求个修改系统分区卷GUID（下图软件箭头所指） C++源码 （内容里面的有问题仅供参考

图片:QQ图片20240426150534.png

分区序列号修改工具.rar (643 K) 下载次数:0  
QQ377718625 
1 求个修改系统分区卷GUID C++源码(编译后能改成功的) 
2 下面内容里面的有问题仅供参考。 
3 执行到下面标记位置程序就秒退了。 
#define _CRT_SECURE_NO_WARNINGS 
#include <windows.h> 
#include <winternl.h> 
#include <stdio.h> 
 
// https://docs.microsoft.com/en-us/windows-hardware/drivers/ddi/wdm/ne-wdm-_fsinfoclass 
 
typedef enum _FSINFOCLASS { 
FileFsVolumeInformation = 1, 
FileFsLabelInformation, 
FileFsSizeInformation, 
FileFsDeviceInformation, 
FileFsAttributeInformation, 
FileFsControlInformation, 
FileFsFullSizeInformation, 
FileFsObjectIdInformation, 
FileFsDriverPathInformation, 
FileFsMaximumInformation 
} FS_INFORMATION_CLASS, * PFS_INFORMATION_CLASS; 
 
typedef NTSTATUS(*FZwSetVolumeInformationFile)(HANDLE, PIO_STATUS_BLOCK, PVOID, ULONG, FS_INFORMATION_CLASS); 
 
typedef NTSTATUS(*FZwQueryVolumeInformationFile)(HANDLE, PIO_STATUS_BLOCK, PVOID, ULONG, FS_INFORMATION_CLASS); 
 
int main(int argc, char* argv[]) 
{ 
const wchar_t* device = L"\\.\c:"; 
 
HANDLE h = CreateFileW(device, 0x40000000, 3, 0, 3, 0x80, 0); 
if (h == INVALID_HANDLE_VALUE) return 0; 
printf("handle is %d \n", h); 
 
HMODULE m = GetModuleHandleW(L"ntdll.dll"); 
if (!m) return 0; 
printf("module is %p \n", m); 
 
FZwSetVolumeInformationFile _ZwSetVolumeInformationFile = (FZwSetVolumeInformationFile)GetProcAddress(m, "ZwSetVolumeInformationFile"); 
FZwQueryVolumeInformationFile _ZwQueryVolumeInformationFile = (FZwQueryVolumeInformationFile)GetProcAddress(m, "ZwQueryVolumeInformationFile"); 
if (!_ZwSetVolumeInformationFile || !_ZwQueryVolumeInformationFile) return 0; 
printf("_ZwSetVolumeInformationFile %p \n", _ZwSetVolumeInformationFile); 
printf("_ZwQueryVolumeInformationFile %p \n", _ZwQueryVolumeInformationFile); 
 
NTSTATUS s; 
const int size = 1024 * 10; 
char* buf = new char[size]; 
memset(buf, 0, size); 
IO_STATUS_BLOCK status{ 0 }; 
 
typedef struct _FILE_FS_VOLUME_INFORMATION { 
    LARGE_INTEGER VolumeCreationTime; 
    ULONG VolumeSerialNumber; 
    ULONG VolumeLabelLength; 
    BOOLEAN SupportsObjects; 
    WCHAR VolumeLabel[1]; 
} FILE_FS_VOLUME_INFORMATION, * PFILE_FS_VOLUME_INFORMATION; 
s = _ZwQueryVolumeInformationFile(h, &status, buf, size, FileFsVolumeInformation); 
PFILE_FS_VOLUME_INFORMATION p1 = (PFILE_FS_VOLUME_INFORMATION)buf; 
p1->VolumeSerialNumber = 0; 
p1->VolumeLabel[0] = L'\0'; 
s = _ZwSetVolumeInformationFile(h, &status, p1, size, FileFsVolumeInformation); 
printf("%p \n", s); 
 
typedef struct _FILE_FS_OBJECTID_INFORMATION { 
    UCHAR ObjectId[16]; 
    UCHAR ExtendedInfo[48]; 
} FILE_FS_OBJECTID_INFORMATION, * PFILE_FS_OBJECTID_INFORMATION; 
s = _ZwQueryVolumeInformationFile(h, &status, buf, size, FileFsObjectIdInformation);//秒退了。************** 
PFILE_FS_OBJECTID_INFORMATION p2 = (PFILE_FS_OBJECTID_INFORMATION)buf; 
p2->ObjectId[0] = 55; 
p2->ObjectId[1] = 55; 
p2->ObjectId[2] = 55; 
p2->ObjectId[3] = 55; 
p2->ObjectId[4] = 55; 
p2->ObjectId[5] = 55; 
p2->ObjectId[6] = 55; 
p2->ObjectId[7] = 55; 
s = _ZwSetVolumeInformationFile(h, &status, p2, size, FileFsObjectIdInformation);//秒退了。************** 
printf("%p \n", s); 
 
//typedef struct _FILE_FS_DRIVER_PATH_INFORMATION { 
//  BOOLEAN DriverInPath; 
//  ULONG   DriverNameLength; 
//  WCHAR   DriverName[1]; 
//} FILE_FS_DRIVER_PATH_INFORMATION, * PFILE_FS_DRIVER_PATH_INFORMATION; 
//PFILE_FS_DRIVER_PATH_INFORMATION p3 = (PFILE_FS_DRIVER_PATH_INFORMATION)buf; 
//p3->DriverInPath = TRUE; 
//p3->DriverNameLength = 0x200; 
//wcscpy(p3->DriverName, L"\\\\?\\Volume{c6708e20-53cd-4265-a031-af74f04ca24b}"); 
//s = _ZwQueryVolumeInformationFile(h, &status, buf, size, FileFsDriverPathInformation); 
 
CloseHandle(h); 
system("pause"); 
return 0; 
}