分区序列号修改工具.rar (643 K) 下载次数:0 (&\aA 0-}H QQ377718625
J�q�U�ADm� 1 求个修改系统分区卷GUID C++源码(编译后能改成功的)
�=(�[��av7 2 下面内容里面的有问题仅供参考。
�f�^Bc���� 3 执行到下面标记位置程序就秒退了。
X=X�\F@V:u #define _CRT_SECURE_NO_WARNINGS
LJzH"K[Gg6 #include <windows.h>
�i��rBDGT~ #include <winternl.h>
�vP-�M,�4c #include <stdio.h>
hq>Csj=
=@ �6v�z�k\n //
https://docs.microsoft.com/en-us/windows-hardware/drivers/ddi/wdm/ne-wdm-_fsinfoclass &�~�DTZg�Y B/uniR^x�� typedef enum _FSINFOCLASS {
�-`c�:}�m� FileFsVolumeInformation = 1,
]��rBM5��~ FileFsLabelInformation,
�� $6>��?; FileFsSizeInformation,
�Z��+:D)�L FileFsDeviceInformation,
� y6HuN��� FileFsAttributeInformation,
tJI
�,��r_ FileFsControlInformation,
?:r�x�1}:F FileFsFullSizeInformation,
j�dqj=�Yc� FileFsObjectIdInformation,
/�'DwfX��� FileFsDriverPathInformation,
�4jm��K�]. FileFsMaximumInformation
*<V^2z$y_� } FS_INFORMATION_CLASS, * PFS_INFORMATION_CLASS;
Kf,-�4��)�
p#d+�>�7� typedef NTSTATUS(*FZwSetVolumeInformationFile)(HANDLE, PIO_STATUS_BLOCK, PVOID, ULONG, FS_INFORMATION_CLASS);
bMoAD�.�}� *gsA�n�<�
typedef NTSTATUS(*FZwQueryVolumeInformationFile)(HANDLE, PIO_STATUS_BLOCK, PVOID, ULONG, FS_INFORMATION_CLASS);
5ua?�I9�fY 5�MxL*DB=b int main(int argc, char* argv[])
'C+;r?1!h {
�N]/!mo�? const wchar_t* device = L"\\.\c:";
D �vkxI<Xa ekSY~z�=/u HANDLE h = CreateFileW(device, 0x40000000, 3, 0, 3, 0x80, 0);
"E!mva�*NU if (h == INVALID_HANDLE_VALUE) return 0;
< a� rZbM� printf("handle is %d \n", h);
�vF�mJ�;J� "k�W�!�{n� HMODULE m = GetModuleHandleW(L"ntdll.dll");
j�0-M�cL�c if (!m) return 0;
M�Fi�t��|C printf("module is %p \n", m);
g<*��jlM1r )��,^�eA�� FZwSetVolumeInformationFile _ZwSetVolumeInformationFile = (FZwSetVolumeInformationFile)GetProcAddress(m, "ZwSetVolumeInformationFile");
m@
xi0��t
FZwQueryVolumeInformationFile _ZwQueryVolumeInformationFile = (FZwQueryVolumeInformationFile)GetProcAddress(m, "ZwQueryVolumeInformationFile");
��J���QKdW if (!_ZwSetVolumeInformationFile || !_ZwQueryVolumeInformationFile) return 0;
[�p���Og'� printf("_ZwSetVolumeInformationFile %p \n", _ZwSetVolumeInformationFile);
zzpZ19"�`1 printf("_ZwQueryVolumeInformationFile %p \n", _ZwQueryVolumeInformationFile);
�n(Y%��Vmy *�=�F(K�Z� NTSTATUS s;
�|�?m` x�O const int size = 1024 * 10;
ak:�v�3cQR char* buf = new char[size];
���<|6%9@� memset(buf, 0, size);
}E�<�^gAh} IO_STATUS_BLOCK status{ 0 };
���YhKZ|�@ 9��|r* pK[ typedef struct _FILE_FS_VOLUME_INFORMATION {
7()?�C}Ni- LARGE_INTEGER VolumeCreationTime;
Eh8Pwt�7C@ ULONG VolumeSerialNumber;
tl8�O�6`<Z ULONG VolumeLabelLength;
m7]h�J��,0 BOOLEAN SupportsObjects;
%uESrc-�;� WCHAR VolumeLabel[1];
��JHV)ZOO� } FILE_FS_VOLUME_INFORMATION, * PFILE_FS_VOLUME_INFORMATION;
�;1AG3P�'� s = _ZwQueryVolumeInformationFile(h, &status, buf, size, FileFsVolumeInformation);
Sq]��p�Q8� PFILE_FS_VOLUME_INFORMATION p1 = (PFILE_FS_VOLUME_INFORMATION)buf;
Tt# �b�g1� p1->VolumeSerialNumber = 0;
DtCE�m(b�0 p1->VolumeLabel[0] = L'\0';
��&�wH:aD s = _ZwSetVolumeInformationFile(h, &status, p1, size, FileFsVolumeInformation);
�M�EZ{j%-a printf("%p \n", s);
If�d�I|ya� V
A��Q)Hc] typedef struct _FILE_FS_OBJECTID_INFORMATION {
`�d]Z�)*9� UCHAR ObjectId[16];
PK6iY7Qp)� UCHAR ExtendedInfo[48];
Jcf�"#u-Q/ } FILE_FS_OBJECTID_INFORMATION, * PFILE_FS_OBJECTID_INFORMATION;
�|!�z�2oO s = _ZwQueryVolumeInformationFile(h, &status, buf, size, FileFsObjectIdInformation);//秒退了。**************
nY-*� i!�H PFILE_FS_OBJECTID_INFORMATION p2 = (PFILE_FS_OBJECTID_INFORMATION)buf;
�Y��Z}cB� p2->ObjectId[0] = 55;
�pJp�NO$$w p2->ObjectId[1] = 55;
|�(IO=�V4P p2->ObjectId[2] = 55;
N0TeqOi�4Y p2->ObjectId[3] = 55;
%F�kLQ+v/< p2->ObjectId[4] = 55;
'�J�mBh@A p2->ObjectId[5] = 55;
�,i}|5ozj4 p2->ObjectId[6] = 55;
"l~Ci7& !a p2->ObjectId[7] = 55;
�[�W,|k�DK s = _ZwSetVolumeInformationFile(h, &status, p2, size, FileFsObjectIdInformation);//秒退了。**************
!�AN^ ,v]D printf("%p \n", s);
j�RZ%}�KX� )6oGF>��o> //typedef struct _FILE_FS_DRIVER_PATH_INFORMATION {
{[G`Z9]z&- // BOOLEAN DriverInPath;
ks(S�j��EF // ULONG DriverNameLength;
�&K�%�aw�
// WCHAR DriverName[1];
g$37
;d3Tx //} FILE_FS_DRIVER_PATH_INFORMATION, * PFILE_FS_DRIVER_PATH_INFORMATION;
$Rtgr{ {;" //PFILE_FS_DRIVER_PATH_INFORMATION p3 = (PFILE_FS_DRIVER_PATH_INFORMATION)buf;
".2K9j7�$� //p3->DriverInPath = TRUE;
$<� %B#axL //p3->DriverNameLength = 0x200;
�'A�{h� iY //wcscpy(p3->DriverName, L"\\\\?\\Volume{c6708e20-53cd-4265-a031-af74f04ca24b}");
*M�M#�Z?mP //s = _ZwQueryVolumeInformationFile(h, &status, buf, size, FileFsDriverPathInformation);
`$;+�g� ,� ��
D�>�e�f CloseHandle(h);
Se^^E.Z,W system("pause");
Nud,\mXrY[ return 0;
eb:A�1f4�L }
