Skip to main content

PhysicalDisk and Volume Mapping information

After a long time, writing this post on Windows Disk Management. I was playing with volume management APIs and found it's quite easy to get some useful information like, how I know what are the volume(s) present on a physical disk. I'm talking about a hard drive here. Of course, the Windows disk manager will reveal it but why not I should have my own app. There are Windows Volume Management APIs including the very famous CreateFile API, which is one of the amazing APIs on Windows provided by Microsoft.

The objective was to build a tool that will tell How many HDDs are attached to the system with volume information. Here is the complete code:


const int BUFF_SIZE           = 512;
const int STR_SIZE              = 20;
const int DRIVE_ID_BUFF = 3;

int _tmain(int argc, _TCHAR* argv[])
{
    TCHAR szTemp[BUFF_SIZE];
   
    if (GetLogicalDriveStrings(BUFF_SIZE - 1, szTemp))
    {
        TCHAR szDrive[DRIVE_ID_BUFF] = TEXT(" :");
        TCHAR* pDrive = szTemp;

        std::multimap < DWORD, TCHAR * > mapDriveVolume;
        std::map < DWORD, DWORD > mapPhysicaDriveCnt;
        HANDLE   hLogicalDisk    =    INVALID_HANDLE_VALUE;
       
        while(*pDrive)
        {
            pDrive += _tcslen( pDrive ) + 1;

            *szDrive = *pDrive;

            TCHAR szLogicalDrive[STR_SIZE];
            memset(szLogicalDrive, 0, STR_SIZE);
            _tcscpy_s(szLogicalDrive, STR_SIZE, _T("\\\\.\\"));
            _tcscat_s(szLogicalDrive, STR_SIZE, szDrive);
           
            if(_tcscmp(szLogicalDrive, _T("\\\\.\\")) != 0)
            {
                BOOL bResult            =    FALSE; // results flag
                VOLUME_DISK_EXTENTS    vDiskExtent = {0};
                DWORD bytesReturned        = 0;
               
                hLogicalDisk = CreateFileW(szLogicalDrive,     // drive to open
                            0,            // no access to the drive
                            FILE_SHARE_READ |    // share mode
                            FILE_SHARE_WRITE,
                            NULL,            // default security attributes
                            OPEN_EXISTING,        // disposition
                            0,                // file attributes
                            NULL);

                if(INVALID_HANDLE_VALUE == hLogicalDisk)
                {
                    wprintf(L"Error in CreateFile() API with error: %ld\n", GetLastError());
                }
                else
                {
                    bResult = bResult = DeviceIoControl(hLogicalDisk,            // device to be queried
                                IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS,        // operation to perform
                                NULL, 0,                    // no input buffer
                                &vDiskExtent, sizeof(VOLUME_DISK_EXTENTS),    // output buffer
                                &bytesReturned,                    // # bytes returned
                                (LPOVERLAPPED) NULL);                // synchronous I/O
                }

                LARGE_INTEGER extLength = vDiskExtent.Extents->ExtentLength;
                if(extLength.QuadPart > 0)
                {
                    // This is a valid volume
                   
                    mapDriveVolume.insert(std::pair < DWORD, TCHAR * >(vDiskExtent.Extents->DiskNumber, pDrive));
                    mapPhysicaDriveCnt.insert(std::pair < DWORD, DWORD >(vDiskExtent.Extents->DiskNumber, vDiskExtent.Extents->DiskNumber));
                }
            }

            CloseHandle(hLogicalDisk);
        }    // End of while

        for( std::map < DWORD, DWORD >::iterator ii = mapPhysicaDriveCnt.begin(); ii != mapPhysicaDriveCnt.end(); ++ii)
        {
            wprintf(L"Number of volume in physical drive %ld is %ld\n", (*ii).first, mapDriveVolume.count((*ii).first));
           
            std::pair < std::multimap >DWORD, TCHAR * >::iterator, std::multimap>DWORD, TCHAR * >::iterator > ret;
            ret = mapDriveVolume.equal_range((*ii).first);
           
            for (std::multimap < DWORD, TCHAR * >::iterator it=ret.first; it!=ret.second; ++it)
            {
                wprintf(L"Volumes in physical drive: %ld is/are %s\n", it->first, it->second);
            }
            wprintf(L"\n");
        }
    }

    return 0;
}

The output will be like the below:




Comments

Popular posts from this blog

Variadic template class to add numbers recursively during compilation

 The idea of having a class to add numbers (variable parameters) during compilation time recursively. Also wanted to restrict types to a single type while sending parameters to class member function. That said, if we mix int, float and double types to add function shall result in compilation error. How do we achieve this. The below is the code which actually helps to achieve this: <code> #include < fmt/format.h > template < typename T> class MyVarSumClass{     private :         T _sum = 0 ;     public :         template < typename ... TRest>         T add(T num, TRest... nums){             static_assert (std::conjunction<std::is_same<TRest, T>...>{}); /* Assert fails                if types are different */             _sum += num;             return add(nums...); // Next parameter packs gets picked recursively         }         // Base case         T add(T num){             _sum += num;             return _sum;         } }; int main() {     My

A simple approach to generate Fibonacci series via multi-threading

T his is a very simple approach taken to generate the Fibonacci series through multithreading. Here instead of a function, used a function object. The code is very simple and self-explanatory.  #include <iostream> #include <mutex> #include <thread> class Fib { public:     Fib() : _num0(1), _num1(1) {}     unsigned long operator()(); private:     unsigned long _num0, _num1;     std::mutex mu; }; unsigned long Fib::operator()() {     mu.lock(); // critical section, exclusive access to the below code by locking the mutex     unsigned long  temp = _num0;     _num0 = _num1;     _num1 = temp + _num0;     mu.unlock();     return temp; } int main() {     Fib f;          int i = 0;     unsigned long res = 0, res2= 0, res3 = 0;     std::cout << "Fibonacci series: ";     while (i <= 15) {         std::thread t1([&] { res = f(); }); // Capturing result to respective variable via lambda         std::thread t2([&] { res2 = f(); });         std::thread t3(

A concept to a product (Kimidori [ 黄緑]) - Part 2

In the previous part , we have seen KIMIDORI [ 黄緑] detect if a URL is malicious. In this part, we will see the details that KIMIDORI [ 黄緑] fetches out of the URL provided. As an example, provided a safe URL, https://www.azuresys.com/, and let's see what it brings out: As we can see, the link is safe and the link is active, which means we can just click on the link to open it on IE.  Now it's time to look into the URL report (still under development):  We have URLs IP, Location, and HTTP Status code. The Report part is a sliding window, the Show Report button shows as well as hides the report. Show / Hide Report is a toggle button. Let's see if we get the same details for any bad (phishing / malicious) URL: Took an URL example from a phishing link and tested it. The tool detected it as not a good link (Screen Shot Below) & link does not activate unlike a safe URL: Now let's see the report part for more details including domain registration details: It looks like it&