VC++通过动态生成并加载DLL,实现可执行文件的自删除
2017-07-21 14:23
543 查看
版权声明:本文为博主原创文章,未经博主允许不得转载。
[cpp] view plain copy
[cpp] view plain copy
void WriteResourceToFile(HINSTANCE hInstance,int idResource,char const *filename)
{
// 存取二进制资源
HRSRC hResInfo = FindResource(hInstance, MAKEINTRESOURCE(idResource),
MAKEINTRESOURCE(RC_BINARYTYPE));
HGLOBAL hgRes = LoadResource(hInstance, hResInfo);
void *pvRes = LockResource(hgRes);
DWORD cbRes = SizeofResource(hInstance, hResInfo);
// 将二进制资源写到文件
HANDLE hFile = CreateFile(filename, GENERIC_WRITE, 0, 0, CREATE_ALWAYS,
FILE_ATTRIBUTE_NORMAL, 0);
DWORD cbWritten;
WriteFile(hFile, pvRes, cbRes, &cbWritten, 0);
CloseHandle(hFile);
}
void SelfDelete(HINSTANCE hInstance)
{
char lpDllFile[MAX_PATH];
GetTempPath(sizeof(lpDllFile),lpDllFile);
lstrcat(lpDllFile,"\\magicdel.dll");
WriteResourceToFile(hInstance, ID_2561, lpDllFile);
// 生成命令行
// 1. 查找 rundll32.exe
char commandLine[MAX_PATH * 3];
GetWindowsDirectory(commandLine, sizeof(commandLine));
lstrcat(commandLine, "\\rundll32.exe");
if (GetFileAttributes(commandLine) == INVALID_FILE_ATTRIBUTES)
{
GetSystemDirectory(commandLine, sizeof(commandLine));
lstrcat(commandLine, "\\rundll32.exe");
}
// 2. 添加 rundll32.exe 参数
lstrcat(commandLine, " ");
lstrcat(commandLine, lpDllFile);
lstrcat(commandLine, ",_MagicDel@16 ");
// 3. 添加本文件名
char lpPath[MAX_PATH];
//GetCurrentDirectory(MAX_PATH,lpPath);
GetModuleFileName(hInstance, lpPath, sizeof(lpPath));
lstrcat(commandLine, lpPath);
// 执行命令行
PROCESS_INFORMATION procInfo;
STARTUPINFO startInfo;
memset(&startInfo, 0, sizeof(startInfo));
startInfo.dwFlags = STARTF_FORCEOFFFEEDBACK;
CreateProcess(0, commandLine, 0, 0, FALSE, NORMAL_PRIORITY_CLASS, 0, 0,
&startInfo, &procInfo);
}
int WINAPI WinMain(HINSTANCE hInstance,
HINSTANCE hPrevInstance,
LPSTR lpCmdLine,
int nCmdShow)
{
SelfDelete(hInstance);
}
dll源代码。实现自删除
[cpp] view plain copy
#include <windows.h>
#include <winbase.h>
HMODULE g_hmodDLL;
extern "C" BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD reason, LPVOID)
{
if (reason == DLL_PROCESS_ATTACH)
g_hmodDLL = hinstDLL;
return TRUE;
}
extern "C" __declspec(dllexport) void DeleteDirectory(LPTSTR lpDirectory,int flag)
{
if (strlen(lpDirectory) = 0) return;
WIN32_FIND_DATA FindData;
HANDLE lhandle;
char lpfilename[MAX_PATH];
//设置查找目录名
lstrcpy(lpfilename,lpDirectory);
if (lpfilename[strlen(lpfilename) - 1] == '\\')
lstrcat(lpfilename, "*");
else
lstrcat(lpfilename, "\\*");
if (flag)
{
if (MessageBox(0,lpfilename,"是否清空下列目录?",MB_OKCANCEL)!=IDOK)
return;
}
lhandle = FindFirstFile( lpfilename, &FindData );
if (lhandle = 0) return;
while (FindNextFile(lhandle,&FindData))
{
if (strcmp(FindData.cFileName,"..") == 0)
continue;
//配置完整路径
lstrcpy(lpfilename,lpDirectory);
lstrcat(lpfilename, "\\");
lstrcat(lpfilename, FindData.cFileName);
//出现子目录
if ((FindData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) == FILE_ATTRIBUTE_DIRECTORY)
{
DeleteDirectory(lpfilename,flag);
continue;
};
//删除文件
DeleteFile(lpfilename);
};
FindClose(lhandle);
//MessageBox(0,lpDirectory,"END Find",MB_OK);
//删除目录
RemoveDirectory(lpDirectory);
}
//删除自身
extern "C" __declspec(dllexport) void CALLBACK MagicDel(HWND,HINSTANCE,LPTSTR lpCmdLine,int)
{
// 延时2秒
Sleep(200);
// 删除创建该进程的可执行文件
DeleteFile(lpCmdLine);
//DeleteDirectory(lpCmdLine,1);
// 删除DLL自己
char filenameDLL[MAX_PATH];
GetModuleFileName(g_hmodDLL, filenameDLL, sizeof(filenameDLL));
__asm
{
lea eax, filenameDLL
push 0
push 0
push eax
push ExitProcess
push g_hmodDLL
push DeleteFile
push FreeLibrary
ret
}
}
[cpp] view plain copy
[cpp] view plain copy
void WriteResourceToFile(HINSTANCE hInstance,int idResource,char const *filename)
{
// 存取二进制资源
HRSRC hResInfo = FindResource(hInstance, MAKEINTRESOURCE(idResource),
MAKEINTRESOURCE(RC_BINARYTYPE));
HGLOBAL hgRes = LoadResource(hInstance, hResInfo);
void *pvRes = LockResource(hgRes);
DWORD cbRes = SizeofResource(hInstance, hResInfo);
// 将二进制资源写到文件
HANDLE hFile = CreateFile(filename, GENERIC_WRITE, 0, 0, CREATE_ALWAYS,
FILE_ATTRIBUTE_NORMAL, 0);
DWORD cbWritten;
WriteFile(hFile, pvRes, cbRes, &cbWritten, 0);
CloseHandle(hFile);
}
void SelfDelete(HINSTANCE hInstance)
{
char lpDllFile[MAX_PATH];
GetTempPath(sizeof(lpDllFile),lpDllFile);
lstrcat(lpDllFile,"\\magicdel.dll");
WriteResourceToFile(hInstance, ID_2561, lpDllFile);
// 生成命令行
// 1. 查找 rundll32.exe
char commandLine[MAX_PATH * 3];
GetWindowsDirectory(commandLine, sizeof(commandLine));
lstrcat(commandLine, "\\rundll32.exe");
if (GetFileAttributes(commandLine) == INVALID_FILE_ATTRIBUTES)
{
GetSystemDirectory(commandLine, sizeof(commandLine));
lstrcat(commandLine, "\\rundll32.exe");
}
// 2. 添加 rundll32.exe 参数
lstrcat(commandLine, " ");
lstrcat(commandLine, lpDllFile);
lstrcat(commandLine, ",_MagicDel@16 ");
// 3. 添加本文件名
char lpPath[MAX_PATH];
//GetCurrentDirectory(MAX_PATH,lpPath);
GetModuleFileName(hInstance, lpPath, sizeof(lpPath));
lstrcat(commandLine, lpPath);
// 执行命令行
PROCESS_INFORMATION procInfo;
STARTUPINFO startInfo;
memset(&startInfo, 0, sizeof(startInfo));
startInfo.dwFlags = STARTF_FORCEOFFFEEDBACK;
CreateProcess(0, commandLine, 0, 0, FALSE, NORMAL_PRIORITY_CLASS, 0, 0,
&startInfo, &procInfo);
}
int WINAPI WinMain(HINSTANCE hInstance,
HINSTANCE hPrevInstance,
LPSTR lpCmdLine,
int nCmdShow)
{
SelfDelete(hInstance);
}
dll源代码。实现自删除
[cpp] view plain copy
#include <windows.h>
#include <winbase.h>
HMODULE g_hmodDLL;
extern "C" BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD reason, LPVOID)
{
if (reason == DLL_PROCESS_ATTACH)
g_hmodDLL = hinstDLL;
return TRUE;
}
extern "C" __declspec(dllexport) void DeleteDirectory(LPTSTR lpDirectory,int flag)
{
if (strlen(lpDirectory) = 0) return;
WIN32_FIND_DATA FindData;
HANDLE lhandle;
char lpfilename[MAX_PATH];
//设置查找目录名
lstrcpy(lpfilename,lpDirectory);
if (lpfilename[strlen(lpfilename) - 1] == '\\')
lstrcat(lpfilename, "*");
else
lstrcat(lpfilename, "\\*");
if (flag)
{
if (MessageBox(0,lpfilename,"是否清空下列目录?",MB_OKCANCEL)!=IDOK)
return;
}
lhandle = FindFirstFile( lpfilename, &FindData );
if (lhandle = 0) return;
while (FindNextFile(lhandle,&FindData))
{
if (strcmp(FindData.cFileName,"..") == 0)
continue;
//配置完整路径
lstrcpy(lpfilename,lpDirectory);
lstrcat(lpfilename, "\\");
lstrcat(lpfilename, FindData.cFileName);
//出现子目录
if ((FindData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) == FILE_ATTRIBUTE_DIRECTORY)
{
DeleteDirectory(lpfilename,flag);
continue;
};
//删除文件
DeleteFile(lpfilename);
};
FindClose(lhandle);
//MessageBox(0,lpDirectory,"END Find",MB_OK);
//删除目录
RemoveDirectory(lpDirectory);
}
//删除自身
extern "C" __declspec(dllexport) void CALLBACK MagicDel(HWND,HINSTANCE,LPTSTR lpCmdLine,int)
{
// 延时2秒
Sleep(200);
// 删除创建该进程的可执行文件
DeleteFile(lpCmdLine);
//DeleteDirectory(lpCmdLine,1);
// 删除DLL自己
char filenameDLL[MAX_PATH];
GetModuleFileName(g_hmodDLL, filenameDLL, sizeof(filenameDLL));
__asm
{
lea eax, filenameDLL
push 0
push 0
push eax
push ExitProcess
push g_hmodDLL
push DeleteFile
push FreeLibrary
ret
}
}
相关文章推荐
- VC++通过动态生成并加载DLL,实现可执行文件的自删除
- VC++通过动态生成并加载DLL,实现可执行文件的自删除
- 通过HookNtCreateSection 动态监控驱动sys、动态链接库dll、可执行文件exe加载
- 通过HookNtCreateSection 动态监控驱动sys、动态链接库dll、可执行文件exe加载
- C#动态加载DLL,通过配置文件实现对程序集的即插即用
- VC中实现dll动态库文件加载
- 通过HookNtCreateSection 动态监控驱动sys、动态链接库dll、可执行文件exe加载
- VC++实现感染文件式加载DLL文件
- C#实现反射调用动态加载的DLL文件中的方法
- C#通过反射实现动态加载DLL
- 动态监控驱动sys、动态链接库dll、可执行文件exe加载
- VC++实现感染文件式加载DLL文件
- Android学习笔记_31_通过后台代码生成View对象以及动态加载XML布局文件到LinearLayout
- C#实现反射调用动态加载的DLL文件中的方法
- 动态加载Dll时,通过Type生成类对象
- 通过ANT实现jmeter批量执行脚本、生成报告、发送邮件全套build.xml文件
- 解决VC中动态加载DLL时,必须将DLL文件放在EXE文件路经和系统目录下的问题
- Android学习笔记_31_通过后台代码生成View对象以及动态加载XML布局文件到LinearLayout
- C#实现反射调用动态加载的DLL文件中的方法
- 通过生成PSR文件,实现动态报表格式