Windows 2000 下通過訪問物理地址取主機唯一資訊
Author: sinister
Email: sinister@whitecell.org
Homepage:http://www.whitecell.org
在9x下取得主版序號非常簡單,但此方法在NT/2K下行不通。還好NT/2K下
提供了 /Device/PhysicalMemory 裝置,通過它可以得到物理地址。在9x下
通過訪問地址 FEC71H 可以得到主板序號。NT/2K下雖不保證是主板序號,
但經過多台機器反覆測試,此地址的值是不變且唯一的。下面是我 DRIVE 中
取主機唯一資訊的代碼,錯誤之處還望各位指正。
BOOLEAN MainBoardBiosSerialNo()
{
HANDLE physmem;
UNICODE_STRING physmemString;
OBJECT_ATTRIBUTES attributes;
WCHAR physmemName[] = L//Device//PhysicalMemory;
NTSTATUS ntStatus;
DWORD RAdd = 0xFEC71;
DWORD LAdd = 100;
DWORD OAdd;
DWORD i;
RtlInitUnicodeString( &physmemString, physmemName );
InitializeObjectAttributes( &attributes,
&physmemString,
OBJ_CASE_INSENSITIVE,
NULL,
NULL
);
ntStatus = ZwOpenSection( &physmem,
SECTION_MAP_READ,
&attributes
);
if( !NT_SUCCESS( ntStatus ))
{
DbgPrint("ZwOpenSection() is error/n");
return FALSE;
}
DbgPrint("ZwOpenSection() is OK/n");
if (!MapView(physmem,&RAdd,&LAdd,&OAdd))
{
DbgPrint("MapView() is error/n");
return FALSE;
}
DbgPrint("MapView() is OK/n");
for ( i = 0; i < LAdd; i ++)
{
DbgPrint("%x",*(PUCHAR)(OAdd + i));
}
ntStatus = ZwUnmapViewOfSection( (HANDLE) -1, (PVOID) OAdd );
if( !NT_SUCCESS(ntStatus))
{
DbgPrint("Unable to unmap view");
return FALSE;
}
return TRUE;
}
BOOLEAN MapView( HANDLE HPMemory,DWORD *dwAddress,DWORD *dwLength,DWORD *dwVAddress )
{
NTSTATUS Status;
PHYSICAL_ADDRESS ViewBaseAddress;
*dwVAddress = 0;
ViewBaseAddress.QuadPart = (ULONGLONG) (*dwAddress);
Status = ZwMapViewOfSection ( HPMemory,
(HANDLE) -1,
(PVOID)dwVAddress,
0,
*dwLength,
&ViewBaseAddress,
dwLength,
ViewShare,
0,
PAGE_READONLY
);
if( !NT_SUCCESS( Status ))
{
return FALSE;
}
return TRUE;
}
http://topic.csdn.net/t/20030415/07/1661170.html如何使用VC擷取CPU序號