Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- bool spoof_volume_id(char drive)
- {
- const int max_pbsi = 3;
- struct partial_boot_sector_info
- {
- LPCSTR Fs; // file system name
- DWORD FsOffs; // offset of file system name in the boot sector
- DWORD SerialOffs; // offset of the serialnumber in the boot sector
- };
- partial_boot_sector_info pbsi[max_pbsi] =
- {
- {"FAT32", 0x52, 0x43},
- {"FAT", 0x36, 0x27},
- {"NTFS", 0x03, 0x48}
- };
- char buf[64];
- sprintf_s(buf, "\\\\.\\%c:", drive);
- HANDLE hFile = CreateFileA(buf, GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ | FILE_SHARE_WRITE, nullptr, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, 0);
- if (hFile == INVALID_HANDLE_VALUE)
- return false;
- BYTE sector[0x200];
- DWORD dwBytesRead;
- bool result = false;
- if (ReadFile(hFile, sector, sizeof(sector), &dwBytesRead, nullptr)) {
- int i;
- for (i = 0; i < max_pbsi; i++)
- {
- if (strncmp(pbsi[i].Fs, (const char*)(sector + pbsi[i].FsOffs), strlen(pbsi[i].Fs)) == 0)
- {
- // we found a valid signature
- break;
- }
- }
- if (i < max_pbsi) {
- printf("drive: %c, Serial: %X\r\n", drive, *(PDWORD)(sector + pbsi[i].SerialOffs));
- *(PDWORD)(sector + pbsi[i].SerialOffs) ^= generate_volume_serial_number();
- printf("drive: %c, Spoofed Serial: %X\r\n", drive, *(PDWORD)(sector + pbsi[i].SerialOffs));
- if (INVALID_SET_FILE_POINTER != SetFilePointer(hFile, NULL, NULL, FILE_BEGIN)) {
- DWORD dwBytesWritten;
- result = ::WriteFile(hFile, sector, sizeof(sector), &dwBytesWritten, nullptr) == TRUE;
- }
- }
- else
- printf("unknown fs\r\n");
- }
- ::CloseHandle(hFile);
- return result;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
