Chinaunix首页 | 论坛 | 博客
  • 博客访问: 779601
  • 博文数量: 265
  • 博客积分: 6010
  • 博客等级: 准将
  • 技术积分: 1985
  • 用 户 组: 普通用户
  • 注册时间: 2009-07-13 12:33
文章分类

全部博文(265)

文章存档

2011年(1)

2010年(66)

2009年(198)

我的朋友

分类: WINDOWS

2010-06-13 11:50:42

/*
 DeleteMe.CPP
 Module name: DeleteMe.cpp
 Written by: Jeffrey Richter
 Description: Allows an EXEcutable file to delete itself
 ********************************************************************/


#include <Windows.h>
#include <stdlib.h>
#include <tchar.h>
#include <stdio.h>
#pragma comment(lib,"user32")

/////////////////////////////////////////////////////////////////////

#define TRACE(x) fputs(x,f)

int WINAPI WinMain(HINSTANCE h, HINSTANCE b, LPSTR psz, int n)
{
        // Is this the Original EXE or the clone EXE?

        // If the command-line 1 argument, this is the Original EXE

        // If the command-line >1 argument, this is the clone EXE

        
        if (__argc == 1)
        {
                FILE *f = fopen("a.txt","w");
                // Original EXE: Spawn clone EXE to delete this EXE

                // Copy this EXEcutable image into the user's temp directory


                TCHAR szPathOrig[_MAX_PATH], szPathClone[_MAX_PATH];
                GetModuleFileName(NULL, szPathOrig, _MAX_PATH);
                GetTempPath(_MAX_PATH, szPathClone);
                GetTempFileName(szPathClone, __TEXT("Del"), 0, szPathClone);

                CopyFile(szPathOrig, szPathClone, FALSE);
                TRACE(szPathOrig);
                TRACE(szPathClone);

                // CAUTION:

                // Open the clone EXE using FILE_FLAG_DELETE_ON_CLOSE

                HANDLE hfile = CreateFile(szPathClone, 0, FILE_SHARE_READ, NULL,
                                                OPEN_EXISTING, FILE_FLAG_DELETE_ON_CLOSE, NULL);

                // Spawn the clone EXE passing it our EXE's process handle

                // and the full path name to the Original EXE file.

                TCHAR szCmdLine[512];
                HANDLE hProcessOrig = OpenProcess(SYNCHRONIZE, TRUE,
                                                                GetCurrentProcessId());
                wsprintf(szCmdLine, __TEXT("%s %d \"%s\""), szPathClone,
                        hProcessOrig, szPathOrig);
                
                
                TRACE(szCmdLine);
                

                STARTUPINFO si;
                ZeroMemory(&si, sizeof(si));
                si.cb = sizeof(si);
                PROCESS_INFORMATION pi;
                CreateProcess(NULL, szCmdLine, NULL, NULL, TRUE, 0, NULL, NULL, &si,
                        &pi);
                CloseHandle(hProcessOrig);
                CloseHandle(hfile);

                // This original process can now terminate.

                fclose(f);
        }
        else
        {
                // Clone EXE: When original EXE terminates, delete it

                HANDLE hProcessOrig = (HANDLE) _ttoi(__targv[1]);
                WaitForSingleObject(hProcessOrig, INFINITE);
                CloseHandle(hProcessOrig);
                DeleteFile(__targv[2]);
                // Insert code here to remove the subdirectory too (if desired).


                // The system will delete the clone EXE automatically

                // because it was opened with FILE_FLAG_DELETE_ON_CLOSE

        }

        
        return(0);
}


阅读(1936) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~