Understanding a self-deleting program in C++

后端 未结 1 984
小鲜肉
小鲜肉 2021-02-09 02:05

There is a self deleting program

#include 
#include 

void main(int argc, char* argv[])
{
    STARTUPINFO si = {0};
    PROCESS_I         


        
相关标签:
1条回答
  • 2021-02-09 02:42

    Here's an explanation (as I understand things)

    void main(int argc, char* argv[])
    {
        STARTUPINFO si = {0};
        PROCESS_INFORMATION pi = {0};
        si.cb = sizeof(si);
    
        if (argc == 1)
        {
            SECURITY_ATTRIBUTES sa;
            sa.nLength = sizeof(sa);
            sa.lpSecurityDescriptor = NULL;
            sa.bInheritHandle = TRUE;
    
            // Make a copy of ourselves which we'll use to delete the version we were run from
            CopyFile(argv[0], "1.exe", FALSE);
    
            // Rename the running copy of ourself to another name
            MoveFile(argv[0], "2.exe");
    
            // Make sure we delete the copy of ourselves that's going to delete us when we die
            CreateFile("1.exe", 0, FILE_SHARE_READ, &sa, OPEN_EXISTING, FILE_FLAG_DELETE_ON_CLOSE, NULL);
    
            // Invoke the process that will delete us
            // allowing it to inherit the handle we just created above.
            CreateProcess(NULL, "1.exe x", NULL, NULL, TRUE, 0, NULL, NULL, &si, &pi);
        }
        else if (argc == 2)
        {
            // Wait for the original program to die (deleting us and closing a handle), then delete it
            while(!DeleteFile("2.exe"));
    
            // Launch a child process which will inherit our file handles
            // -- This keeps the file handle with FILE_FLAG_DELETE_ON_CLOSE (which we inherited) alive beyond our lifetime
            // this allowing us to be deleted after we've died and our own handle is closed.
            CreateProcess(NULL, "notepad", NULL, NULL, TRUE, DEBUG_ONLY_THIS_PROCESS, NULL, NULL, &si, &pi);
        }
    }
    
    0 讨论(0)
提交回复
热议问题