linux下查看MBR分区信息

 1 [root@LAMP ~]# dd if=/dev/sda of=mbr.hex bs=512 count=1   //危险操作root权限才能执行，慎用。从第一块硬盘(sda)中读取数据放到mbr.hex文件中，每次读512(bs=512)字节，总共读一次(count=1)
 2 1+0 records in
 3 1+0 records out
 4 512 bytes (512 B) copied, 8.5247e-05 s, 6.0 MB/s
 5 
 6 
 7 [root@LAMP ~]# hexdump -C mbr.hex 
 8 00000000  eb 48 90 10 8e d0 bc 00  b0 b8 00 00 8e d8 8e c0  |.H..............|
 9 00000010  fb be 00 7c bf 00 06 b9  00 02 f3 a4 ea 21 06 00  |...|.........!..|
10 00000020  00 be be 07 38 04 75 0b  83 c6 10 81 fe fe 07 75  |....8.u........u|
11 00000030  f3 eb 16 b4 02 b0 01 bb  00 7c b2 80 8a 74 03 02  |.........|...t..|
12 00000040  80 00 00 80 e8 89 04 00  00 08 fa 90 90 f6 c2 80  |................|
13 00000050  75 02 b2 80 ea 59 7c 00  00 31 c0 8e d8 8e d0 bc  |u....Y|..1......|
14 00000060  00 20 fb a0 40 7c 3c ff  74 02 88 c2 52 f6 c2 80  |. ..@|<.t...R...|
15 00000070  74 54 b4 41 bb aa 55 cd  13 5a 52 72 49 81 fb 55  |tT.A..U..ZRrI..U|
16 00000080  aa 75 43 a0 41 7c 84 c0  75 05 83 e1 01 74 37 66  |.uC.A|..u....t7f|
17 00000090  8b 4c 10 be 05 7c c6 44  ff 01 66 8b 1e 44 7c c7  |.L...|.D..f..D|.|
18 000000a0  04 10 00 c7 44 02 01 00  66 89 5c 08 c7 44 06 00  |....D...f...D..|
19 000000b0  70 66 31 c0 89 44 04 66  89 44 0c b4 42 cd 13 72  |pf1..D.f.D..B..r|
20 000000c0  05 bb 00 70 eb 7d b4 08  cd 13 73 0a f6 c2 80 0f  |...p.}....s.....|
21 000000d0  84 f0 00 e9 8d 00 be 05  7c c6 44 ff 00 66 31 c0  |........|.D..f1.|
22 000000e0  88 f0 40 66 89 44 04 31  d2 88 ca c1 e2 02 88 e8  |..@f.D.1........|
23 000000f0  88 f4 40 89 44 08 31 c0  88 d0 c0 e8 02 66 89 04  |..@.D.1......f..|
24 00000100  66 a1 44 7c 66 31 d2 66  f7 34 88 54 0a 66 31 d2  |f.D|f1.f.4.T.f1.|
25 00000110  66 f7 74 04 88 54 0b 89  44 0c 3b 44 08 7d 3c 8a  |f.t..T..D.;D.}<.|
26 00000120  54 0d c0 e2 06 8a 4c 0a  fe c1 08 d1 8a 6c 0c 5a  |T.....L......l.Z|
27 00000130  8a 74 0b bb 00 70 8e c3  31 db b8 01 02 cd 13 72  |.t...p..1......r|
28 00000140  2a 8c c3 8e 06 48 7c 60  1e b9 00 01 8e db 31 f6  |*....H|`......1.|
29 00000150  31 ff fc f3 a5 1f 61 ff  26 42 7c be 7f 7d e8 40  |1.....a.&B|..}.@|
30 00000160  00 eb 0e be 84 7d e8 38  00 eb 06 be 8e 7d e8 30  |.....}.8.....}.0|
31 00000170  00 be 93 7d e8 2a 00 eb  fe 47 52 55 42 20 00 47  |...}.*...GRUB .G|
32 00000180  65 6f 6d 00 48 61 72 64  20 44 69 73 6b 00 52 65  |eom.Hard Disk.Re|
33 00000190  61 64 00 20 45 72 72 6f  72 00 bb 01 00 b4 0e cd  |ad. Error.......|
34 000001a0  10 ac 3c 00 75 f4 c3 00  00 00 00 00 00 00 00 00  |..<.u...........|
35 000001b0  00 00 00 00 00 00 00 00  e0 b4 0c 00 00 00 80 20  |............... |
36 000001c0  21 00 83 5e 38 26 00 08  00 00 00 60 09 00 00 5e  |!..^8&.....`...^|
37 000001d0  39 26 82 75 89 2c 00 68  09 00 00 00 7f 00 00 75  |9&.u.,.h.......u|
38 000001e0  8a 2c 83 fe ff ff 00 68  88 00 00 98 f7 01 00 00  |.,.....h........|
39 000001f0  00 00 00 00 00 00 00 00  00 00 00 00 00 00 55 aa  |..............U.|
40 00000200

说明:
1、最前面的一列是8进制的位偏移，所以每行有16个字节了。
2、mbr总共512字节，前446个字节是主引导记录，是bios加电自检后要运行的代码
3、从第447个字节开始后的64个字节，每16个字节为一组，是硬盘分区表，就是上面彩色标记的部分了。
所以在MBR环境下主分区只能有4个，每个分区最大为2T
4、55aa是硬盘有效标志，若被篡改则系统认为硬盘损坏.早期一些dos下的病毒喜欢篡改这个标志，造成
硬盘损坏，但是分区还在.