DeviceIoControl

[ragdog]

Hi

Here is a old code from me to detect a Usb Drive

http://www.winasm.net/forum/index.php?act=Attach&type=post&id=17752

[bomz]

WINPE.TURBOUSB.X.EXE  41,3 МБ (43 373 750 байт)

Realize good idea - windows load like linux do. I divided windows to kernel and file system. after kernel loading (7.6 mb only) filesystem copy to system disk with Native Mode Utils. This is for cases when under BIOS USB 1.1 only, and PLoP bootmanager don't help because it's works good only with Intel USB controller chips. But through Windows USB driver USB 2.0 full speed posible.

*without sata drivers

[bomz]

IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS   EQU   <CTL_CODE ( IOCTL_VOLUME_BASE , 0 , METHOD_BUFFERED , FILE_ANY_ACCESS )>

http://www.japheth.de/WinInc.html#widownload


Private Const IoctlVolumeGetVolumeDiskExtents As Integer = &H560000
http://jo0ls-dotnet-stuff.blogspot.com/2008/12/howto-get-physical-drive-string.html

[sinsi]

This is what I used to use

Code Select Expand


CTL_CODE macro DeviceType, Function, Method, Access
exitm <((DeviceType) shl 16) OR ((Access) shl 14) OR ((Function) shl 2) OR (Method))>
endm


[bomz]

CTL_CODE macro DeviceType,Function,Method,Access
   exitm <( ( ( DeviceType )  shl  16 )  or  ( ( Access )  shl  14 )  or  ( ( Function )  shl  2 )  or  ( Method ) ) >
   endm

FSCTL_IS_VOLUME_MOUNTED   EQU   <CTL_CODE ( FILE_DEVICE_FILE_SYSTEM , 10 , METHOD_BUFFERED , FILE_ANY_ACCESS )>

FILE_DEVICE_FILE_SYSTEM   EQU   00000009h
METHOD_BUFFERED   EQU   0
FILE_ANY_ACCESS   EQU   0

Code Select Expand

.386

.model flat, stdcall
option casemap :none

include \MASM32\INCLUDE\windows.inc
include \MASM32\INCLUDE\user32.inc
include \MASM32\INCLUDE\kernel32.inc
includelib \MASM32\LIB\user32.lib
includelib \MASM32\LIB\kernel32.lib

.data
form db "EAX: %u", 0

.data?
buffer db 512 dup(?)

.code
start:
mov eax, 9
shl eax, 16
mov ebx, eax
mov eax, 10
shl eax, 14
or ebx, eax
mov eax, 0
shl eax, 2
or ebx, eax
mov eax, 0
or ebx, eax

invoke wsprintf,ADDR buffer,ADDR form,ebx
invoke MessageBox,0,ADDR buffer,0,MB_ICONASTERISK
invoke ExitProcess,0
end start

Code Select Expand

.386

.model flat, stdcall
option casemap :none

include \MASM32\INCLUDE\windows.inc
include \MASM32\INCLUDE\user32.inc
include \MASM32\INCLUDE\kernel32.inc
includelib \MASM32\LIB\user32.lib
includelib \MASM32\LIB\kernel32.lib

.data
PhysicalDrive0 db '\\.\PhysicalDrive0',0
NumberD db 'mounted %u',0
form db "error: %u", 0
perenos db 13,10,0

.data?
buffer db 512 dup(?)
cw dd ?

.code
start:
invoke CreateFile,addr PhysicalDrive0,GENERIC_READ or GENERIC_WRITE,FILE_SHARE_READ OR FILE_SHARE_WRITE,0, OPEN_EXISTING,0,0
mov ebx, eax
invoke DeviceIoControl, ebx, 753664, 0, 0, 0, 0, addr cw, 0
.if eax!=0
invoke wsprintf,ADDR buffer,addr NumberD, eax
.else
invoke GetLastError
invoke wsprintf,ADDR buffer,addr form, eax
.endif
invoke MessageBox,0,ADDR buffer,0,MB_ICONASTERISK
invoke CloseHandle, ebx
invoke ExitProcess,0
end start

[sinsi]

What Access is 10?

[bomz]

FSCTL_IS_VOLUME_MOUNTED   EQU   <CTL_CODE ( FILE_DEVICE_FILE_SYSTEM , 10 , METHOD_BUFFERED , FILE_ANY_ACCESS )>

[sinsi]

Code Select Expand


mov eax, 9 ;DeviceType
shl eax, 16
mov ebx, eax
mov eax, 0 ;Access <<<<
shl eax, 14
or ebx, eax
mov eax, 10 ;Function?
shl eax, 2
or ebx, eax
mov eax, 0 ;Method
or ebx, eax


CTL_CODE macro DeviceType(1),Function(2),Method(3),Access(4)
   exitm <( ( (DeviceType(1))  shl  16 )  or  ( ( Access(4) )  shl  14 )  or  ( ( Function(2) )  shl  2 )  or  ( Method(3) ) ) >

1,2,3,4
1,4,2,3

[bomz]

ERROR_INVALID_PARAMETER

[bomz]

How this table was made - here all disk which have assigned letters or not

[bomz]

One work - it's good for begining

Code Select Expand

.386

.model flat, stdcall
option casemap :none

include \MASM32\INCLUDE\windows.inc
include \MASM32\INCLUDE\user32.inc
include \MASM32\INCLUDE\kernel32.inc
includelib \MASM32\LIB\user32.lib
includelib \MASM32\LIB\kernel32.lib

FPUProc PROTO :QWORD,:DWORD

_DISK_EXTENT struct
  DiskNumber DWORD ?
  StartingOffset INT64 ?
  ExtentLength INT64 ?
_DISK_EXTENT ends

_VOLUME_DISK_EXTENTS struct
  NumberOfDiskExtents DWORD ?
  Extents _DISK_EXTENT <>
_VOLUME_DISK_EXTENTS ends

_DISK_GEOMETRY struct
  Cylinders INT64 ?
  MediaType DWORD ?
  TracksPerCylinder DWORD ?
  SectorsPerTrack DWORD ?
  BytesPerSector DWORD ?
_DISK_GEOMETRY ends

.data
PhysicalDrive0 db '\\.\PhysicalDrive0',0
NumberD db 'MediaType %u',13,10,'TracksPerCylinder %u',13,10,'SectorsPerTrack %u',13,10,'BytesPerSector %u',13,10,'Cylinders ',0
form db "error: %u", 0
perenos db 13,10,0
IOCTL_DISK_GET_DRIVE_GEOMETRY = 70000h

Mtype db 'Format is unknown',0
db 'A5.25" floppy, with 1.2MB and 512 bytes/sector.',0
db 'A3.5" floppy, with 1.44MB and 512 bytes/sector.',0
db 'A3.5" floppy, with 2.88MB and 512 bytes/sector.',0
db 'A3.5" floppy, with 20.8MB and 512 bytes/sector.',0
db 'A3.5" floppy, with 720KB and 512 bytes/sector.',0
db 'A5.25" floppy, with 360KB and 512 bytes/sector.',0
db 'A5.25" floppy, with 320KB and 512 bytes/sector.',0
db 'A5.25" floppy, with 320KB and 1024 bytes/sector.',0
db 'A5.25" floppy, with 180KB and 512 bytes/sector.',0
db 'A5.25" floppy, with 160KB and 512 bytes/sector.',0
db 'Removable media other than floppy.',0
db 'Fixed hard disk media.',0
db 'A3.5" floppy, with 120MB and 512 bytes/sector.',0
db 'A3.5" floppy, with 640KB and 512 bytes/sector.',0
db 'A5.25" floppy, with 640KB and 512 bytes/sector.',0
db 'A5.25" floppy, with 720KB and 512 bytes/sector.',0
db 'A3.5" floppy, with 1.2MB and 512 bytes/sector.',0
db 'A3.5" floppy, with 1.23MB and 1024 bytes/sector.',0
db 'A5.25" floppy, with 1.23MB and 1024 bytes/sector.',0
db 'A3.5" floppy, with 128MB and 512 bytes/sector.',0
db 'A3.5" floppy, with 230MB and 512 bytes/sector.',0
db 'An 8" floppy, with 256KB and 128 bytes/sector.',0
db 'A3.5" floppy, with 200MB and 512 bytes/sector. (HiFD).',0
db 'A3.5" floppy, with 240MB and 512 bytes/sector. (HiFD).',0
db 'A3.5" floppy, with 32MB and 512 bytes/sector.',0
baza dw 0,18,66,114,162,210,257,305,353,402,450,498,533,556,603,650,698,746,793,842,892,939,986,1033,1088,1143,1189

.data?
cw dd ?
data1 _DISK_GEOMETRY <>
buffer db 512 dup (?)

.code
start:

invoke CreateFile,addr PhysicalDrive0,GENERIC_READ,FILE_SHARE_READ OR FILE_SHARE_WRITE,0, OPEN_EXISTING,0,0
mov ebx, eax
invoke DeviceIoControl, ebx, IOCTL_DISK_GET_DRIVE_GEOMETRY,0,0,addr data1,sizeof data1, addr cw, 0
.if eax!=0
invoke wsprintf,ADDR buffer,addr NumberD, data1.MediaType, data1.TracksPerCylinder, data1.SectorsPerTrack, data1.BytesPerSector
invoke FPUProc, data1.Cylinders, addr buffer
invoke lstrcat, addr buffer, addr perenos
lea esi, baza
add esi, data1.MediaType
add esi, data1.MediaType
lea edi, Mtype
movzx eax, word ptr[esi]
add edi, eax
invoke lstrcat, addr buffer, edi
.else
invoke GetLastError
invoke wsprintf,ADDR buffer,addr form, eax
.endif
invoke MessageBox,0,ADDR buffer,0,MB_ICONASTERISK
invoke CloseHandle, ebx

invoke ExitProcess,0

FPUProc proc uses ebx Value:QWORD, String:DWORD
LOCAL CReg:REAL10
LOCAL FString[20]:BYTE

finit
fild qword ptr [Value];[data1.Cylinders]
fbstp CReg

lea esi,FString
add esi, 18
mov byte ptr[esi],0
lea edi,CReg
xor edx, edx
xor ebx, ebx

mov ecx, 9
next:
dec esi
dec esi
mov bl, byte ptr [edi]
shl ebx,4
add bh, 48
mov dl, bh
xor bh, bh
shr ebx, 4
add bl, 48
mov dh, bl
mov word ptr [esi], dx
inc edi
loop next

Next:
inc esi
cmp byte ptr [esi], 48
je Next

cmp byte ptr [esi], 0
jne NotZero
dec esi
NotZero:
invoke lstrcat, String, esi;addr FString
ret

FPUProc endp

end start

http://msdn.microsoft.com/en-us/library/windows/desktop/aa365231%28v=vs.85%29.aspx

[dedndave]

 :U
i knew it was in there, someplace

[bomz]

[bomz]

I don't how it make correct. inside winioctl.inc

if (_WIN32_WINNT ge 500h)
IOCTL_DISK_GET_PARTITION_INFO_EX   EQU   <CTL_CODE ( IOCTL_DISK_BASE , 0012h , METHOD_BUFFERED , FILE_ANY_ACCESS )>
IOCTL_DISK_SET_PARTITION_INFO_EX   EQU   <CTL_CODE ( IOCTL_DISK_BASE , 0013h , METHOD_BUFFERED , FILE_READ_ACCESS  or  FILE_WRITE_ACCESS )>
IOCTL_DISK_GET_DRIVE_LAYOUT_EX   EQU   <CTL_CODE ( IOCTL_DISK_BASE , 0014h , METHOD_BUFFERED , FILE_ANY_ACCESS )>
IOCTL_DISK_SET_DRIVE_LAYOUT_EX   EQU   <CTL_CODE ( IOCTL_DISK_BASE , 0015h , METHOD_BUFFERED , FILE_READ_ACCESS  or  FILE_WRITE_ACCESS )>
IOCTL_DISK_CREATE_DISK   EQU   <CTL_CODE ( IOCTL_DISK_BASE , 0016h , METHOD_BUFFERED , FILE_READ_ACCESS  or  FILE_WRITE_ACCESS )>
IOCTL_DISK_GET_LENGTH_INFO   EQU   <CTL_CODE ( IOCTL_DISK_BASE , 0017h , METHOD_BUFFERED , FILE_READ_ACCESS )>

If change it to 0400h it possible to get IOCTL_DISK_GET_LENGTH_INFO value. I download files from here http://www.japheth.de/WinInc.html stable version. and only comment few strings inside winioctl.inc

data2 INT64 ?
IOCTL_DISK_GET_LENGTH_INFO   = 7405ch
invoke DeviceIoControl, ebx, IOCTL_DISK_GET_LENGTH_INFO,0,0,addr data2,sizeof data2, addr cw, 0
invoke FPUProc, data2, addr buffer

How get GUID path to unmounted or invisible volume? FindFirstVolume - FindNextVolume see only mounted volumes. Even if I read partiton table - but how get GUID?

[ragdog]

Hi Bomz

For decode IOCTL codes give a usefull tool IoctlDecoder v1.6
http://www.freewebs.com/four-f/

Greets,