1

I have been able to modify such that the MBR is overwritten with 0 values. However, is it possible to make it such that I only overwrite the last 2 bytes (55h AAh) of the MBR (Boot Signature) to become 00h 00h ? My code is:

char dataWrite[3] = "\x00\x00";

// Create file of physical drive
HANDLE MasterBootRecord = CreateFile("\\\\.\\PhysicalDrive0"
    , GENERIC_ALL, FILE_SHARE_READ | FILE_SHARE_WRITE
    , NULL, OPEN_EXISTING, NULL, NULL);


// Set file pointer
DWORD dwPtr1 = SetFilePointer(MasterBootRecord, 510, NULL, NULL);

if (dwPtr1 == INVALID_SET_FILE_POINTER) // Test for failure
{
    cout<< "\n\nSetFilePointer Failed to write,Err No: "<< GetLastError();
    Sleep(5000);
    ExitProcess(0);
} 

// Write to file
if (WriteFile(MasterBootRecord, dataWrite, 512, &write, NULL)) {
    cout << "Boot signature overwritten." << endl;
    Sleep(5000);
    ExitProcess(0);
} else...

It turns out successful but the values written to the MBR are wrong. I am rather new to C++ thus am a little confused with this. Any help will be appreciated. Thanks

x3kuro
  • 11
  • 2
  • in your question you describe wanting to write `00h 00h` but your code writes `55h AAh` (and way much more uninitialized memory)? Which one do you want? – PeterT Apr 27 '18 at 10:46
  • Writes to the physical disk always write complete sectors. To modify particular byte(s), you need to read the relevant sector, modify the byte(s) in memory and write the whole modified sector back. Search this page for the word "sector": https://msdn.microsoft.com/en-us/library/windows/desktop/aa365747(v=vs.85).aspx – Richard Critten Apr 27 '18 at 10:47
  • @PeterT oops sorry my bad. Updated the code! – x3kuro Apr 27 '18 at 11:04
  • Now you have a write to first and second sector. ;-( You need to align the start address of the write operation in the physical disc. Then do it like Richard proposed: read sector, modify sector, write sector. The modify will change the last two bytes of the buffer. – harper Apr 27 '18 at 12:25
  • @Richard Critten Thanks so much for your help. I managed to make the changes and get my code working! – x3kuro Apr 30 '18 at 12:10
  • @harper Thank you so much! I got the code up and running after making the changes – x3kuro Apr 30 '18 at 12:11

0 Answers0