Hello
I am looking into creating a FS Filter to intercept IOCTL calls, say to;
IOCTL_STORAGE_QUERY_PROPERTY.
SMART_RCV_DRIVE_DATA.
IOCTL_SCSI_PASS_THROUGH
And return a fake SerialNumber.
I have not seen this discussed here so though I would ask, this will be targeting x64 (7,8,8.1,10), there are some old codes I have found and literature but it mostly dates back to XP x32 which would be too difficult to port.
http://pastebin.com/wvpXNLSt
Hopefully you can point me in the right direction, I am confident with FS Filter approach and can enumerate and fill my disks structure but the spoof element is something I would like to read up further on to implement correctly.
I am looking into creating a FS Filter to intercept IOCTL calls, say to;
IOCTL_STORAGE_QUERY_PROPERTY.
SMART_RCV_DRIVE_DATA.
IOCTL_SCSI_PASS_THROUGH
And return a fake SerialNumber.
I have not seen this discussed here so though I would ask, this will be targeting x64 (7,8,8.1,10), there are some old codes I have found and literature but it mostly dates back to XP x32 which would be too difficult to port.
http://pastebin.com/wvpXNLSt
Hopefully you can point me in the right direction, I am confident with FS Filter approach and can enumerate and fill my disks structure but the spoof element is something I would like to read up further on to implement correctly.
