-
Notifications
You must be signed in to change notification settings - Fork 6
/
main.c
432 lines (393 loc) · 12.2 KB
/
main.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
#include "CRC32.h"
#include <stdio.h>
#include <conio.h>
#include <Windows.h>
#define EFI_GUID GUID
#pragma pack(1)
///
/// MBR Partition Entry
///
typedef struct {
UINT8 BootIndicator;
UINT8 StartHead;
UINT8 StartSector;
UINT8 StartTrack;
UINT8 OSIndicator;
UINT8 EndHead;
UINT8 EndSector;
UINT8 EndTrack;
UINT32 StartingLBA;
UINT32 SizeInLBA;
} MBR_PARTITION_RECORD;
///
/// MBR Partition Table
///
typedef struct {
UINT8 BootStrapCode[440];
UINT8 UniqueMbrSignature[4];
UINT8 Unknown[2];
MBR_PARTITION_RECORD Partition[4];
UINT16 Signature;
} MASTER_BOOT_RECORD;
///
/// GPT Header
///
typedef struct {
CHAR Signature[8];
UINT32 Revision;
UINT32 HeaderSize;
UINT32 Crc32OfHeader;
UINT32 Reserved1;
UINT64 CurrentLBA;
UINT64 BackupLBA;
UINT64 FirstLBAAfterPartitionHeaders;
UINT64 LastUseableLBA;
EFI_GUID DiskGuid;
UINT64 PartitionEntriesLBA;
UINT32 NumPartitionEntries;
UINT32 PartitionEntrySize;
UINT32 Crc32OfPartitionEntries;
BYTE Reserved2[420];
} EFI_GPT_HEADER;
///
/// GPT Partition Entry.
///
typedef struct {
EFI_GUID PartitionTypeGUID;
EFI_GUID UniquePartitionGUID;
UINT64 StartingLBA;
UINT64 EndingLBA;
UINT64 Attributes;
WCHAR PartitionName[36];
} EFI_PARTITION_ENTRY;
#pragma pack()
BOOL isProtectiveMbrValid(MASTER_BOOT_RECORD* mbr)
{
if (mbr->Signature != 0xAA55) return FALSE;
UINT numZeroPartitions = 0;
UINT partitionIndex = 0;
for (int i = 0; i < 4; ++i)
{
for (int j = 0; j < sizeof(mbr->Partition[0]); ++j)
{
if (((BYTE*)&mbr->Partition[i])[j])
{
partitionIndex = i;
break;
}
if (j == sizeof(mbr->Partition[0]) - 1)
numZeroPartitions++;
}
}
if (numZeroPartitions != 3)
return FALSE;
if (mbr->Partition[partitionIndex].OSIndicator != 0xEE ||
mbr->Partition[partitionIndex].StartingLBA != 0x01)
return FALSE;
// Everything seems good
return TRUE;
}
BOOL isGptHeaderValid(EFI_GPT_HEADER* hdr)
{
// We will check the signature and CRC32
if (memcmp(&hdr->Signature, "EFI PART", 8))
return FALSE;
UINT32 original_crc32 = hdr->Crc32OfHeader;
hdr->Crc32OfHeader = 0;
UINT32 computed_crc32 = compute_crc32(hdr, hdr->HeaderSize);
hdr->Crc32OfHeader = original_crc32;
return computed_crc32 == original_crc32;
}
VOID FixGptCrcs(EFI_GPT_HEADER* restrict hdr, EFI_PARTITION_ENTRY* restrict partition_entry_array)
{
// First, we must fix the partition CRC because it will affect the header crc
UINT32 crc32 = compute_crc32(partition_entry_array, hdr->NumPartitionEntries * hdr->PartitionEntrySize);
hdr->Crc32OfPartitionEntries = crc32;
// Now compute CRC for GPT header
hdr->Crc32OfHeader = 0;
crc32 = compute_crc32(hdr, hdr->HeaderSize);
hdr->Crc32OfHeader = crc32;
// This function won't fail except catastrophically so no need to return a bool or status code
}
BOOL ChangePartitionUniqueGUID(EFI_PARTITION_ENTRY* part_entry)
{
EFI_GUID ZeroGuid = { 0 };
if (!IsEqualGUID(&part_entry->PartitionTypeGUID, &ZeroGuid))
{
if (!SUCCEEDED(CoCreateGuid(&part_entry->UniquePartitionGUID)))
return FALSE;
else return TRUE;
}
return TRUE; // Succeed if no GUID is needed
}
BOOL ChangeGuids(EFI_GPT_HEADER* restrict hdr, EFI_PARTITION_ENTRY* restrict part_entry_array)
{
if (!SUCCEEDED(CoCreateGuid(&hdr->DiskGuid)))
return FALSE;
for (BYTE* i = part_entry_array; i < (BYTE*)part_entry_array + (hdr->NumPartitionEntries * hdr->PartitionEntrySize); i += hdr->PartitionEntrySize)
{
EFI_PARTITION_ENTRY* part = (EFI_PARTITION_ENTRY*)i;
if (!ChangePartitionUniqueGUID(part)) return FALSE;
}
return TRUE;
}
VOID ConstructBackupHeader(_In_ EFI_GPT_HEADER* main_hdr, _Out_ EFI_GPT_HEADER* backup_hdr)
{
memcpy(&backup_hdr->Signature, "EFI PART", 8);
backup_hdr->Revision = main_hdr->Revision;
backup_hdr->HeaderSize = main_hdr->HeaderSize;
backup_hdr->Reserved1 = 0;
backup_hdr->CurrentLBA = main_hdr->BackupLBA;
backup_hdr->BackupLBA = main_hdr->CurrentLBA;
backup_hdr->FirstLBAAfterPartitionHeaders = main_hdr->FirstLBAAfterPartitionHeaders;
backup_hdr->LastUseableLBA = main_hdr->LastUseableLBA;
backup_hdr->DiskGuid = main_hdr->DiskGuid;
// This might clobber implementation-specific data on some platforms but is guaranteed to produce a valid gpt backup header
backup_hdr->PartitionEntriesLBA = main_hdr->LastUseableLBA + 1;
backup_hdr->NumPartitionEntries = main_hdr->NumPartitionEntries;
backup_hdr->PartitionEntrySize = main_hdr->PartitionEntrySize;
backup_hdr->Crc32OfPartitionEntries = main_hdr->Crc32OfPartitionEntries;
memset(backup_hdr->Reserved2, 0x00, sizeof(backup_hdr->Reserved2));
// Header fully built, so compute crc
backup_hdr->Crc32OfHeader = 0;
DWORD crc32 = compute_crc32(backup_hdr, backup_hdr->HeaderSize);
backup_hdr->Crc32OfHeader = crc32;
}
BOOL PatchPartitionGuids(HANDLE drive)
{
return PatchPartitionGuidsEx(drive, 512);
}
BOOL PatchPartitionGuidsEx(HANDLE drive, int lb_size)
{
LARGE_INTEGER fp;
fp.QuadPart = 0;
if (SetFilePointerEx(drive, fp, NULL, FILE_BEGIN) == INVALID_SET_FILE_POINTER)
return -1;
MASTER_BOOT_RECORD* mbr = calloc(1, lb_size);
DWORD bytes_read = 0;
ReadFile(drive, mbr, lb_size, &bytes_read, NULL);
if (bytes_read != lb_size)
{
free(mbr);
return FALSE;
}
if (!isProtectiveMbrValid(mbr))
{
free(mbr);
return FALSE;
}
free(mbr);
EFI_GPT_HEADER* gpt_header = calloc(1, lb_size);
ReadFile(drive, gpt_header, lb_size, &bytes_read, NULL);
if (bytes_read != lb_size)
{
free(gpt_header);
return FALSE;
}
if (!isGptHeaderValid(gpt_header))
{
free(gpt_header);
return FALSE;
}
int size_of_partition_headers = gpt_header->NumPartitionEntries * gpt_header->NumPartitionEntries;
EFI_PARTITION_ENTRY* partition_entries = calloc(1, size_of_partition_headers);
fp.QuadPart = gpt_header->PartitionEntriesLBA * lb_size;
if (SetFilePointerEx(drive, fp, NULL, FILE_BEGIN) == INVALID_SET_FILE_POINTER)
{
free(gpt_header); free(partition_entries);
return FALSE;
}
ReadFile(drive, partition_entries, size_of_partition_headers, &bytes_read, NULL);
if (bytes_read != size_of_partition_headers)
{
free(gpt_header); free(partition_entries);
return FALSE;
}
// Don't bother checking partition entries considering they come from a known valid GPT header
ChangeGuids(gpt_header, partition_entries);
FixGptCrcs(gpt_header, partition_entries);
if (!isGptHeaderValid(gpt_header))
{
free(gpt_header); free(partition_entries);
return FALSE;
}
// Now that we have a new header and partition entries, we need to fix the gpt header
// The partition entries will be copied to the first non-useable LBA
EFI_GPT_HEADER* new_backup_hdr = calloc(1, lb_size);
fp.QuadPart = gpt_header->BackupLBA * lb_size;
if (SetFilePointerEx(drive, fp, NULL, FILE_BEGIN) == INVALID_SET_FILE_POINTER)
{
free(gpt_header); free(partition_entries); free(new_backup_hdr);
return FALSE;
}
ReadFile(drive, new_backup_hdr, lb_size, &bytes_read, NULL);
if (bytes_read != lb_size)
{
free(gpt_header); free(partition_entries); free(new_backup_hdr);
return FALSE;
}
ConstructBackupHeader(gpt_header, new_backup_hdr);
int bytes_written = 0;
// First write the gpt header which is always at LBA 1
fp.QuadPart = 1 * lb_size;
if (SetFilePointerEx(drive, fp, NULL, FILE_BEGIN) == INVALID_SET_FILE_POINTER)
{
free(gpt_header); free(partition_entries); free(new_backup_hdr);
return FALSE;
}
WriteFile(drive, gpt_header, lb_size, &bytes_written, NULL);
if (bytes_written != lb_size)
{
free(gpt_header); free(partition_entries); free(new_backup_hdr);
return FALSE;
}
// Next write the partition entries
fp.QuadPart = gpt_header->PartitionEntriesLBA * lb_size;
if (SetFilePointerEx(drive, fp, NULL, FILE_BEGIN) == INVALID_SET_FILE_POINTER)
{
free(gpt_header); free(partition_entries); free(new_backup_hdr);
return FALSE;
}
WriteFile(drive, partition_entries, size_of_partition_headers, &bytes_written, NULL);
if (bytes_written != size_of_partition_headers)
{
free(gpt_header); free(partition_entries); free(new_backup_hdr);
return FALSE;
}
// Next, the backup header
fp.QuadPart = gpt_header->BackupLBA * lb_size;
if (SetFilePointerEx(drive, fp, NULL, FILE_BEGIN) == INVALID_SET_FILE_POINTER)
{
free(gpt_header); free(partition_entries); free(new_backup_hdr);
return FALSE;
}
WriteFile(drive, new_backup_hdr, lb_size, &bytes_written, NULL);
if (bytes_written != lb_size)
{
free(gpt_header); free(partition_entries); free(new_backup_hdr);
return FALSE;
}
// Finally, the backup partition entries
fp.QuadPart = new_backup_hdr->PartitionEntriesLBA * lb_size;
if (SetFilePointerEx(drive, fp, NULL, FILE_BEGIN) == INVALID_SET_FILE_POINTER)
{
free(gpt_header); free(partition_entries); free(new_backup_hdr);
return FALSE;
}
WriteFile(drive, partition_entries, size_of_partition_headers, &bytes_written, NULL);
free(gpt_header); free(partition_entries); free(new_backup_hdr);
return bytes_written == size_of_partition_headers;
}
// This formats a guid in microsoft mixed endian. The out buffer must be 39 bytes
char* const FormatGuid(char* const output, GUID guid)
{
sprintf_s(output, 39, "{%.8lX-%.4hX-%.4hX-%.4hX-%.2hX%.2hX%.2hX%.2hX%.2hX%.2hX}",
guid.Data1, guid.Data2, guid.Data3, *(WORD*)guid.Data4,
guid.Data4[2], guid.Data4[3], guid.Data4[4], guid.Data4[5], guid.Data4[6], guid.Data4[7]);
return output;
}
BOOL ListPartitionGuids(HANDLE drive)
{
return ListPartitionGuidsEx(drive, 512);
}
ListPartitionGuidsEx(HANDLE drive, DWORD lb_size)
{
LARGE_INTEGER fp;
fp.QuadPart = 0;
if (SetFilePointerEx(drive, fp, NULL, FILE_BEGIN) == INVALID_SET_FILE_POINTER)
return -1;
MASTER_BOOT_RECORD* mbr = calloc(1, lb_size);
DWORD bytes_read = 0;
ReadFile(drive, mbr, lb_size, &bytes_read, NULL);
if (bytes_read != lb_size)
{
free(mbr);
return FALSE;
}
if (!isProtectiveMbrValid(mbr))
{
free(mbr);
return FALSE;
}
free(mbr);
EFI_GPT_HEADER* gpt_header = calloc(1, lb_size);
ReadFile(drive, gpt_header, lb_size, &bytes_read, NULL);
if (bytes_read != lb_size)
{
free(gpt_header);
return FALSE;
}
if (!isGptHeaderValid(gpt_header))
{
free(gpt_header);
return FALSE;
}
int size_of_partition_headers = gpt_header->NumPartitionEntries * gpt_header->NumPartitionEntries;
EFI_PARTITION_ENTRY* partition_entries = calloc(1, size_of_partition_headers);
fp.QuadPart = gpt_header->PartitionEntriesLBA * lb_size;
if (SetFilePointerEx(drive, fp, NULL, FILE_BEGIN) == INVALID_SET_FILE_POINTER)
{
free(gpt_header); free(partition_entries);
return FALSE;
}
ReadFile(drive, partition_entries, size_of_partition_headers, &bytes_read, NULL);
if (bytes_read != size_of_partition_headers)
{
free(gpt_header); free(partition_entries);
return FALSE;
}
char guid_name_buffer[39];
printf("GPT header GUID (mixed endian): %s\n\n", FormatGuid(guid_name_buffer, gpt_header->DiskGuid));
for (BYTE* i = partition_entries; i < (BYTE*)partition_entries + size_of_partition_headers; i += gpt_header->PartitionEntrySize)
{
EFI_PARTITION_ENTRY* part_entry = (EFI_PARTITION_ENTRY*)i;
// If the partition type GUID is 0, the partition entry is unused
EFI_GUID ZeroGuid = { 0 };
if (IsEqualGUID(&part_entry->PartitionTypeGUID, &ZeroGuid))
continue;
printf("Partition header name: %ls\n", part_entry->PartitionName);
printf("Partition header GUID (mixed endian): %s\n\n", FormatGuid(guid_name_buffer, part_entry->UniquePartitionGUID));
}
free(gpt_header); free(partition_entries);
return TRUE;
}
int main()
{
printf("Enter PhysicalDrive number: ");
int drive_num = 0;
if (scanf_s("%d", &drive_num) <= 0)
{
printf("Failed to read parameter, aborting\n");
return -1;
}
char dev_name[40];
sprintf_s(dev_name, 40, "\\\\.\\PhysicalDrive%d", drive_num);
HANDLE file = CreateFileA(dev_name, FILE_READ_ACCESS | FILE_WRITE_ACCESS,
FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
if (file == INVALID_HANDLE_VALUE)
{
printf("Invalid handle, aborting\n");
return -1;
}
if (!ListPartitionGuids(file))
{
printf("Failed to list partition GUIDs, aborting\n");
return -1;
}
printf("Do you want to randomize drive and partition guids for %s ? (y/n): ", dev_name);
char response[2];
fseek(stdin, 0, SEEK_END);
fgets(response, 2, stdin);
if (tolower(response[0]) != 'y')
{
printf("Exiting...\n");
return 0;
}
if (!PatchPartitionGuids(file))
{
printf("Failed\n");
return -1;
}
printf("Successfully patched GUIDs, exiting...\n");
return 0;
}