sa3q
asked on
how to make self destructive exe in c++?
how to make an exe file using C++ program so that
it destroys itself after 10 days . i mean a trial version
please provide me the code
If using Visual Studio, see:
http://msdn.microsoft.com/en-us/library/221w8e43(VS.71).aspx
and use instead:
st_ctime // Time of creation of file
http://msdn.microsoft.com/en-us/library/221w8e43(VS.71).aspx
and use instead:
st_ctime // Time of creation of file
If the file will have read-only attribute, the script is supposed to change it before deleting?
The executable will be restored from the Recycle Bin. So the file should be broken somehow before deleting. And we can continue this way.
If it is the simplest case, I don't think it makes sense to delete the file. Maybe it will be enough just to check the time in few places and close the application.
The executable will be restored from the Recycle Bin. So the file should be broken somehow before deleting. And we can continue this way.
If it is the simplest case, I don't think it makes sense to delete the file. Maybe it will be enough just to check the time in few places and close the application.
This code deletes your own exe.
If you are not expert in protecting your exe, adding anti-debug, anti-dump, etc. features to your program, you can:
1) Hire some one to write such code for you in a freelancing site like Rentacoder.com
2) Use ready made applications which takes care of making trial, protection of your exe, anti-dump, anti-debug, anti-analysis, etc. features, Like: ExeCryptor and Themida. Both are really strong!
If you are not expert in protecting your exe, adding anti-debug, anti-dump, etc. features to your program, you can:
1) Hire some one to write such code for you in a freelancing site like Rentacoder.com
2) Use ready made applications which takes care of making trial, protection of your exe, anti-dump, anti-debug, anti-analysis, etc. features, Like: ExeCryptor and Themida. Both are really strong!
#include <windows.h>
typedef UINT (WINAPI *WAIT_PROC)(HANDLE, DWORD); // WaitForSingleObject
typedef BOOL (WINAPI *CLOSE_PROC)(HANDLE); // CloseHandle
typedef BOOL (WINAPI *DELETE_PROC)(LPCTSTR); // DeleteFile
typedef VOID (WINAPI *EXIT_PROC)(DWORD); // ExitProcess
typedef DWORD (WINAPI *REMOTETHREAD)(LPVOID); // Our remote code
typedef struct
{
WAIT_PROC fnWaitForSingleObject;
CLOSE_PROC fnCloseHandle;
DELETE_PROC fnDeleteFile;
EXIT_PROC fnExitProcess;
HANDLE hProcess;
TCHAR szFileName[MAX_PATH];
} INJECT;
#pragma check_stack(off)
DWORD WINAPI RemoteThread(INJECT *remote)
{
remote->fnWaitForSingleObject(remote->hProcess, INFINITE);
remote->fnCloseHandle(remote->hProcess);
remote->fnDeleteFile(remote->szFileName);
remote->fnExitProcess(0);
return 0;
}
#pragma check_stack
PVOID GetFunctionAddr(PVOID func)
{
#ifdef _DEBUG
// get address of function from the JMP <relative> instruction
DWORD *offset = (BYTE *)func + 1;
return (PVOID)(*offset + (BYTE *)func + 5);
#else
return func;
#endif
}
BOOL SelfDelete()
{
// Get process handle of the currently running as explorer
HANDLE hRemoteProcess = NULL;
STARTUPINFO si = { sizeof(si) };
PROCESS_INFORMATION pi;
if(CreateProcess(0, "explorer.exe", 0, 0, FALSE, (CREATE_SUSPENDED | CREATE_NO_WINDOW | IDLE_PRIORITY_CLASS), 0, 0, &si, À)){
CloseHandle(pi.hThread);
hRemoteProcess = pi.hProcess;
}
if(hRemoteProcess == NULL) return FALSE;
// Allocate memory in remote process
BYTE *code = (BYTE *)VirtualAllocEx(hRemoteProcess, 0, sizeof(INJECT) + 128, MEM_RESERVE|MEM_COMMIT, PAGE_EXECUTE_READWRITE);
if(code == NULL){ CloseHandle(hRemoteProcess); return FALSE; };
// Setup remote structure
INJECT *remote = (INJECT *)(code + 128);
HMODULE hKernel32 = GetModuleHandle("kernel32.dll");
INJECT local;
local.fnWaitForSingleObject = (WAIT_PROC)GetProcAddress(hKernel32, "WaitForSingleObject");
local.fnCloseHandle = (CLOSE_PROC)GetProcAddress(hKernel32, "CloseHandle");
local.fnExitProcess = (EXIT_PROC)GetProcAddress(hKernel32, "ExitProcess");
local.fnDeleteFile = (DELETE_PROC)GetProcAddress(hKernel32, "DeleteFileA");
// Duplicate our own process handle for remote process to wait on
HANDLE hCurProc = GetCurrentProcess();
DuplicateHandle(hCurProc, hCurProc, hRemoteProcess, &local.hProcess, 0, FALSE, DUPLICATE_SAME_ACCESS);
// Find name of current executable
GetModuleFileName(NULL, local.szFileName, MAX_PATH);
// Write in code to execute, and the remote structure
WriteProcessMemory(hRemoteProcess, code, GetFunctionAddr(RemoteThread), 128, 0);
WriteProcessMemory(hRemoteProcess, remote, &local, sizeof(local), 0);
// Execute the code in remote process
DWORD dwThreadId = 0;
HANDLE hThread = CreateRemoteThread(hRemoteProcess, NULL, 0, (REMOTETHREAD)code, remote, 0, &dwThreadId);
if(hThread != 0) CloseHandle(hThread);
return TRUE;
}
One of the problems is if it was installed as one user, you can't delete it unless you're logged as that user but as a non-admin user, you can still use it. You will need something that changes the ACL to whoever is using it and runs the delete program.
ASKER
CSecurity:
does this code work on windows vista or windows 7
please tell mee the changes that i must do in the code to work with my program.exe on the process
does this code work on windows vista or windows 7
please tell mee the changes that i must do in the code to work with my program.exe on the process
ASKER
CSecurity:
this code make acopy from the running process but how can i close the main process and delete the exe file from the hard disk
thanks
this code make acopy from the running process but how can i close the main process and delete the exe file from the hard disk
thanks
ASKER
what is the 10 parameter in this function
if(CreateProcess(0, "explorer.exe", 0, 0, FALSE, (CREATE_SUSPENDED | CREATE_NO_WINDOW | IDLE_PRIORITY_CLASS), 0, 0, &si, À)){
if(CreateProcess(0, "explorer.exe", 0, 0, FALSE, (CREATE_SUSPENDED | CREATE_NO_WINDOW | IDLE_PRIORITY_CLASS), 0, 0, &si, À)){
ASKER
i changed the 10 parameter to the adress of pi
&pi
&pi
ASKER
the code make a copy from the program.exe as explorer.exe in the task manger
but it not end the process of hte program.exe
how can i make that
but it not end the process of hte program.exe
how can i make that
ASKER
phoffric:
please can you explain in code please
CSecurity:
your code is not do what i want so i researched for other solution and i foun it
but the problem is how i will know that the program have 10 days run in the computer
please can you explain in code please
CSecurity:
your code is not do what i want so i researched for other solution and i foun it
but the problem is how i will know that the program have 10 days run in the computer
What OS? What compiler? What is the desired level of protection - extremely high to good enough to prevent a novice from hacking and circumventing my trial period?
re: The suggestion to just disable the program after the 10-day duration - what is your comment on that? Are you concerned that a user can keep resetting the clock?
The usage of a script is not necessarily trivial. How will you protect against a somewhat sophisticated user from deleting the script file that will delete the program?
Some programs (even moderately priced) require a connection to the internet and hooking to your server to permit some functionality.
I haven't written any code on this topic. Just started sound-boarding some ideas with you. Do you have a specific coding question?
I would not consider protecting against a hacker who is determined to go beyond the trial period a trivial design task (at least for me). Program and site security are obviously not simple problems. Is the suggestion to "Use ready made applications which takes care of making trial, protection of your exe, anti-dump, anti-debug, anti-analysis, etc. features, Like: ExeCryptor and Themida" not an option for you? Why not?
re: The suggestion to just disable the program after the 10-day duration - what is your comment on that? Are you concerned that a user can keep resetting the clock?
The usage of a script is not necessarily trivial. How will you protect against a somewhat sophisticated user from deleting the script file that will delete the program?
Some programs (even moderately priced) require a connection to the internet and hooking to your server to permit some functionality.
I haven't written any code on this topic. Just started sound-boarding some ideas with you. Do you have a specific coding question?
I would not consider protecting against a hacker who is determined to go beyond the trial period a trivial design task (at least for me). Program and site security are obviously not simple problems. Is the suggestion to "Use ready made applications which takes care of making trial, protection of your exe, anti-dump, anti-debug, anti-analysis, etc. features, Like: ExeCryptor and Themida" not an option for you? Why not?
ASKER
phoffric: i want to use
Use fstat to get time_t st_mtime // Time of last data modification
Get current date time, and compute duration.
how???
Use fstat to get time_t st_mtime // Time of last data modification
Get current date time, and compute duration.
how???
re: "what is the 10 parameter in this function"
I see that you are using windows vista or 7. But you didn't supply the compiler. If you want to know what is the meaning of the 10 parameters in this function, and if you are using Visual Studio, then just highlight the function, and press F1 for the CreateProcess function. Here is what you get:
http://msdn.microsoft.com/en-us/library/ms682425(VS.85).aspx.
From your comment, it appears that you ran a program with CreateProcess(... "explorere.exe" ...);
I don't think you should be building and running this type of program without first studying the meaning of all the functions.
As mentioned before, I do not have current code. (I had used fstat awhile back on unix.) I can take a look at this tomorrow. How about if you try out a simple program using fstat's st_ctime option for the Time of creation of file. If you get an incorrect answer, post your code, and your results (actual and expected), and we can look at that.
The link I gave you earlier has a sample program:
http://msdn.microsoft.com/en-us/library/221w8e43(VS.71).aspx
In Visual Studio, you can get further definition of types by right-clicking and select Go To Definition.
Also, please address the rest of the previous questions/comments I made in my previous post.
I see that you are using windows vista or 7. But you didn't supply the compiler. If you want to know what is the meaning of the 10 parameters in this function, and if you are using Visual Studio, then just highlight the function, and press F1 for the CreateProcess function. Here is what you get:
http://msdn.microsoft.com/en-us/library/ms682425(VS.85).aspx.
From your comment, it appears that you ran a program with CreateProcess(... "explorere.exe" ...);
I don't think you should be building and running this type of program without first studying the meaning of all the functions.
As mentioned before, I do not have current code. (I had used fstat awhile back on unix.) I can take a look at this tomorrow. How about if you try out a simple program using fstat's st_ctime option for the Time of creation of file. If you get an incorrect answer, post your code, and your results (actual and expected), and we can look at that.
The link I gave you earlier has a sample program:
http://msdn.microsoft.com/en-us/library/221w8e43(VS.71).aspx
In Visual Studio, you can get further definition of types by right-clicking and select Go To Definition.
Also, please address the rest of the previous questions/comments I made in my previous post.
Isn't this very easy?
#include <stdlib.h>
int main(void){
system("rm a.out");
return 0;
}
#include <stdlib.h>
int main(void){
system("rm a.out");
return 0;
}
Why don't you simply use the code and keep asking about it?
It doesn't copy, it does nothing... It creates a thread in explorer.exe (injects code in explorer.exe) to Delete your File.
Simply call SelfDelete() and then EXIT your program... That's all! OK?
It doesn't copy, it does nothing... It creates a thread in explorer.exe (injects code in explorer.exe) to Delete your File.
Simply call SelfDelete() and then EXIT your program... That's all! OK?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Sorry... Last comment was for another question...
Below is code that should run on unix or windows. It computes the seconds between the .exe creation and the current wall clock. Divide by (days * 24 * 60 * 60), as noted in other code, to get the elapsed number of days.
#include <stdio.h>
#include <sys/stat.h>
#include <time.h>
int main(int argc, char ** argv) {
int ret;
struct stat statbuff;
if( 0 != (ret = stat(argv[0], &statbuff)) ) {
printf("stat returned error\n");
return -99;
}
time_t mtime = statbuff.st_mtime;
time_t curtime = time(0);
time_t numSeconds = (curtime - mtime);
printf("Elapsed time (Seconds) = %d\n", numSeconds);
return 0;
}
fridom:
re: system("rm a.out");
The problem is that in some OS's, it is not possible to delete an executable while it is running.
re: system("rm a.out");
The problem is that in some OS's, it is not possible to delete an executable while it is running.
That's true but after the program has run the file is gone, at leat that's the way on Linux. Howerver I wonder what the purpose of such a thing could be, I can not think of one good reason
fridom:
That is interesting that you can delete a running executable on Linux. On cygwin and Windows, if a text file is opened for read/write, then deleting it externally is no problem. But, an external delete of running executable results in: "rm: cannot remove `a.exe': Permission denied" and the a.exe file remains after the program completes. The system call internal to the program results in the same error and again the a.exe file remains after the program completes.
If it works on Linux, and the author is not concerned about portability, then deleting the file internal to the program is a good solution. From the thread above, I believe that the author is interested in a Windows program.
That is interesting that you can delete a running executable on Linux. On cygwin and Windows, if a text file is opened for read/write, then deleting it externally is no problem. But, an external delete of running executable results in: "rm: cannot remove `a.exe': Permission denied" and the a.exe file remains after the program completes. The system call internal to the program results in the same error and again the a.exe file remains after the program completes.
If it works on Linux, and the author is not concerned about portability, then deleting the file internal to the program is a good solution. From the thread above, I believe that the author is interested in a Windows program.
Yes, he wants in Windows. For windows there is some ways to make a self destructive exe.
One of them injecting a thread into explorer.exe, thread will always try to delete your exe until it become successfull (means when you terminate your program) and then thread will remove itself too.
Another way is creating a loop in a batch file which always tries to delete your file and putting that batch file in same folder of your exe and then running batch file and terminating your program.
Asker got his answer, the code I provided works, but he is just another asker who asks and goes... Never returns to reply and give feedback until EE advisor send a warning. Some of them also doesn't return after warning and we see "Forced Accepted" option.
One of them injecting a thread into explorer.exe, thread will always try to delete your exe until it become successfull (means when you terminate your program) and then thread will remove itself too.
Another way is creating a loop in a batch file which always tries to delete your file and putting that batch file in same folder of your exe and then running batch file and terminating your program.
Asker got his answer, the code I provided works, but he is just another asker who asks and goes... Never returns to reply and give feedback until EE advisor send a warning. Some of them also doesn't return after warning and we see "Forced Accepted" option.
ASKER
thank you all i will try to try your code
i'm so sorry that i didn't reply for you because i was in sik leave this week
i'm so sorry that i didn't reply for you because i was in sik leave this week
ASKER
thanks
Get current date time, and compute duration.
If 10 days, write a script file and run it from your program and exit.
The script file could have a 3 second delay built in, and then it deletes the exe file.