Spoofing the Windows 10 HDD/diskdrive serialnumber from kernel without hooking
The initial motivation is bypassing HWID detection methods used by intrusive software like anti-cheats, etc. or licensing restrictions implemented in software. The concept is not new but other solutions require a loaded driver at all times and a kernel hook with possible instabilities. This project only uses direct memory manipulation and makes it possible to fake the serials without hooking a function or having a loaded kernel module at all times.
Fakes the serialnumber for HDDs/diskdrives from kernelmode without hooking anything. The driver can be fully unloaded after changing the serialnumber.
Before:
After:
Only tested on Windows 10 16299.125
For testing purposes add: disk.EnableUUID="true" to your VMware .vmx file to enable serialnumbers