如何在Windows中以低级别读取磁盘数据？

这两种方法对我都有效。要访问C盘或者整个硬盘，你需要管理员权限。下面是一个可以替代open()的例子：

def open_physical_drive(
    number,
    mode="rb",
    buffering=-1,
    encoding=None,
    errors=None,
    newline=None,
    closefd=True,
    opener=None,
):
    """
    Opens a physical drive in read binary mode by default
    The numbering starts with 0
    """
    return open(
        fr"\\.\PhysicalDrive{number}",
        mode,
        buffering,
        encoding,
        errors,
        newline,
        closefd,
        opener,
    )


def open_windows_partition(
    letter,
    mode="rb",
    buffering=-1,
    encoding=None,
    errors=None,
    newline=None,
    closefd=True,
    opener=None,
):
    """
    Opens a partition of a windows drive letter in read binary mode by default
    """
    return open(
        fr"\\.\{letter}:", mode, buffering, encoding, errors, newline, closefd, opener
    )


# first 16 bytes from partition C:
# on Linux it's like /dev/sda1
with open_windows_partition("C") as drive_c:
    print(drive_c.read(16))


# first 16 bytes of first drive
# on Linux it's like /dev/sda
with open_physical_drive(0) as drive_0:
    print(drive_0.read(16))

记住，在Windows和其他操作系统中，所有的对象都是文件。要从E盘打开并读取16个字节的数据，可以使用下面的代码：

# Open a Disk in binary format read only 16 bytes
file = "\\\\.\\E:"
with open(file,'rb') as f:
    print("Disk Open")
    data = f.read(16)
    # Convert the binary data to upper case hex ascii code
    hex_data = " ".join("{:02X}".format(c) for c in data)
    print(hex_data)

来自 http://support.microsoft.com/kb/100027

如果你想在一个基于Win32的应用程序中直接访问物理硬盘（也就是原始输入输出），你需要使用一种特定的设备名称格式：

\\.\PhysicalDriveN

这里的N可以是0、1、2等等，代表系统中的每一个物理硬盘。

如果你想打开一个逻辑驱动器，直接访问的格式是：

\\.\X: 

这里的X:是指硬盘分区的字母，比如说软盘驱动器或者光盘驱动器。