分区序列号修改工具.rar (643 K) 下载次数:0 :g=�z}�7!s QQ377718625
>gTrui�{�, 1 求个修改系统分区卷GUID C++源码(编译后能改成功的)
M �`�bEnu 2 下面内容里面的有问题仅供参考。
&��+V|L�dh 3 执行到下面标记位置程序就秒退了。
vFGFFA/K}N #define _CRT_SECURE_NO_WARNINGS
`�O|�PP3�S #include <windows.h>
4V�0j1�k&' #include <winternl.h>
dzPwlCC�%- #include <stdio.h>
<x�Q�Hb^:� J�ri"Toz0� //
https://docs.microsoft.com/en-us/windows-hardware/drivers/ddi/wdm/ne-wdm-_fsinfoclass _,�;��|�, ^3 �
'7 typedef enum _FSINFOCLASS {
y9L:2f�\�� FileFsVolumeInformation = 1,
�^�8r4t�X� FileFsLabelInformation,
H�
{3A6fb< FileFsSizeInformation,
�:3Hr�:�~
FileFsDeviceInformation,
}
J&[�U�c� FileFsAttributeInformation,
:Tz�HI ��� FileFsControlInformation,
7'9�~Kx�&+ FileFsFullSizeInformation,
6?v)Hb}J%d FileFsObjectIdInformation,
C@i4[g�)�{ FileFsDriverPathInformation,
�}�^
j"@{~ FileFsMaximumInformation
��nWAx�!0G } FS_INFORMATION_CLASS, * PFS_INFORMATION_CLASS;
!m��LY���W i0-zG�EMB. typedef NTSTATUS(*FZwSetVolumeInformationFile)(HANDLE, PIO_STATUS_BLOCK, PVOID, ULONG, FS_INFORMATION_CLASS);
S+EC!;�@Xg ^}�4=pkJ;s typedef NTSTATUS(*FZwQueryVolumeInformationFile)(HANDLE, PIO_STATUS_BLOCK, PVOID, ULONG, FS_INFORMATION_CLASS);
�]OK��s�65
L�5�tS�S= int main(int argc, char* argv[])
7+vyN^XJ"5 {
��O7z�-4r� const wchar_t* device = L"\\.\c:";
_A�%8oY�S g��Lef6q{} HANDLE h = CreateFileW(device, 0x40000000, 3, 0, 3, 0x80, 0);
G&/RJLX|�w if (h == INVALID_HANDLE_VALUE) return 0;
Cp��2�$I<T printf("handle is %d \n", h);
�lIj2�w;$v 'rw���n�Ar HMODULE m = GetModuleHandleW(L"ntdll.dll");
n/f��Mq,<8 if (!m) return 0;
P9aG�Dm��a printf("module is %p \n", m);
I?mU�_^�no k6vY/�)-S� FZwSetVolumeInformationFile _ZwSetVolumeInformationFile = (FZwSetVolumeInformationFile)GetProcAddress(m, "ZwSetVolumeInformationFile");
Be(��
h �x FZwQueryVolumeInformationFile _ZwQueryVolumeInformationFile = (FZwQueryVolumeInformationFile)GetProcAddress(m, "ZwQueryVolumeInformationFile");
FF"`F8-w>Z if (!_ZwSetVolumeInformationFile || !_ZwQueryVolumeInformationFile) return 0;
��y8�4=�Q� printf("_ZwSetVolumeInformationFile %p \n", _ZwSetVolumeInformationFile);
J�`8�bh~�7 printf("_ZwQueryVolumeInformationFile %p \n", _ZwQueryVolumeInformationFile);
`_{^&W
W�S �."m2�/Ks7 NTSTATUS s;
�w�ZA(><�\ const int size = 1024 * 10;
c`(]���j
w char* buf = new char[size];
\Q+�<G-Kb. memset(buf, 0, size);
^�Pk�-<b4} IO_STATUS_BLOCK status{ 0 };
Ht�f|VpzMb b�^X�q(q>5 typedef struct _FILE_FS_VOLUME_INFORMATION {
� v�NJ��!d LARGE_INTEGER VolumeCreationTime;
:�3��# t�; ULONG VolumeSerialNumber;
*V��F�UC: ULONG VolumeLabelLength;
P+T��a�|�- BOOLEAN SupportsObjects;
�qh)o44/
$ WCHAR VolumeLabel[1];
>�� ^�b6�\ } FILE_FS_VOLUME_INFORMATION, * PFILE_FS_VOLUME_INFORMATION;
��{�-�
(�B s = _ZwQueryVolumeInformationFile(h, &status, buf, size, FileFsVolumeInformation);
6R�+�m;'�� PFILE_FS_VOLUME_INFORMATION p1 = (PFILE_FS_VOLUME_INFORMATION)buf;
O�l�9'ZB|R p1->VolumeSerialNumber = 0;
pZ,�P��_�? p1->VolumeLabel[0] = L'\0';
gL+8fX�2G6 s = _ZwSetVolumeInformationFile(h, &status, p1, size, FileFsVolumeInformation);
Q��Dg\GA8| printf("%p \n", s);
"&ElKy
7j� $6a�55~h|( typedef struct _FILE_FS_OBJECTID_INFORMATION {
�]_yk,}88d UCHAR ObjectId[16];
p9[J�9D3�~ UCHAR ExtendedInfo[48];
(��bk~,n�_ } FILE_FS_OBJECTID_INFORMATION, * PFILE_FS_OBJECTID_INFORMATION;
\?_eQKiZ3� s = _ZwQueryVolumeInformationFile(h, &status, buf, size, FileFsObjectIdInformation);//秒退了。**************
H *��gF�>1 PFILE_FS_OBJECTID_INFORMATION p2 = (PFILE_FS_OBJECTID_INFORMATION)buf;
H�"H&�uA9" p2->ObjectId[0] = 55;
:b&O{>�M]Y p2->ObjectId[1] = 55;
4Y[u�qn��[ p2->ObjectId[2] = 55;
~97T�0{E�3 p2->ObjectId[3] = 55;
�mV0.9p�xS p2->ObjectId[4] = 55;
Ub8|x]i�x p2->ObjectId[5] = 55;
n)(E� �0h� p2->ObjectId[6] = 55;
XO*62��>Ed p2->ObjectId[7] = 55;
ZCZY�g�f�@ s = _ZwSetVolumeInformationFile(h, &status, p2, size, FileFsObjectIdInformation);//秒退了。**************
�ZS@C�d9�* printf("%p \n", s);
!d�Vth)�UV 4|*H0}H�Om //typedef struct _FILE_FS_DRIVER_PATH_INFORMATION {
U!L<�v��!$ // BOOLEAN DriverInPath;
3sf+�u�oV� // ULONG DriverNameLength;
>�900O4��� // WCHAR DriverName[1];
!'()Q�tvC< //} FILE_FS_DRIVER_PATH_INFORMATION, * PFILE_FS_DRIVER_PATH_INFORMATION;
�
R�SLM�O8 //PFILE_FS_DRIVER_PATH_INFORMATION p3 = (PFILE_FS_DRIVER_PATH_INFORMATION)buf;
~7tG
�%{t% //p3->DriverInPath = TRUE;
$~<)�;dYu0 //p3->DriverNameLength = 0x200;
�p
xrd D�7 //wcscpy(p3->DriverName, L"\\\\?\\Volume{c6708e20-53cd-4265-a031-af74f04ca24b}");
-o��\r]24� //s = _ZwQueryVolumeInformationFile(h, &status, buf, size, FileFsDriverPathInformation);
;�=I���Gl: {BBL`tg60� CloseHandle(h);
�fD#�VI� � system("pause");
��[WD�tr8L return 0;
�LB|FVNW/S }
