分区序列号修改工具.rar (643 K) 下载次数:0 n'JS�-��� QQ377718625
y"U)&1 �c% 1 求个修改系统分区卷GUID C++源码(编译后能改成功的)
b^ [ ��z�' 2 下面内容里面的有问题仅供参考。
�$MfRw���� 3 执行到下面标记位置程序就秒退了。
s�dyNJh7Jr #define _CRT_SECURE_NO_WARNINGS
X�6qg�ApyE #include <windows.h>
('�\sUZ+5� #include <winternl.h>
`P*B�W,P'T #include <stdio.h>
�.�
P?n<n# g)|vS��>^~ //
https://docs.microsoft.com/en-us/windows-hardware/drivers/ddi/wdm/ne-wdm-_fsinfoclass C�=cn�.C�X �Vx���>��Q typedef enum _FSINFOCLASS {
~82 {Y
_{/ FileFsVolumeInformation = 1,
�aD_7^��8> FileFsLabelInformation,
$%
gz�,��{ FileFsSizeInformation,
5IFzbL#q#f FileFsDeviceInformation,
�7^��LCP�* FileFsAttributeInformation,
�9n�FWJ��n FileFsControlInformation,
:$�P��r�lE FileFsFullSizeInformation,
Qc P��U{#6 FileFsObjectIdInformation,
;�v���X1U8 FileFsDriverPathInformation,
;#��0�$iE� FileFsMaximumInformation
X(3| (1;sV } FS_INFORMATION_CLASS, * PFS_INFORMATION_CLASS;
+*Uv+o�C|� b0�@K ~O;g typedef NTSTATUS(*FZwSetVolumeInformationFile)(HANDLE, PIO_STATUS_BLOCK, PVOID, ULONG, FS_INFORMATION_CLASS);
0�)
F\aJ4Y ]I�eL�Kcn� typedef NTSTATUS(*FZwQueryVolumeInformationFile)(HANDLE, PIO_STATUS_BLOCK, PVOID, ULONG, FS_INFORMATION_CLASS);
EYC�ZuJxv� u&UmI-�
} int main(int argc, char* argv[])
R os��U~OK {
G#6Z@|k�Vw const wchar_t* device = L"\\.\c:";
`Lavjmfr2V DB�LM�0�*B HANDLE h = CreateFileW(device, 0x40000000, 3, 0, 3, 0x80, 0);
<8Nr;96�IA if (h == INVALID_HANDLE_VALUE) return 0;
nLv~)IQ}:� printf("handle is %d \n", h);
.j
tv Hr}U �i�Dh�C_F| HMODULE m = GetModuleHandleW(L"ntdll.dll");
R�y�x�u#]s if (!m) return 0;
��M7 �k�WJ printf("module is %p \n", m);
BF;}9QebmS 8Z�M#.yB�B FZwSetVolumeInformationFile _ZwSetVolumeInformationFile = (FZwSetVolumeInformationFile)GetProcAddress(m, "ZwSetVolumeInformationFile");
zD
�bO~.�d FZwQueryVolumeInformationFile _ZwQueryVolumeInformationFile = (FZwQueryVolumeInformationFile)GetProcAddress(m, "ZwQueryVolumeInformationFile");
.c�0u#�#/0 if (!_ZwSetVolumeInformationFile || !_ZwQueryVolumeInformationFile) return 0;
>gM"*L�aa? printf("_ZwSetVolumeInformationFile %p \n", _ZwSetVolumeInformationFile);
d"Wuu1tE�Y printf("_ZwQueryVolumeInformationFile %p \n", _ZwQueryVolumeInformationFile);
_G'A]O/BZD �8c_X`0jy� NTSTATUS s;
I;e�o�
y, const int size = 1024 * 10;
v�H��1,As� char* buf = new char[size];
Oe�
:S1��f memset(buf, 0, size);
u^C�L }t�* IO_STATUS_BLOCK status{ 0 };
�#M+_Lk3� H�t\�2 I�P typedef struct _FILE_FS_VOLUME_INFORMATION {
Fa�v++���z LARGE_INTEGER VolumeCreationTime;
H�270)Cwn+ ULONG VolumeSerialNumber;
4gN���N� " ULONG VolumeLabelLength;
I�w�h0PfWJ BOOLEAN SupportsObjects;
;FF+�u��
K WCHAR VolumeLabel[1];
�bX(/��2_l } FILE_FS_VOLUME_INFORMATION, * PFILE_FS_VOLUME_INFORMATION;
a l6y=;\jZ s = _ZwQueryVolumeInformationFile(h, &status, buf, size, FileFsVolumeInformation);
s8�P3H|0.- PFILE_FS_VOLUME_INFORMATION p1 = (PFILE_FS_VOLUME_INFORMATION)buf;
e5n�]�@mu% p1->VolumeSerialNumber = 0;
e#mqerp��J p1->VolumeLabel[0] = L'\0';
[�?�
O�4l` s = _ZwSetVolumeInformationFile(h, &status, p1, size, FileFsVolumeInformation);
8"-=+w.�CZ printf("%p \n", s);
��5�;XYF0� op9v�z[o#4 typedef struct _FILE_FS_OBJECTID_INFORMATION {
6�-)WXJ@V� UCHAR ObjectId[16];
,9_O4O��%� UCHAR ExtendedInfo[48];
(c^� {��T) } FILE_FS_OBJECTID_INFORMATION, * PFILE_FS_OBJECTID_INFORMATION;
T�]zD+/�=� s = _ZwQueryVolumeInformationFile(h, &status, buf, size, FileFsObjectIdInformation);//秒退了。**************
�m�U?�~s�7 PFILE_FS_OBJECTID_INFORMATION p2 = (PFILE_FS_OBJECTID_INFORMATION)buf;
[�{�[m)Z�^ p2->ObjectId[0] = 55;
4��>v��O9q p2->ObjectId[1] = 55;
�@�F���$}/ p2->ObjectId[2] = 55;
y@1Q�Vt0�4 p2->ObjectId[3] = 55;
HX}B�#�T�� p2->ObjectId[4] = 55;
%iEdU��V\$ p2->ObjectId[5] = 55;
N�qNU:�_�} p2->ObjectId[6] = 55;
z\"
.�(fIV p2->ObjectId[7] = 55;
��Tcc83_Iq s = _ZwSetVolumeInformationFile(h, &status, p2, size, FileFsObjectIdInformation);//秒退了。**************
pL`Q+}c}�� printf("%p \n", s);
#=33TvprR2 vD?D]8.F~Q //typedef struct _FILE_FS_DRIVER_PATH_INFORMATION {
vTK8t:JQ~� // BOOLEAN DriverInPath;
!J X��7y%J // ULONG DriverNameLength;
jWi~Q� o�+ // WCHAR DriverName[1];
gT�Ox|b��x //} FILE_FS_DRIVER_PATH_INFORMATION, * PFILE_FS_DRIVER_PATH_INFORMATION;
:�
xg���go //PFILE_FS_DRIVER_PATH_INFORMATION p3 = (PFILE_FS_DRIVER_PATH_INFORMATION)buf;
YZSQOLN�{� //p3->DriverInPath = TRUE;
j�u�"?�b2f //p3->DriverNameLength = 0x200;
�F'�|�e�:h //wcscpy(p3->DriverName, L"\\\\?\\Volume{c6708e20-53cd-4265-a031-af74f04ca24b}");
�rBi<�Yy$z //s = _ZwQueryVolumeInformationFile(h, &status, buf, size, FileFsDriverPathInformation);
q1x[hv3
pP _;Xlw{�FN^ CloseHandle(h);
tgi%#8ZDpz system("pause");
u~�Po5W/i return 0;
Q�@>1z*'I� }
