加载中…
个人资料
微博
  • 博客等级:
  • 博客积分:
  • 博客访问:
  • 关注人气:
  • 获赠金笔:0支
  • 赠出金笔:0支
  • 荣誉徽章:
正文 字体大小:

如何获取BIOS序列号

(2009-03-20 19:16:53)
标签:

获取bios序列号

it

 分类: 编程
typedef struct _UNICODE_STRING
{
    USHORT  Length;//长度
    USHORT  MaximumLength;//最大长度
    PWSTR   Buffer;//缓存指针
}UNICODE_STRING,*PUNICODE_STRING;

typedef struct _OBJECT_ATTRIBUTES
{
    ULONG           Length;                     //长度 18h
    HANDLE          RootDirectory;              //  00000000
    PUNICODE_STRING ObjectName;                 //指向对象名的指针
    ULONG           Attributes;                 //对象属性00000040h
    PVOID           SecurityDescriptor;         // Points to type SECURITY_DESCRIPTOR,0
    PVOID           SecurityQualityOfService  // Points to type SECURITY_QUALITY_OF_SERVICE,0
} OBJECT_ATTRIBUTES;

typedef OBJECT_ATTRIBUTES *POBJECT_ATTRIBUTES;
typedef DWORD (__stdcall *ZWOS )( PHANDLE,ACCESS_MASK,POBJECT_ATTRIBUTES);
typedef DWORD (__stdcall *ZWMV )( HANDLE,HANDLE,PVOID,ULONG,ULONG,PLARGE_INTEGER,PSIZE_T,DWORD,ULONG,ULONG);
typedef DWORD (__stdcall *ZWUMV )( HANDLE,PVOID);


UINT FindAwardBios(BYTE** ppBiosAddr)
{
    BYTE* pBiosAddr = * ppBiosAddr + 0xEC71;
    BYTE szBiosData[128];
    CopyMemory(szBiosData, pBiosAddr, 127);
    szBiosData[127] = 0;

    int iLen = lstrlen((char*)szBiosData);

    if (iLen > 0 && iLen < 128)
    {
        //AWard:         07/08/2002-i845G-ITE8712-JF69VD0CC-00
        //Phoenix-Award: 03/12/2002-sis645-p4s333

        if (szBiosData[2] == '/' && szBiosData[5] == '/')
        {
            BYTE *p = szBiosData;

            while (*p)
            {
                if (*p < ' ' || *p >= 127)
                    break;

                ++p;
            }

            if (*p == 0)
            {
                *ppBiosAddr = pBiosAddr;
                return ( UINT )iLen;
            }
        }
    }

    return 0;
}

UINT FindAmiBios(BYTE **ppBiosAddr)
{
    BYTE *pBiosAddr = *ppBiosAddr + 0xF478;
    BYTE szBiosData[128];
    CopyMemory(szBiosData, pBiosAddr, 127);
    szBiosData[127] = 0;

    int iLen = lstrlen((char*)szBiosData);
    
    if (iLen > 0 && iLen < 128)
    {
        // Example: "AMI: 51-2300-000000-00101111-030199-"
       
        if (szBiosData[2] == '-' && szBiosData[7] == '-')
        {
            BYTE *p = szBiosData;
           
            while (*p)
            {
                if (*p < ' ' || *p >= 127)
                    break;
               
                ++p;
            }
           
            if (*p == 0)
            {
                *ppBiosAddr = pBiosAddr;
               
                return ( UINT )iLen;
            }
        }
    }

    return 0;
}

UINT FindPhoenixBios(BYTE **ppBiosAddr)
{
    UINT uOffset[3] = {0x6577, 0x7196, 0x7550};

    for (UINT i = 0; i < 3; ++i)
    {
        BYTE *pBiosAddr = *ppBiosAddr + uOffset[i];
        BYTE szBiosData[128];
        CopyMemory(szBiosData, pBiosAddr, 127);
        szBiosData[127] = 0;

          int iLen = lstrlen((char*) szBiosData);
          if (iLen > 0 && iLen < 128)
          {
              // Example: Phoenix "NITELT0.86B.0044.P11.9910111055"

              if (szBiosData[7] == '.' && szBiosData[11] == '.')
              {
                  BYTE *p = szBiosData;
                  while (*p)
                  {
                      if (*p < ' ' || *p >= 127)
                          break;

                      ++ p;
                  }

                  if (*p == 0)
                  {
                      *ppBiosAddr = pBiosAddr;
                      return (UINT)iLen;
                  }
              }
          }
      }

      return 0;
  }

// 获取 BIOS 信息
// 结果保存在当前目录下的 bios_seq.txt 文件下
void GetBiosInfo()
{
    SIZE_T ssize;
    LARGE_INTEGER so;
    so.LowPart = 0x000f0000;
    so.HighPart = 0x00000000;
    ssize = 0xffff;
    wchar_t strPH[30] = L"\\device\\physicalmemory";
   
    DWORD ba = 0;

    UNICODE_STRING struniph;
    struniph.Buffer = strPH;
    struniph.Length = 0x2c;
    struniph.MaximumLength = 0x2e;

    OBJECT_ATTRIBUTES obj_ar;
    obj_ar.Attributes = 64;
    obj_ar.Length = 24;
    obj_ar.ObjectName = &struniph;
    obj_ar.RootDirectory = 0;
    obj_ar.SecurityDescriptor = 0;
    obj_ar.SecurityQualityOfService = 0;

    HMODULE hinstLib = LoadLibrary("ntdll.dll");
    ZWOS ZWopenS = (ZWOS) GetProcAddress(hinstLib,"ZwOpenSection");
    ZWMV ZWmapV = (ZWMV) GetProcAddress(hinstLib,"ZwMapViewOfSection");
    ZWUMV ZWunmapV = (ZWUMV) GetProcAddress(hinstLib,"ZwUnmapViewOfSection");

    //调用函数,对物理内存进行映射
    HANDLE hSection;

    //执行后会在当前进程的空间开辟一段64k的空间,并把f000:0000到f000:ffff处的内容映射到这里
    //映射的基址由ba返回,如果映射不再有用,应该用ZwUnmapViewOfSection断开映射
    if (0 == ZWopenS(&hSection, 4, &obj_ar) && 0 == ZWmapV((HANDLE) hSection, (HANDLE) 0xFFFFFFFF, &ba, 0, 0xFFFF, &so,&ssize, 1, 0, 2))
    {
        BYTE* pBiosSerial = (BYTE*)ba;
        UINT uBiosSerialLen = FindAwardBios(&pBiosSerial);

        if (uBiosSerialLen == 0U)
        {
            uBiosSerialLen = FindAmiBios(&pBiosSerial);
            if (uBiosSerialLen == 0U)
                uBiosSerialLen = FindPhoenixBios(&pBiosSerial);
        }

        // 把 BIOS 信息传出去
        if (uBiosSerialLen != 0U)
        {
            // 以写追加的方式打开保存结果的文件
            FILE *pf = fopen("./bios_seq.txt", "a+");

            // 增加断言,确认文件打开成功
            assert(NULL != pf);

            if (NULL != pf)
            {
                // 若文件成功打开,则把 BIOS 信息写入文件
                fprintf(pf, "bios sequence is %s\n", pBiosSerial);

                // 关闭文件句柄
                fclose(pf);
            }

            memcpy(pBios, pBiosSerial, nLen);
        }

        ZWunmapV((HANDLE)0xFFFFFFFF, (void*) ba);
    }
}

喜欢

0

阅读 收藏 喜欢 打印举报/Report
前一篇:暴笑造句
  

新浪BLOG意见反馈留言板 欢迎批评指正

新浪简介 | About Sina | 广告服务 | 联系我们 | 招聘信息 | 网站律师 | SINA English | 产品答疑

Copyright © 1996 - 2022 SINA Corporation, All Rights Reserved

新浪公司 版权所有