VC++通过动态生成并加载DLL,实现可执行文件的自删除

时间:2021-01-26 12:48:37
版权声明:本文为博主原创文章,未经博主允许不得转载。 [cpp] view plain copy 
  1.    
[cpp] view plain copy 
  1. void WriteResourceToFile(HINSTANCE hInstance,int idResource,char const *filename)     
  2. {     
  3.     // 存取二进制资源      
  4.     HRSRC hResInfo = FindResource(hInstance, MAKEINTRESOURCE(idResource),     
  5.     MAKEINTRESOURCE(RC_BINARYTYPE));     
  6.     HGLOBAL hgRes = LoadResource(hInstance, hResInfo);     
  7.     void *pvRes = LockResource(hgRes);     
  8.     DWORD cbRes = SizeofResource(hInstance, hResInfo);     
  9.      
  10.     // 将二进制资源写到文件      
  11.     HANDLE hFile = CreateFile(filename, GENERIC_WRITE, 0, 0, CREATE_ALWAYS,     
  12.     FILE_ATTRIBUTE_NORMAL, 0);     
  13.     DWORD cbWritten;     
  14.     WriteFile(hFile, pvRes, cbRes, &cbWritten, 0);     
  15.     CloseHandle(hFile);     
  16. }     
  17.      
  18. void SelfDelete(HINSTANCE hInstance)     
  19. {     
  20.     char lpDllFile[MAX_PATH];     
  21.     GetTempPath(sizeof(lpDllFile),lpDllFile);     
  22.     lstrcat(lpDllFile,"\\magicdel.dll");     
  23.      
  24.     WriteResourceToFile(hInstance, ID_2561, lpDllFile);     
  25.      
  26.     // 生成命令行      
  27.     // 1. 查找 rundll32.exe      
  28.     char commandLine[MAX_PATH * 3];     
  29.     GetWindowsDirectory(commandLine, sizeof(commandLine));     
  30.     lstrcat(commandLine, "\\rundll32.exe");     
  31.     if (GetFileAttributes(commandLine) == INVALID_FILE_ATTRIBUTES)     
  32.     {     
  33.         GetSystemDirectory(commandLine, sizeof(commandLine));     
  34.         lstrcat(commandLine, "\\rundll32.exe");     
  35.     }     
  36.      
  37.     // 2. 添加 rundll32.exe 参数      
  38.     lstrcat(commandLine, " ");     
  39.     lstrcat(commandLine, lpDllFile);     
  40.     lstrcat(commandLine, ",_MagicDel@16 ");     
  41.      
  42.     // 3. 添加本文件名      
  43.     char lpPath[MAX_PATH];     
  44.     //GetCurrentDirectory(MAX_PATH,lpPath);      
  45.     GetModuleFileName(hInstance, lpPath, sizeof(lpPath));     
  46.     lstrcat(commandLine, lpPath);     
  47.      
  48.     // 执行命令行      
  49.     PROCESS_INFORMATION procInfo;     
  50.     STARTUPINFO startInfo;     
  51.     memset(&startInfo, 0, sizeof(startInfo));     
  52.     startInfo.dwFlags = STARTF_FORCEOFFFEEDBACK;     
  53.     CreateProcess(0, commandLine, 0, 0, FALSE, NORMAL_PRIORITY_CLASS, 0, 0,     
  54.     &startInfo, &procInfo);     
  55. }     
  56.      
  57. int WINAPI WinMain(HINSTANCE hInstance,     
  58.    HINSTANCE hPrevInstance,     
  59.    LPSTR lpCmdLine,     
  60.    int nCmdShow)     
  61. {     
  62.     SelfDelete(hInstance);     
  63. }     


 

 

 dll源代码。实现自删除

[cpp] view plain copy 
  1. #include    <windows.h>      
  2. #include    <winbase.h>      
  3. HMODULE     g_hmodDLL;     
  4.      
  5. extern "C" BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD reason, LPVOID)     
  6. {     
  7.     if (reason == DLL_PROCESS_ATTACH)     
  8.         g_hmodDLL = hinstDLL;     
  9.     return TRUE;     
  10. }     
  11.      
  12. extern "C" __declspec(dllexportvoid DeleteDirectory(LPTSTR lpDirectory,int flag)     
  13. {     
  14.     if (strlen(lpDirectory) = 0) return;     
  15.      
  16.     WIN32_FIND_DATA FindData;     
  17.     HANDLE  lhandle;     
  18.     char    lpfilename[MAX_PATH];     
  19.          
  20.     //设置查找目录名      
  21.     lstrcpy(lpfilename,lpDirectory);     
  22.     if (lpfilename[strlen(lpfilename) - 1] == '\\')     
  23.         lstrcat(lpfilename, "*");     
  24.     else     
  25.         lstrcat(lpfilename, "\\*");     
  26.          
  27.     if (flag)     
  28.     {     
  29.         if (MessageBox(0,lpfilename,"是否清空下列目录?",MB_OKCANCEL)!=IDOK)      
  30.             return;     
  31.     }     
  32.          
  33.     lhandle = FindFirstFile( lpfilename, &FindData );     
  34.     if (lhandle = 0) return;     
  35.          
  36.     while (FindNextFile(lhandle,&FindData))     
  37.     {            
  38.         if (strcmp(FindData.cFileName,"..") == 0)     
  39.             continue;     
  40.              
  41.         //配置完整路径      
  42.         lstrcpy(lpfilename,lpDirectory);     
  43.         lstrcat(lpfilename, "\\");     
  44.         lstrcat(lpfilename, FindData.cFileName);     
  45.                      
  46.         //出现子目录      
  47.         if ((FindData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) == FILE_ATTRIBUTE_DIRECTORY)     
  48.         {     
  49.             DeleteDirectory(lpfilename,flag);     
  50.             continue;     
  51.         };     
  52.                  
  53.         //删除文件      
  54.         DeleteFile(lpfilename);     
  55.              
  56.     };     
  57.      
  58.     FindClose(lhandle);     
  59.      
  60.     //MessageBox(0,lpDirectory,"END Find",MB_OK);      
  61.      
  62.     //删除目录      
  63.     RemoveDirectory(lpDirectory);     
  64.      
  65. }     
  66.      
  67. //删除自身      
  68. extern "C" __declspec(dllexportvoid CALLBACK MagicDel(HWND,HINSTANCE,LPTSTR lpCmdLine,int)     
  69. {     
  70.     // 延时2秒      
  71.     Sleep(200);     
  72.     // 删除创建该进程的可执行文件      
  73.     DeleteFile(lpCmdLine);     
  74.     //DeleteDirectory(lpCmdLine,1);      
  75.      
  76.     // 删除DLL自己      
  77.     char filenameDLL[MAX_PATH];     
  78.     GetModuleFileName(g_hmodDLL, filenameDLL, sizeof(filenameDLL));     
  79.      
  80.     __asm     
  81.     {     
  82.         lea eax, filenameDLL     
  83.         push 0     
  84.         push 0     
  85.         push eax     
  86.         push ExitProcess     
  87.         push g_hmodDLL     
  88.         push DeleteFile     
  89.         push FreeLibrary     
  90.         ret     
  91.     }     
  92. }    

 

 

    
标签:

相关文章