简单之微文件系统
来源:互联网 发布:win7安装sql没反应 编辑:程序博客网 时间:2024/04/29 17:59
为什么需要自定义一个微文件系统(高仿可以不考虑很多硬件的特性例如磁头或是磁盘单位大小),何时需要定义又使用在什么地方,我想说的是地方很多,先不说需要用到的地方就单单说微文件系统是驻扎在内存的一个块“缓存”,效率之高且具有一定的安全性(注意逻辑BUG导致的漏洞);例如文件加密或者说WEB服务器,特别是WEB服务器,无论是对于静态文件(高效访问,上传临时文件到服务器)还是动态CGI(执行二进制安全,上传恶意脚本)而言都具有一定的优势(在微系统内由于只有读写功能不存在内核镜像加载执行),让服务器访问属于一个自定义的微文件系统内,可以读取任何数据甚至修改任何数据(例如压缩数据),但我们不会保存(当然有存储功能);高仿微文件系统可以支持各种逻辑卷名与路径名。
【例如通过服务器进程0Day上传的恶意文件在隔离的微文件系统内,实际硬盘是不存在,执行自然失败】
这里会能充分利用空缝隙块(排除空间不足),也就是支持单个文件数据散乱无序(分块)存储,重要的是注意块对齐。
#define BOOT_AREA_SIZE (512)#define ZONE_NAME_SIZE (16)#define DISK_ZONE_COUNT (16) //最大创建逻辑磁盘总数#define USER_NAME_SIZE (20)#define USER_NAME_COUNT (64) //UACL 用户上限总数#define FOLDER_NAME_SIZE (128)#define FOLDER_NAME_COUNT (256) //每层文件夹最大创建数#define FOLDER_DIR_COUNT (16) //子文件夹最大数#define FOLDER_MASK_SIZE FOLDER_DIR_COUNT#define FILE_NAME_SIZE (128)#define FILE_MASK_SIZE FOLDER_DIR_COUNT#define FILE_SYSTEM_NAME_SIZE (8)#define SINGLE_CLUSTER_SIZE (1024)#define SINGLE_SECTION_SIZE (512)#define FILE_SYSTEM_TYPE (0x0CC99)#define FILE_SYSTEM_VERSION (0x0100)#define RESERVED_AREA_SIZE (908) //(SINGLE_CLUSTER_SIZE - (sizeof(_FALS_LOGICDISK_HEADER) % SINGLE_CLUSTER_SIZE))#define RESERVED_SECTION_SIZE (24) //(SINGLE_CLUSTER_SIZE - (sizeof(_FALS_PHYSICSDISK_HEADER) % SINGLE_CLUSTER_SIZE))#define FILE_SYSTEM_NAME ("FALS")#define INITVALUE (0x0FFFF)#pragma pack(1)typedef struct _FALS_ACE_USER {unsigned char uUserName[USER_NAME_SIZE];union _USER_CONTROL_ {struct _CONTROL_ {unsigned char uRead : 1;unsigned char uWrite : 1;unsigned char uReadOrWrite : 1;unsigned char uDelete : 1; //标记用户已被删除unsigned char uDisableAccess : 1;unsigned char uNotAllowExecution : 1; //不允许执行操作unsigned char uAllowAccessFolders : 1; //是否允许打开文件夹unsigned char uUserActivate : 1; //是否已激活unsigned char uRootPower : 1; //该权限可以直接对逻辑磁盘数据结构进行读写unsigned int uReservedAttreib : 23;} CTL;unsigned int uUserAttreib;} USER;} FALS_ACE_USER, *PFALS_ACE_USER;typedef struct _FALS_ZONE_INFO {unsigned char uLogicDiskName[ZONE_NAME_SIZE];ULONG_PTR uStartLogicDiskPoint;LONG_PTR lLogicDiskSize; //分配的逻辑磁盘大小union _ZONE_ATTREIB_ {struct _ATTREIB_ {unsigned char uRead : 1;unsigned char uWrite : 1;unsigned char uReadOrWrite : 1;unsigned char uShutDown : 1; //未使用unsigned char uDisableAccess : 1;unsigned char uOpenedUserAccessControl : 1; //开启用户访问权限unsigned char uOpenedDataCompress : 1; //开启磁盘压缩加密unsigned char uShareZone : 1;unsigned int uReservedAttreib : 24;} ATB;unsigned int uZoneAttreib;} ZONE;FALS_ACE_USER stFalsAceUser[USER_NAME_COUNT]; //用户控制列表} FALS_ZONE_INFO, *PFALS_ZONE_INFO;typedef struct _FALS_FILE_INFO {unsigned char uFileName[FILE_NAME_SIZE];unsigned short uFileMask[FILE_MASK_SIZE]; //文件夹伪识别码LONG_PTR lFileSize; //文件实际大小LONG_PTR lFileLogicSize; //实际占用空间对齐大小,不包括FALS_FILE_INFO头大小union _FILE_ATTREIB_ {struct _ATTREIB_ {unsigned char uRead : 1;unsigned char uWrite : 1;unsigned char uReadOrWrite : 1;unsigned char uIsDelete : 1; //已被删除unsigned char uDisableAccess : 1;unsigned char uOpenedUserAccessControl : 1; //开启用户访问权限unsigned char uOpenedDataCompress : 1; //开启磁盘压缩加密unsigned char uSliverData : 1; //是一个分片的文件数据unsigned short uFileMaskSize;unsigned char uShareFile : 1;unsigned int uReservedAttreib : 7;} ATB;unsigned int uFileAttreib;} FILE;//FALS_ACE_USER stFalsAceUser[USER_NAME_COUNT]; //用户控制列表ULONG_PTR uNextFilePoint; //下一个文件位置ULONG_PTR uBeforeFilePoint; //先前文件的位置struct _FILE_SLIVER_ {LONG_PTR lFileDataSize; //实际数据大小,排除_FILE_SLIVER_的大小LONG_PTR lFileLogicSize; //实际占用的总大小,包括_FILE_SLIVER_的大小//ULONG_PTR uFileDataPoint;ULONG_PTR uNextFileSliver;} FS;unsigned char uFileData[0];} FALS_FILE_INFO, *PFALS_FILE_INFO;typedef struct _FALS_FOLDER_INFO {unsigned char uFolderName[FOLDER_NAME_SIZE];unsigned short uFolderMask[FOLDER_MASK_SIZE];union _FOLDER_ATTREIB_ {struct _ATTREIB_ {unsigned char uRead : 1;unsigned char uWrite : 1;unsigned char uReadOrWrite : 1;unsigned char uIsDelete : 1; //已被删除unsigned char uDisableAccess : 1;unsigned char uOpenedUserAccessControl : 1; //开启用户访问权限unsigned short uFolderMaskSize;unsigned char uShareFolder : 1;unsigned int uReservedAttreib : 9;} ATB;unsigned int uFolderAttreib;} FOLDER;unsigned short uSubFolderCount; //子目录总数ULONG_PTR uFileCacheListPoint; //用于快速定位查找//FALS_ACE_USER stFalsAceUser[USER_NAME_COUNT]; //用户控制列表} FALS_FOLDER_INFO, *PFALS_FOLDER_INFO;typedef struct _FALS_FOLDER_LIST {unsigned int uUseFolderListCount; //已使用总数FALS_FOLDER_INFO stFalsFolderInfo[FOLDER_NAME_COUNT]; //当前目录数} FALS_FOLDER_LIST, *PFALS_FOLDER_LIST;typedef struct _FALS_LOGICDISK_HEADER {unsigned char uFileSystemName[FILE_SYSTEM_NAME_SIZE];unsigned long uSingleClusterSize; //每簇大小unsigned long uSingleSectionSize; //每个扇区的大小unsigned int uSingleClusterCount; //逻辑磁盘簇总数unsigned int uSingleSectionCount; //逻辑磁盘扇区总数LONG_PTR llogicDiskSurplusSize; //逻辑磁盘剩余空间LONG_PTR lLogicDiskDeleteSize; //已删除的数据大小FALS_FOLDER_LIST stFalsFolderDirList[FOLDER_DIR_COUNT]; //逻辑磁盘目录层数struct _FILE_LIST_POS_ {ULONG_PTR uStartFileListPoint; //文件数据起始头ULONG_PTR uStartFileDeleteList; //删除的文件信息ULONG_PTR uFinalFileListPoint; //最后一个文件链ULONG_PTR uNextFileDataPoint; //当前可用的文件数据位置ULONG_PTR uNextFileDeletePoint; //当前可保存的删除链接点} FLP;unsigned char uReservedArea[RESERVED_AREA_SIZE]; //保留的对齐区域unsigned char uFileListData[0]; //this->FALS_FILE_INFO} FALS_LOGICDISK_HEADER, *PFALS_LOGICDISK_HEADER;typedef struct _FALS_PHYSICSDISK_HEADER {unsigned char uBootAreaOpcodes[BOOT_AREA_SIZE];unsigned short uFileSystemType; //文件系统类型unsigned short uFileSystemVersion; //文件系统版本unsigned long uSingleClusterSize; //每簇大小unsigned long uSingleSectionSize; //每个扇区的大小unsigned int uSingleClusterCount; //硬盘簇总数unsigned int uSingleSectionCount; //硬盘扇区总数LONG_PTR lPhysicsDiskSurplusSize; //硬盘剩余空间FALS_ZONE_INFO stFalsZoneInfo[DISK_ZONE_COUNT]; //逻辑磁盘列表信息unsigned char uReservedSection[RESERVED_SECTION_SIZE]; //保留的对齐区间unsigned char uFalsLogicDiskData[0]; // this->FALS_LOGICDISK_HEADER} FALS_PHYSICSDISK_HEADER, *PFALS_PHYSICSDISK_HEADER;typedef struct _FALS_SLIVER_INFO {LONG_PTR lFileDataSize;LONG_PTR lFileLogicSize;//ULONG_PTR uFileDataPoint;ULONG_PTR uNextFileSliver;unsigned char uFileData[0];} FALS_SLIVER_INFO, *PFALS_SLIVER_INFO;typedef struct _FALS_FOLDER_DATA {unsigned short uDataMaskSize;unsigned short uDataMask[FOLDER_MASK_SIZE];PFALS_FOLDER_LIST lpFolderList; //当前目录下的文件夹信息PFALS_FILE_INFO lpFileInfo; //当前目录下的文件信息} FALS_FOLDER_DATA, *PFALS_FOLDER_DATA;#pragma pack()enum _FALS_ERROR_CODE_ {FALS_SUCCRESS,FALS_FAILURE,FALS_NULL_PARAM,FALS_SIZE_PARAM, //参数大小不正确FALS_FOLDER_CAP, //文件夹总数已上线FALS_FOLDER_NOT_FIND,FALS_FOLDER_EXISTS,FALS_FOLDER_DIR,FALS_FILE_EXISTS,FALS_NOT_FIND_LOGICDISK,FALS_NOT_FIND_FOLDER,FALS_NOT_FIND_FILE,FALS_NOT_FIND_USER,WRITE_FILE_DATA_FAIL} ;#define FALS_PATH TEXT("D:\\TDDownload\\Fals.sys")#define MAX_SUPPORT_AREA_SIZE (SINGLE_CLUSTER_SIZE * 2 - 1)void * __cdecl InitFalsSystem(LONG_PTR * lpPhysicsDiskSize);void * __cdecl CreateFalsLogicDisk(PFALS_PHYSICSDISK_HEADER lpFalsPhyDiskHeader, const char * lpLogicName, const char * lpDefaultUserName, LONG_PTR * lpLogicDiskSize);void * __cdecl GetFalsLogicDiskZoneInfo(PFALS_PHYSICSDISK_HEADER lpFalsPhyDiskHeader, const char * lpLogicName);void __cdecl FormatFalsLogicDisk(PFALS_PHYSICSDISK_HEADER lpFalsPhyDiskHeader);void * __cdecl GetLogicDiskSpecifyUserInfo(PFALS_PHYSICSDISK_HEADER lpFalsPhyDiskHeader, const char * lpLogicName, const char * lpszUserName);void * __cdecl CreateLogicDiskSpecifyUserName(PFALS_PHYSICSDISK_HEADER lpFalsPhyDiskHeader, const char * lpLogicName, const char * lpszUserName);int __cdecl DeleteLogicDiskSpecifyUser(PFALS_PHYSICSDISK_HEADER lpFalsPhyDiskHeader, const char * lpLogicName, const char * lpszUserName);int __cdecl CreateLogicDiskFolder(PFALS_LOGICDISK_HEADER lpFalsLogDiskHeader, const char * lpszFolderPath);int __cdecl DeleteLogicDiskFolder(PFALS_LOGICDISK_HEADER lpFalsLogDiskHeader, const char * lpszFolderPath);int __cdecl CreateLogicDiskFile(PFALS_LOGICDISK_HEADER lpFalsLogDiskHeader, const char * lpszFilePath, const void * lpFileData, LONG_PTR uFileDataSize);int __cdecl DeleteLogicDiskFile(PFALS_LOGICDISK_HEADER lpFalsLogDiskHeader, const char * lpszFilePath);int __cdecl ReadLogicDiskFile(PFALS_LOGICDISK_HEADER lpFalsLogDiskHeader,const char * lpszFilePath, LONG_PTR lStartReadFilePos, void * lpReadBuffer, LONG_PTR * lpReadSize);int __cdecl WriteLogicDiskFile(PFALS_LOGICDISK_HEADER lpFalsLogDiskHeader,const char * lpszFilePath, LONG_PTR lStartWriteFilePos, void * lpWriteBuffer, LONG_PTR uWriteSize);LONG_PTR __cdecl GetLogicDiskSpecifyFileSize(PFALS_LOGICDISK_HEADER lpFalsLogDiskHeader, const char * lpszFilePath);int __cdecl GetLogicDiskSpecifyFolderData(PFALS_LOGICDISK_HEADER lpFalsLogDiskHeader, const char * lpszFolderPath, PFALS_FOLDER_DATA lpFalsFolderData);void * __cdecl OpenFalsSystem(LONG_PTR * lpPhysicsDiskSize);bool __cdecl SaveFalsSystem(PFALS_PHYSICSDISK_HEADER lpFalsPhyDiskHeader);......
0 0
- 简单之微文件系统
- 简单文件系统
- 文件系统 之 linux文件系统简介
- Linux文件系统之proc文件系统
- 简单文件系统的实现
- 简单文件系统的实现
- 简单文件系统的实现
- sysfs 文件系统简单分析
- rootfs文件系统简单分析
- 简单文件系统实现
- linux文件系统简单介绍
- 简单文件系统的实现
- 简单文件系统的实现
- ext2文件系统简单认识
- 简单文件系统的实现
- aufs简单的文件系统
- 文件系统的简单操作
- 文件系统的简单操作
- html5+js+css开发贪吃蛇
- 使用QTcpSocket和QTcpServer进行TCP编程
- 10009---JavaScript--字符串
- Visual Studio各文件夹之间的关系
- Android home key以及menu key怎么起作用的
- 简单之微文件系统
- TCP 和 UDP 能否使用相同的端口号?
- Maven简介(二)——使用Maven
- LeetCode - 6. ZigZag Conversion
- php读取团购api
- Android Application class method onCreate being called multiple times
- Unable to load class 'org.codehaus.groovy.runtime.typehandling.ShortTypeHandling'错误解决办法
- CKeditor加入中文字体
- MySQL安装与配置