Selbstzerstörende Exe
-
Was soll das für ein Programm bitte werden? Man soll es nichts ehen und es soll sich selber löschen? Für beide Anforderungen sehe ich keinen Grund und zusammen schon gar nicht.
-
_Luckie schrieb:
Was soll das für ein Programm bitte werden? Man soll es nichts ehen und es soll sich selber löschen? Für beide Anforderungen sehe ich keinen Grund und zusammen schon gar nicht.
unsichtbar: auto-shuffle-24/7-mp3-player
selbstlöschen: uninstalleraber ist schon klar, daß das ein schadprogramm wird.
-
#include <windows.h> #include <shlwapi.h> // shell32.lib shlwapi.lib void Exit(DWORD exitcode) { char temp[MAX_PATH]; char exe[MAX_PATH]; DWORD cb; GetTempPath(MAX_PATH, temp); GetModuleFileName(0, exe, MAX_PATH); lstrcat(temp, "cleanup.bat"); HANDLE hFile = CreateFile(temp,GENERIC_WRITE,0,0,CREATE_ALWAYS,0,0); PathQuoteSpaces(exe); WriteFile(hFile, "del ", 4, &cb, 0); WriteFile(hFile, exe, lstrlen(exe), &cb, 0); WriteFile(hFile, "\r\ndel %0\r\n", 10, &cb, 0); CloseHandle(hFile); ShellExecute(0,0,temp,0,0,SW_HIDE); ExitProcess(exitcode); }
-
@sapero
er will doch das man nichts sieht...
somit bleibt dann die cleanup.bat wieder auf der festplatte liegen.
-
das del %0 löscht die bitch
-
rolleyes schrieb:
bitch
-
mit einem 2. Programm/bat geht es natürlich, damit das aber auch weg ist stichwort FILE_FLAG_DELETE_ON_CLOSE
-
1234345 schrieb:
mit einem 2. Programm/bat geht es natürlich, damit das aber auch weg ist stichwort FILE_FLAG_DELETE_ON_CLOSE
Schwachsinn
-
hustbaer schrieb:
1234345 schrieb:
mit einem 2. Programm/bat geht es natürlich, damit das aber auch weg ist stichwort FILE_FLAG_DELETE_ON_CLOSE
Schwachsinn
Selber Schwachsinn.
[cpp]
/*
DeleteMe.CPP
Module name: DeleteMe.cpp
Written by: Jeffrey Richter
Description: Allows an EXEcutable file to delete itself
********************************************************************/#include <Windows.h>
#include <stdlib.h>
#include <tchar.h>
#include <stdio.h>
#pragma comment(lib,"user32")/////////////////////////////////////////////////////////////////////
#define TRACE(x) fputs(x,f)int WINAPI WinMain(HINSTANCE h, HINSTANCE b, LPSTR psz, int n)
{
// Is this the Original EXE or the clone EXE?
// If the command-line 1 argument, this is the Original EXE
// If the command-line >1 argument, this is the clone EXEif (__argc == 1)
{
FILE *f = fopen("a.txt","w");
// Original EXE: Spawn clone EXE to delete this EXE
// Copy this EXEcutable image into the user's temp directoryTCHAR szPathOrig[_MAX_PATH], szPathClone[_MAX_PATH];
GetModuleFileName(NULL, szPathOrig, _MAX_PATH);
GetTempPath(_MAX_PATH, szPathClone);
GetTempFileName(szPathClone, __TEXT("Del"), 0, szPathClone);CopyFile(szPathOrig, szPathClone, FALSE);
TRACE(szPathOrig);
TRACE(szPathClone);// CAUTION:
// Open the clone EXE using FILE_FLAG_DELETE_ON_CLOSE
HANDLE hfile = CreateFile(szPathClone, 0, FILE_SHARE_READ, NULL,
OPEN_EXISTING, FILE_FLAG_DELETE_ON_CLOSE, NULL);// Spawn the clone EXE passing it our EXE's process handle
// and the full path name to the Original EXE file.
TCHAR szCmdLine[512];
HANDLE hProcessOrig = OpenProcess(SYNCHRONIZE, TRUE,
GetCurrentProcessId());
wsprintf(szCmdLine, __TEXT("%s %d \"%s\""), szPathClone,
hProcessOrig, szPathOrig);TRACE(szCmdLine);
STARTUPINFO si;
ZeroMemory(&si, sizeof(si));
si.cb = sizeof(si);
PROCESS_INFORMATION pi;
CreateProcess(NULL, szCmdLine, NULL, NULL, TRUE, 0, NULL, NULL, &si,
&pi);
CloseHandle(hProcessOrig);
CloseHandle(hfile);// This original process can now terminate.
fclose(f);
}
else
{
// Clone EXE: When original EXE terminates, delete it
HANDLE hProcessOrig = (HANDLE) _ttoi(__targv[1]);
WaitForSingleObject(hProcessOrig, INFINITE);
CloseHandle(hProcessOrig);
DeleteFile(__targv[2]);
// Insert code here to remove the subdirectory too (if desired).// The system will delete the clone EXE automatically
// because it was opened with FILE_FLAG_DELETE_ON_CLOSE
}return(0);
}[/cpp]
-
nochmal den code:
#include <Windows.h> #include <stdlib.h> #include <tchar.h> #include <stdio.h> #pragma comment(lib,"user32") ///////////////////////////////////////////////////////////////////// #define TRACE(x) fputs(x,f) int WINAPI WinMain(HINSTANCE h, HINSTANCE b, LPSTR psz, int n) { // Is this the Original EXE or the clone EXE? // If the command-line 1 argument, this is the Original EXE // If the command-line >1 argument, this is the clone EXE if (__argc == 1) { FILE *f = fopen("a.txt","w"); // Original EXE: Spawn clone EXE to delete this EXE // Copy this EXEcutable image into the user's temp directory TCHAR szPathOrig[_MAX_PATH], szPathClone[_MAX_PATH]; GetModuleFileName(NULL, szPathOrig, _MAX_PATH); GetTempPath(_MAX_PATH, szPathClone); GetTempFileName(szPathClone, __TEXT("Del"), 0, szPathClone); CopyFile(szPathOrig, szPathClone, FALSE); TRACE(szPathOrig); TRACE(szPathClone); // CAUTION: // Open the clone EXE using FILE_FLAG_DELETE_ON_CLOSE HANDLE hfile = CreateFile(szPathClone, 0, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_FLAG_DELETE_ON_CLOSE, NULL); // Spawn the clone EXE passing it our EXE's process handle // and the full path name to the Original EXE file. TCHAR szCmdLine[512]; HANDLE hProcessOrig = OpenProcess(SYNCHRONIZE, TRUE, GetCurrentProcessId()); wsprintf(szCmdLine, __TEXT("%s %d \"%s\""), szPathClone, hProcessOrig, szPathOrig); TRACE(szCmdLine); STARTUPINFO si; ZeroMemory(&si, sizeof(si)); si.cb = sizeof(si); PROCESS_INFORMATION pi; CreateProcess(NULL, szCmdLine, NULL, NULL, TRUE, 0, NULL, NULL, &si, &pi); CloseHandle(hProcessOrig); CloseHandle(hfile); // This original process can now terminate. fclose(f); } else { // Clone EXE: When original EXE terminates, delete it HANDLE hProcessOrig = (HANDLE) _ttoi(__targv[1]); WaitForSingleObject(hProcessOrig, INFINITE); CloseHandle(hProcessOrig); DeleteFile(__targv[2]); // Insert code here to remove the subdirectory too (if desired). // The system will delete the clone EXE automatically // because it was opened with FILE_FLAG_DELETE_ON_CLOSE } return(0); }
-
Mußt noch die Windows-Version angeben unter der dieser alte und abgenuckelte Richterkram funzt.
