_INFORMATION, * PFILE_FS_OBJECTID_INFORMATION;
ZU'!iU|��8 s = _ZwQueryVolumeInformationFile(h, &status, buf, size, FileFsObjectIdInformation);//秒退了。**************
hi{%pi�&!T PFILE_FS_OBJECTID_INFORMATION p2 = (PFILE_FS_OBJECTID_INFORMATION)buf;
/z."�l!�u6 p2->ObjectId[0] = 55;
YZ�#V#[j'^ p2->ObjectId[1] = 55;
�9~AWn��g� p2->ObjectId[2] = 55;
�`�&7RMa4= p2->ObjectId[3] = 55;
hp!d�/X=J_ p2->ObjectId[4] = 55;
<T,��A&`/� p2->ObjectId[5] = 55;
�0V,Nv9!S� p2->ObjectId[6] = 55;
v�vu�<:�16 p2->ObjectId[7] = 55;
|fsm8t�<~8 s = _ZwSetVolumeInformationFile(h, &status, p2, size, FileFsObjectIdInformation);//秒退了。**************
U0B2
WmT~Q printf("%p \n", s);
�Lrz��3��� '3tw<k!1{. //typedef struct _FILE_FS_DRIVER_PATH_INFORMATION {
XaI;2fMGI� // BOOLEAN DriverInPath;
;uI~BV��*3 // ULONG DriverNameLength;
�Y�8s;�w!/ // WCHAR DriverName[1];
j��jOg�G-Q //} FILE_FS_DRIVER_PATH_INFORMATION, * PFILE_FS_DRIVER_PATH_INFORMATION;
^z1IN-Tm�/ //PFILE_FS_DRIVER_PATH_INFORMATION p3 = (PFILE_FS_DRIVER_PATH_INFORMATION)buf;
b�=�
#�#A� //p3->DriverInPath = TRUE;
;#?M)�o�:q //p3->DriverNameLength = 0x200;
cH`^D?#s�e //wcscpy(p3->DriverName, L"\\\\?\\Volume{c6708e20-53cd-4265-a031-af74f04ca24b}");
s�OFa!bdPW //s = _ZwQueryVolumeInformationFile(h, &status, buf, size, FileFsDriverPathInformation);
O_@2;iD�^^ ,+�/zH�'U} CloseHandle(h);
�V*n==Nb5L system("pause");
B�l.u=I:Y4 return 0;
kka��"�C]! }
