分区序列号修改工具.rar (643 K) 下载次数:0 N��93E;�B QQ377718625
��vf���=� 1 求个修改系统分区卷GUID C++源码(编译后能改成功的)
�X��ZInu5( 2 下面内容里面的有问题仅供参考。
3DHm9�n+/: 3 执行到下面标记位置程序就秒退了。
DPwSg�\*)� #define _CRT_SECURE_NO_WARNINGS
o�W[,E�W+u #include <windows.h>
T�Ua�K:*x* #include <winternl.h>
j� V�Zi_de #include <stdio.h>
�}$)<��k�� K_5&�_��P1 //
https://docs.microsoft.com/en-us/windows-hardware/drivers/ddi/wdm/ne-wdm-_fsinfoclass @5y(>>C}8% W.|6$h�Rl) typedef enum _FSINFOCLASS {
�&�~%�@QC/ FileFsVolumeInformation = 1,
%�p9bl �,x FileFsLabelInformation,
X
w�8��i�l FileFsSizeInformation,
n�B5[]x�' FileFsDeviceInformation,
y]l"u=$Tr{ FileFsAttributeInformation,
%RN�-J�*s] FileFsControlInformation,
���c-.>C)� FileFsFullSizeInformation,
�X*"K����g FileFsObjectIdInformation,
�lnD�DFsA� FileFsDriverPathInformation,
\uk�#��p�L FileFsMaximumInformation
k�pH;�D=
; } FS_INFORMATION_CLASS, * PFS_INFORMATION_CLASS;
?6��QJP|kE g#�4��gGhI typedef NTSTATUS(*FZwSetVolumeInformationFile)(HANDLE, PIO_STATUS_BLOCK, PVOID, ULONG, FS_INFORMATION_CLASS);
j���;�v%4G j�''��Iai_ typedef NTSTATUS(*FZwQueryVolumeInformationFile)(HANDLE, PIO_STATUS_BLOCK, PVOID, ULONG, FS_INFORMATION_CLASS);
L0kN�t
&di �$��5�b|@� int main(int argc, char* argv[])
�{�h"\JI�! {
h)�rf6�*hw const wchar_t* device = L"\\.\c:";
JF��*g!sV% -W_��s]oBg HANDLE h = CreateFileW(device, 0x40000000, 3, 0, 3, 0x80, 0);
�J,O@�T)S@ if (h == INVALID_HANDLE_VALUE) return 0;
m ��Gh�J�n printf("handle is %d \n", h);
{�+�2c�Rr. �IDh`0/i]� HMODULE m = GetModuleHandleW(L"ntdll.dll");
�]M(�mq`�K if (!m) return 0;
mr!I}I7x&x printf("module is %p \n", m);
JP4Moq~r � a<wZv-\Vau FZwSetVolumeInformationFile _ZwSetVolumeInformationFile = (FZwSetVolumeInformationFile)GetProcAddress(m, "ZwSetVolumeInformationFile");
�DA��NSexW FZwQueryVolumeInformationFile _ZwQueryVolumeInformationFile = (FZwQueryVolumeInformationFile)GetProcAddress(m, "ZwQueryVolumeInformationFile");
`#rf�p
9w� if (!_ZwSetVolumeInformationFile || !_ZwQueryVolumeInformationFile) return 0;
�`z�_7[$\~ printf("_ZwSetVolumeInformationFile %p \n", _ZwSetVolumeInformationFile);
pxxFm~"�d� printf("_ZwQueryVolumeInformationFile %p \n", _ZwQueryVolumeInformationFile);
�Yfw�JBz�D @��q/1m~t� NTSTATUS s;
`yAo3A9vk const int size = 1024 * 10;
Fnpn_O XlH char* buf = new char[size];
@MB _gt)7? memset(buf, 0, size);
*Zi%Q�[0Me IO_STATUS_BLOCK status{ 0 };
\+3W�d$��I p�q3 ��A%| typedef struct _FILE_FS_VOLUME_INFORMATION {
!B�l�k=L+p LARGE_INTEGER VolumeCreationTime;
~5NG�DT#L* ULONG VolumeSerialNumber;
N1~V �+_mM ULONG VolumeLabelLength;
H�Y4�����E BOOLEAN SupportsObjects;
�Pp_3 n�yQ WCHAR VolumeLabel[1];
io{H$ ��x( } FILE_FS_VOLUME_INFORMATION, * PFILE_FS_VOLUME_INFORMATION;
}�+4Bf+u:� s = _ZwQueryVolumeInformationFile(h, &status, buf, size, FileFsVolumeInformation);
BozK!"R�_< PFILE_FS_VOLUME_INFORMATION p1 = (PFILE_FS_VOLUME_INFORMATION)buf;
,�-3(^d\1F p1->VolumeSerialNumber = 0;
�s��[��q4K p1->VolumeLabel[0] = L'\0';
nV�3
7`�
I s = _ZwSetVolumeInformationFile(h, &status, p1, size, FileFsVolumeInformation);
B)]{]z0�+` printf("%p \n", s);
�7V��{"!V5 �1Wk
EPj,� typedef struct _FILE_FS_OBJECTID_INFORMATION {
5%�+}r�Sn7 UCHAR ObjectId[16];
r�`�&|)
Hx UCHAR ExtendedInfo[48];
�<�aaD��W� } FILE_FS_OBJECTID_INFORMATION, * PFILE_FS_OBJECTID_INFORMATION;
�[
5W#1 &� s = _ZwQueryVolumeInformationFile(h, &status, buf, size, FileFsObjectIdInformation);//秒退了。**************
WcwW@c�Y7\ PFILE_FS_OBJECTID_INFORMATION p2 = (PFILE_FS_OBJECTID_INFORMATION)buf;
%�^=!����s p2->ObjectId[0] = 55;
RQCQG�a^cP p2->ObjectId[1] = 55;
Kk>q��gi$� p2->ObjectId[2] = 55;
5�e��k��%d p2->ObjectId[3] = 55;
��h.$__G�s p2->ObjectId[4] = 55;
q#&#*6 )�B p2->ObjectId[5] = 55;
R�.H\�b�! p2->ObjectId[6] = 55;
{�7Avb�a� p2->ObjectId[7] = 55;
��4E-A@F�R s = _ZwSetVolumeInformationFile(h, &status, p2, size, FileFsObjectIdInformation);//秒退了。**************
�X8
�)>}#: printf("%p \n", s);
$p3Wjf:b�H 5�^K#Tj ;2 //typedef struct _FILE_FS_DRIVER_PATH_INFORMATION {
���2 dD�<] // BOOLEAN DriverInPath;
m"(�d%N�7� // ULONG DriverNameLength;
�RzR�vu]]8 // WCHAR DriverName[1];
'ZH<g8�:=@ //} FILE_FS_DRIVER_PATH_INFORMATION, * PFILE_FS_DRIVER_PATH_INFORMATION;
M`P]cX)��x //PFILE_FS_DRIVER_PATH_INFORMATION p3 = (PFILE_FS_DRIVER_PATH_INFORMATION)buf;
�W)!{U(X�� //p3->DriverInPath = TRUE;
2nU
N�I�
U //p3->DriverNameLength = 0x200;
N>fYH.c3Y� //wcscpy(p3->DriverName, L"\\\\?\\Volume{c6708e20-53cd-4265-a031-af74f04ca24b}");
$U1�k�P?pR //s = _ZwQueryVolumeInformationFile(h, &status, buf, size, FileFsDriverPathInformation);
P5}[*k%DQw X$ B]P�7G7 CloseHandle(h);
G;HlI�I9x[ system("pause");
oPu|Q�^I=� return 0;
s#4��ew}�� }
