简体繁体 English

将原始数据“签名”写入磁盘而不会损坏文件系统

[英]Writing raw data “signature” to disk without corrupting filesystem

原文 2012-03-12 05:03:29 8 3 c++/ ntfs/ disk/ raw-data

I am trying to create a program that will write a series of 10-30 letters/numbers to a disk in raw format (not to a file that the OS will read). 我正在尝试创建一个程序，该程序将以原始格式（而不是操作系统将读取的文件）的一系列10-30个字母/数字写入磁盘。 Perhaps to make my attempt clearer, if you were to open the disk in a hex editor, you would see the 10-30 letters/numbers but a file manager such as Windows Explorer would not see it (because the data is not a file). 为了使我的尝试更加清楚，如果您要在十六进制编辑器中打开磁盘，您会看到10到30个字母/数字，但是文件管理器（如Windows资源管理器）将看不到它（因为数据不是文件）。

My goal is to be able to "sign" a disk with a series of characters and to be able to read and write that "signature" in my program. 我的目标是能够用一系列字符对磁盘进行“签名”，并能够在程序中读写该“签名”。 I understand NTFS signs its partitions with a NTFS flag as do other file systems and I have to be careful to not write my signature to any of those critical parts. 我了解NTFS会像其他文件系统一样使用NTFS标志来对其分区进行签名，因此我必须注意不要将我的签名写入任何这些关键部分。

Are there any libraries in C++/C that could help me write at a low level to a disk and how will I know a safe sector to start writing my signature to? C ++ / C中是否有任何库可以帮助我以较低级别向磁盘写入数据，我如何知道一个安全的扇区来开始向其写入签名？ To narrow this down, it only needs to be able to write to NTFS, FAT, FAT32, FAT16 and exFAT file systems and run on Windows. 为了缩小范围，它只需要能够写入NTFS，FAT，FAT32，FAT16和exFAT文件系统并在Windows上运行。 Any links or references are greatly appreciated! 任何链接或参考，不胜感激！

Edit: After some research, USB drives allow only 1 partition without applying hacking tricks that would unfold further problems for the user. 编辑：经过一些研究，USB驱动器仅允许1个分区，而没有应用会给用户带来更多问题的黑客手段。 This rules out the "partition idea" unfortunately. 不幸的是，这排除了“分割思想”。

3 个解决方案

First, as the commenters said, you should look at why you're trying to do this, and see if it's really a good idea. 首先，正如评论员所说，您应该查看为什么要这样做，并查看它是否真的是一个好主意。 Most apps which try to circumvent the normal UI the user has for using his/her computer are "bad", in various ways. 大多数尝试绕过用户使用其计算机的正常UI的应用程序在各种方面都是“不良”的。

That said, you could try finding a well-known file which will always be on the system and has some slack in the block size for the disk, and write to the slack. 就是说，您可以尝试找到一个众所周知的文件，该文件将始终存在于系统中，并且磁盘的块大小有些松弛，然后写入该松弛部分。 I don't think most filesystems would care about extra data in the slack, and it would probably even be copied if the file happens to be relocated (more efficient to copy the whole block at the disk level). 我认为大多数文件系统都不会关心松弛中的额外数据，如果恰好重定位文件，它甚至可能会被复制（在磁盘级别复制整个块更为有效）。

Just a thought; 只是一个想法; dunno how feasible it would be, but seems like it could work in theory. 不知道怎么会是可行的，但看起来它在理论上可以工作。

Though I think this is generally a pretty poor idea, the obvious way to do it would be to mark a cluster as "bad", then use it for your own purposes. 尽管我认为这通常是一个很糟糕的主意，但显而易见的方法是将群集标记为“不良”，然后将其用于自己的目的。

Problems with that: 问题在于：

Marking it as bad is non-trivial (on NTFS bad clusters are stored in a file named something like $BadClus , but it's not accessible to user code (and I'm not even sure it's accessible to a device driver either). 将其标记为坏是不平凡的（在NTFS上，坏群集存储在名为$BadClus类的文件中，但是用户代码无法访问它（而且我什至也不敢确定设备驱动程序也可以访问它）。
There are various programs to scan for (and attempt to repair) bad clusters/sectors. 有多种程序可以扫描（并尝试修复）不良的群集/扇区。 Since we don't even believe this one is really bad, almost any of these that works at all will find that it's good and put it back into use. 既然我们甚至都不认为这真的很糟糕，那么几乎所有有效的方法都会发现它是好的，然后重新使用。
Most of the reasons people think of doing things like this (like tying a particular software installation to a particular computer) are pretty silly anyway. 无论如何，人们认为这样做的大多数原因（例如将特定软件安装与特定计算机绑定在一起）都是很愚蠢的。
You'd have to scan through all the "bad" sectors to see if any of them contained your signature. 您必须浏览所有“坏”扇区，以查看其中是否包含您的签名。

This is very dangerous, however, zero-fill programs do the same thing so you can google how to wipe your hard drive with zero's in C++. 这是非常危险的，但是，零填充程序会执行相同的操作，因此您可以在C ++中用Google搜索如何用零擦除硬盘。

The hard part is finding a place you KNOW is unused and won't be used. 困难的部分是找到一个您尚未使用且不会被使用的地方。