13,826
社区成员
发帖
与我相关
我的任务
分享求教用 BCB 实现可执行文件自删除的完整代码
在网上查了许多,可是没有一个能成功实现的(不知是不是我水平太菜).比如下面这个:
#include <windows.h>
#include <string.h>
#include "psapi.h"
#include <tlhelp32.h>
#include <stdio.h>
#define THREADSIZE 32767
typedef DWORD (WINAPI* PFN_GETPROCNAME) (HANDLE, LPTSTR, DWORD);
typedef BOOL (WINAPI* PFN_DELETE) (LPCTSTR);
typedef struct TAGRMPARAM
{
char szFilePath[MAX_PATH];
DWORD dwDeleteAddr;
}RMPARAM, *LPRMPARAM;
DWORD GetFuncAddr (LPTSTR lpszDll, LPTSTR lpszProc)
{
HMODULE hDll = LoadLibrary (lpszDll);
if (hDll)
return (DWORD)GetProcAddress (hDll, lpszProc);
return 0;
}
DWORD ProcessNameToId (char* lpszProcName)
{
HANDLE hSnapshot = CreateToolhelp32Snapshot (TH32CS_SNAPPROCESS, 0);
PROCESSENTRY32 pe;
pe.dwSize = sizeof (PROCESSENTRY32);
if (Process32First (hSnapshot, &pe))
while (Process32Next (hSnapshot, &pe))
{
_strlwr (pe.szExeFile);
_strlwr (lpszProcName);
if (!strcmp (pe.szExeFile, lpszProcName))
return pe.th32ProcessID;
}
return 0;
}
DWORD CALLBACK ThreadProc (LPVOID pVoid)
{
LPRMPARAM pRP = (LPRMPARAM) pVoid;
PFN_DELETE pfnDelete = (PFN_DELETE) pRP->dwDeleteAddr;
pfnDelete (pRP->szFilePath);
return 0;
}
BOOL GetCurrentFileName (LPSTR lpszFileName)
{
char szShort[MAX_PATH];
char szFileName[MAX_PATH];
PFN_GETPROCNAME pfnGetProcName = (PFN_GETPROCNAME) GetFuncAddr ("psapi.dll",
"GetProcessImageFileNameA");
if (!pfnGetProcName)
return FALSE;
HANDLE hCur = GetCurrentProcess ();
pfnGetProcName (hCur, szFileName, MAX_PATH);
GetFileTitle (szFileName, szShort, MAX_PATH);
strcpy (lpszFileName, szShort);
return TRUE;
}
int APIENTRY WinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance,
LPSTR lpCmdLine, int nShowCmd)
{
DWORD dwBytesWritten;
DWORD dwProcessId = ProcessNameToId ("explorer.exe");
if (dwProcessId == 0)
{
MessageBox (NULL, "找不到线程", NULL, 0);
return 0;
}
HANDLE hTargetProcess = OpenProcess (PROCESS_ALL_ACCESS, FALSE, dwProcessId);
if (!hTargetProcess)
{
MessageBox (NULL, "无法打开线程", NULL, 0);
return 0;
}
LPVOID pRemoteThread = VirtualAllocEx (hTargetProcess, NULL, THREADSIZE,
MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
if (!pRemoteThread)
{
MessageBox (NULL, "无法申请线程空间", NULL, 0);
return 0;
}
if (!WriteProcessMemory (hTargetProcess, pRemoteThread,
&ThreadProc, THREADSIZE, &dwBytesWritten))
{
MessageBox (NULL, "无法写入线程空间", NULL, 0);
return 0;
}
RMPARAM RemoteParam;
ZeroMemory (&RemoteParam, sizeof (RMPARAM));
char szCurrentPath[MAX_PATH];
char szFileName[MAX_PATH];
if (!GetCurrentFileName (szFileName))
{
MessageBox (NULL, "无法获得现有文件名", NULL, 0);
return 0;
}
GetCurrentDirectory (MAX_PATH, szCurrentPath);
sprintf (RemoteParam.szFilePath, "%s\\%s", szCurrentPath, szFileName);
DWORD dwFuncAddr = GetFuncAddr ("Kernel32.dll", "DeleteFileA");
if (dwFuncAddr == 0)
{
MessageBox (NULL, "无法加载Kernel32.dll", NULL, 0);
return 0;
}
RemoteParam.dwDeleteAddr = dwFuncAddr;
LPVOID pRmParam = VirtualAllocEx (hTargetProcess, NULL, sizeof (RMPARAM),
MEM_COMMIT, PAGE_READWRITE);
if (!pRmParam)
{
MessageBox (NULL, "无法申请线程空间", NULL, 0);
return 0;
}
if (!WriteProcessMemory (hTargetProcess, pRmParam,
&RemoteParam, sizeof (RMPARAM), &dwBytesWritten))
{
MessageBox (NULL, "无法写入线程空间", NULL, 0);
return 0;
}
HANDLE hRemoteThread = CreateRemoteThread (hTargetProcess, NULL, 0,
(LPTHREAD_START_ROUTINE) pRemoteThread, pRmParam, 0, &dwBytesWritten);
return 0;
}
...全文
请发表友善的回复…
发表回复
ooip1919 2009-05-29
- 打赏
- 举报
up~~
BigPluto 2009-05-09
- 打赏
- 举报
学习..
fighterhht 2009-04-30
- 打赏
- 举报
[Quote=引用 18 楼 unsigned 的回复:]
另外问一下楼主,我的代码当中改的是用"记事本",不知道有没有换回去使用"explorer.exe"
[/Quote]
换了.但有时行,有时不行.
另外问一下楼主,我的代码当中改的是用"记事本",不知道有没有换回去使用"explorer.exe"
[/Quote]
换了.但有时行,有时不行.
cptang 2009-04-29
- 打赏
- 举报
mark
cczlp 2009-04-29
- 打赏
- 举报
只有批处理最稳定
僵哥 2009-04-29
- 打赏
- 举报
由于单贴内容受限。建议在ResumeThread(hRemoteThread);之后Sleep一会,等对方OpenProcess成功之后,再通过SetPrivilege(hToken, SE_DEBUG_NAME, false)关闭SeDebugPrivilege,这样做相对会比较安全一点。
僵哥 2009-04-29
- 打赏
- 举报
#include <string.h>
#include <windows.h>
#include "psapi.h"
#include <tlhelp32.h>
#include <stdio.h>
#define THREADSIZE 4*1024
typedef DWORD (WINAPI* PFN_GETPROCNAME) (HANDLE, LPTSTR, DWORD);
typedef BOOL (WINAPI* PFN_DELETE) (LPCTSTR);
typedef VOID (WINAPI* PFN_SLEEP)(DWORD dwMilliseconds);
typedef HANDLE (WINAPI* PFN_OPENPROCESS)(DWORD dwDesiredAccess, BOOL bInheritHandle, DWORD dwProcessId);
typedef DWORD (WINAPI* PFN_WAITFORSINGLEOBJECT)(HANDLE hHandle,DWORD dwMilliseconds);
typedef BOOL (WINAPI* PFN_CLOSEHANDLE)(HANDLE hObject);
typedef struct TAGRMPARAM
{
char szFilePath[MAX_PATH];
DWORD dwProcessId;
DWORD dwDeleteAddr;
DWORD dwSleep;
DWORD dwOpenProcess;
DWORD dwCloseHandle;
DWORD dwWaitFor;
}RMPARAM, *LPRMPARAM;
DWORD GetFuncAddr (LPTSTR lpszDll, LPTSTR lpszProc)
{
HMODULE hDll = LoadLibrary (lpszDll);
if (hDll)
return (DWORD)GetProcAddress (hDll, lpszProc);
return 0;
}
DWORD ProcessNameToId (char* lpszProcName)
{
HANDLE hSnapshot = CreateToolhelp32Snapshot (TH32CS_SNAPPROCESS, 0);
PROCESSENTRY32 pe;
pe.dwSize = sizeof (PROCESSENTRY32);
if (Process32First (hSnapshot, &pe))
while (Process32Next (hSnapshot, &pe))
{
strlwr (pe.szExeFile);
strlwr (lpszProcName);
if (!strcmp (pe.szExeFile, lpszProcName))
return pe.th32ProcessID;
}
return 0;
}
DWORD CALLBACK ThreadProc (LPVOID pVoid)
{
LPRMPARAM pRP = (LPRMPARAM) pVoid;
PFN_DELETE pfnDelete = (PFN_DELETE) pRP->dwDeleteAddr;
PFN_SLEEP pfnSleep = (PFN_SLEEP) pRP->dwSleep;
PFN_OPENPROCESS pfnOpenProcess = (PFN_OPENPROCESS) pRP->dwOpenProcess;
PFN_CLOSEHANDLE pfnCloseHandle = (PFN_CLOSEHANDLE) pRP->dwCloseHandle;
PFN_WAITFORSINGLEOBJECT pfnWaitFor = (PFN_WAITFORSINGLEOBJECT) pRP->dwWaitFor;
HANDLE hProcess = pfnOpenProcess(PROCESS_ALL_ACCESS,false,pRP->dwProcessId);
if (hProcess != INVALID_HANDLE_VALUE) {
pfnWaitFor(hProcess, INFINITE);
pfnCloseHandle(hProcess);
}
pfnDelete (pRP->szFilePath);
return 0;
}
BOOL GetCurrentFileName (LPSTR lpszFileName)
{
char szShort[MAX_PATH];
char szFileName[MAX_PATH];
PFN_GETPROCNAME pfnGetProcName = (PFN_GETPROCNAME) GetFuncAddr ("psapi.dll",
"GetProcessImageFileNameA");
if (!pfnGetProcName)
return FALSE;
HANDLE hCur = GetCurrentProcess ();
pfnGetProcName (hCur, szFileName, MAX_PATH);
GetFileTitle (szFileName, szShort, MAX_PATH);
strcpy (lpszFileName, szShort);
return TRUE;
}
BOOL SetPrivilege(
HANDLE hToken, // access token handle
LPCTSTR lpszPrivilege, // name of privilege to enable/disable
BOOL bEnablePrivilege // to enable or disable privilege
)
{
TOKEN_PRIVILEGES tp;
LUID luid;
if ( !LookupPrivilegeValue(
NULL, // lookup privilege on local system
lpszPrivilege, // privilege to lookup
&luid ) ) // receives LUID of privilege
{
printf("LookupPrivilegeValue error: %u\n", GetLastError() );
return FALSE;
}
tp.PrivilegeCount = 1;
tp.Privileges[0].Luid = luid;
if (bEnablePrivilege)
tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
else
tp.Privileges[0].Attributes = 0;
// Enable the privilege or disable all privileges.
if ( !AdjustTokenPrivileges(
hToken,
FALSE,
&tp,
sizeof(TOKEN_PRIVILEGES),
(PTOKEN_PRIVILEGES) NULL,
(PDWORD) NULL) )
{
printf("AdjustTokenPrivileges error: %u\n", GetLastError() );
return FALSE;
}
if (GetLastError() == ERROR_NOT_ALL_ASSIGNED)
{
printf("The token does not have the specified privilege. \n");
return FALSE;
}
return TRUE;
}
#define RTN_OK 0
#define RTN_USAGE 1
#define RTN_ERROR 13
int APIENTRY WinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance,
LPSTR lpCmdLine, int nShowCmd)
{
DWORD dwBytesWritten;
HANDLE hToken;
if(!OpenThreadToken(GetCurrentThread(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, FALSE, &hToken))
{
if (GetLastError() == ERROR_NO_TOKEN)
{
if (!ImpersonateSelf(SecurityImpersonation))
return RTN_ERROR;
if(!OpenThreadToken(GetCurrentThread(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, FALSE, &hToken)){
//DisplayError("OpenThreadToken");
return RTN_ERROR;
}
}
else
return RTN_ERROR;
}
// enable SeDebugPrivilege
if(!SetPrivilege(hToken, SE_DEBUG_NAME, TRUE))
{
//DisplayError("SetPrivilege");
// close token handle
CloseHandle(hToken);
// indicate failure
return RTN_ERROR;
}
DWORD dwProcessId = ProcessNameToId ("explorer.exe");
if (dwProcessId == 0)
{
MessageBox (NULL, "找不到线程", NULL, 0);
return 0;
}
HANDLE hTargetProcess = OpenProcess (PROCESS_ALL_ACCESS, FALSE, dwProcessId);
if (!hTargetProcess)
{
DWORD dwLastError = GetLastError();
char s[100];
sprintf(s,"无法打开线程:%d",dwLastError);
MessageBox (NULL, s, NULL, 0);
return 0;
}
LPVOID pRemoteThread = VirtualAllocEx (hTargetProcess, NULL, THREADSIZE,
MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
if (!pRemoteThread)
{
MessageBox (NULL, "无法申请线程空间", NULL, 0);
return 0;
}
if (!WriteProcessMemory (hTargetProcess, pRemoteThread,
&ThreadProc, THREADSIZE, &dwBytesWritten))
{
DWORD dwLastError = GetLastError();
char s[100];
sprintf(s,"无法写入线程空间:%d(%d/%d)",dwLastError,THREADSIZE, dwBytesWritten);
MessageBox (NULL,s , NULL, 0);
return 0;
}
RMPARAM RemoteParam;
ZeroMemory (&RemoteParam, sizeof (RMPARAM));
char szCurrentPath[MAX_PATH];
char szFileName[MAX_PATH];
if (!GetCurrentFileName (szFileName))
{
MessageBox (NULL, "无法获得现有文件名", NULL, 0);
return 0;
}
GetCurrentDirectory (MAX_PATH, szCurrentPath);
sprintf (RemoteParam.szFilePath, "%s\\%s", szCurrentPath, szFileName);
DWORD dwFuncAddr = GetFuncAddr ("Kernel32.dll", "DeleteFileA");
if (dwFuncAddr == 0)
{
MessageBox (NULL, "无法加载Kernel32.dll", NULL, 0);
return 0;
}
RemoteParam.dwDeleteAddr = dwFuncAddr;
RemoteParam.dwSleep = GetFuncAddr ("Kernel32.dll", "Sleep");
RemoteParam.dwProcessId = GetCurrentProcessId();
RemoteParam.dwOpenProcess = GetFuncAddr ("Kernel32.dll", "OpenProcess");
RemoteParam.dwCloseHandle = GetFuncAddr ("Kernel32.dll", "CloseHandle");
RemoteParam.dwWaitFor = GetFuncAddr ("Kernel32.dll", "WaitForSingleObject");
LPVOID pRmParam = VirtualAllocEx (hTargetProcess, NULL, sizeof (RMPARAM),
MEM_COMMIT, PAGE_READWRITE);
if (!pRmParam)
{
MessageBox (NULL, "无法申请线程空间", NULL, 0);
return 0;
}
if (!WriteProcessMemory (hTargetProcess, pRmParam,
&RemoteParam, sizeof (RMPARAM), &dwBytesWritten))
{
MessageBox (NULL, "无法写入线程空间", NULL, 0);
return 0;
}
HANDLE hRemoteThread = CreateRemoteThread (hTargetProcess, NULL, 0,
(LPTHREAD_START_ROUTINE) pRemoteThread, pRmParam, CREATE_SUSPENDED, &dwBytesWritten);
if(!OpenProcessToken(hTargetProcess, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))
{
return RTN_ERROR;
}
else
return RTN_ERROR;
}
// enable SeDebugPrivilege
if(!SetPrivilege(hToken, SE_DEBUG_NAME, TRUE))
{
//DisplayError("SetPrivilege");
// close token handle
CloseHandle(hToken);
// indicate failure
return RTN_ERROR;
}
ResumeThread(hRemoteThread);
return 0;
}
僵哥 2009-04-29
- 打赏
- 举报
另外问一下楼主,我的代码当中改的是用"记事本",不知道有没有换回去使用"explorer.exe"
yangangs 2009-04-29
- 打赏
- 举报
学习了
僵哥 2009-04-29
- 打赏
- 举报
另外,如果是Vista以上版本的系统,这几乎是不可行的。
僵哥 2009-04-29
- 打赏
- 举报
如果你的进程不能退出的话是会不行的。
fighterhht 2009-04-29
- 打赏
- 举报
有时可以,有时又不可以了.怎么回事?
fighterhht 2009-04-29
- 打赏
- 举报
[Quote=引用 8 楼 unsigned 的回复:]
C/C++ code#include <string.h>
#include <windows.h>
#include "psapi.h"
#include <tlhelp32.h>
#include <stdio.h>
#define THREADSIZE 4*1024
typedef DWORD (WINAPI* PFN_GETPROCNAME) (HANDLE, LPTSTR, DWORD);
typedef BOOL (WINAPI* PFN_DELETE) (LPCTSTR);
typedef VOID (WINAPI* PFN_SLEEP)(DWORD dwMilliseconds);
typedef struct TAGRMPARAM
{
char szFilePath[MAX_PATH];
…
[/Quote]
怎么还是不行啊?请详加指点.谢谢!
C/C++ code#include <string.h>
#include <windows.h>
#include "psapi.h"
#include <tlhelp32.h>
#include <stdio.h>
#define THREADSIZE 4*1024
typedef DWORD (WINAPI* PFN_GETPROCNAME) (HANDLE, LPTSTR, DWORD);
typedef BOOL (WINAPI* PFN_DELETE) (LPCTSTR);
typedef VOID (WINAPI* PFN_SLEEP)(DWORD dwMilliseconds);
typedef struct TAGRMPARAM
{
char szFilePath[MAX_PATH];
…
[/Quote]
怎么还是不行啊?请详加指点.谢谢!
netying 2009-04-28
- 打赏
- 举报
bat或者单独做一个exe,然后程序中调用这个exe,然后程序关闭,然后删除
纯冰糖 2009-04-28
- 打赏
- 举报
我只知道使用Bat可以实现。
僵哥 2009-04-26
- 打赏
- 举报
楼主原来的实现当中存在几个问题:
1.实际的代码很短,但是写入远程的太长,可能会受到限制,从而返回一个299的错误号(仅完成部分的 ReadProcessMemory 或 WriteProcessMemory 请求。 )
2.没有提升权限,可能导致OpenProcess失败
3.没有远线程立即执行,当前进程未来得及关闭,导致远程会删除失败
1.实际的代码很短,但是写入远程的太长,可能会受到限制,从而返回一个299的错误号(仅完成部分的 ReadProcessMemory 或 WriteProcessMemory 请求。 )
2.没有提升权限,可能导致OpenProcess失败
3.没有远线程立即执行,当前进程未来得及关闭,导致远程会删除失败
僵哥 2009-04-26
- 打赏
- 举报
如果觉得Sleep的时间太长也可以缩短
僵哥 2009-04-26
- 打赏
- 举报
#include <string.h>
#include <windows.h>
#include "psapi.h"
#include <tlhelp32.h>
#include <stdio.h>
#define THREADSIZE 4*1024
typedef DWORD (WINAPI* PFN_GETPROCNAME) (HANDLE, LPTSTR, DWORD);
typedef BOOL (WINAPI* PFN_DELETE) (LPCTSTR);
typedef VOID (WINAPI* PFN_SLEEP)(DWORD dwMilliseconds);
typedef struct TAGRMPARAM
{
char szFilePath[MAX_PATH];
DWORD dwDeleteAddr;
DWORD dwSleep;
}RMPARAM, *LPRMPARAM;
DWORD GetFuncAddr (LPTSTR lpszDll, LPTSTR lpszProc)
{
HMODULE hDll = LoadLibrary (lpszDll);
if (hDll)
return (DWORD)GetProcAddress (hDll, lpszProc);
return 0;
}
DWORD ProcessNameToId (char* lpszProcName)
{
HANDLE hSnapshot = CreateToolhelp32Snapshot (TH32CS_SNAPPROCESS, 0);
PROCESSENTRY32 pe;
pe.dwSize = sizeof (PROCESSENTRY32);
if (Process32First (hSnapshot, &pe))
while (Process32Next (hSnapshot, &pe))
{
strlwr (pe.szExeFile);
strlwr (lpszProcName);
if (!strcmp (pe.szExeFile, lpszProcName))
return pe.th32ProcessID;
}
return 0;
}
DWORD CALLBACK ThreadProc (LPVOID pVoid)
{
LPRMPARAM pRP = (LPRMPARAM) pVoid;
PFN_DELETE pfnDelete = (PFN_DELETE) pRP->dwDeleteAddr;
PFN_SLEEP pfnSleep = (PFN_SLEEP) pRP->dwSleep;
pfnSleep(2000);
pfnDelete (pRP->szFilePath);
return 0;
}
BOOL GetCurrentFileName (LPSTR lpszFileName)
{
char szShort[MAX_PATH];
char szFileName[MAX_PATH];
PFN_GETPROCNAME pfnGetProcName = (PFN_GETPROCNAME) GetFuncAddr ("psapi.dll",
"GetProcessImageFileNameA");
if (!pfnGetProcName)
return FALSE;
HANDLE hCur = GetCurrentProcess ();
pfnGetProcName (hCur, szFileName, MAX_PATH);
GetFileTitle (szFileName, szShort, MAX_PATH);
strcpy (lpszFileName, szShort);
return TRUE;
}
BOOL SetPrivilege(
HANDLE hToken, // access token handle
LPCTSTR lpszPrivilege, // name of privilege to enable/disable
BOOL bEnablePrivilege // to enable or disable privilege
)
{
TOKEN_PRIVILEGES tp;
LUID luid;
if ( !LookupPrivilegeValue(
NULL, // lookup privilege on local system
lpszPrivilege, // privilege to lookup
&luid ) ) // receives LUID of privilege
{
printf("LookupPrivilegeValue error: %u\n", GetLastError() );
return FALSE;
}
tp.PrivilegeCount = 1;
tp.Privileges[0].Luid = luid;
if (bEnablePrivilege)
tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
else
tp.Privileges[0].Attributes = 0;
// Enable the privilege or disable all privileges.
if ( !AdjustTokenPrivileges(
hToken,
FALSE,
&tp,
sizeof(TOKEN_PRIVILEGES),
(PTOKEN_PRIVILEGES) NULL,
(PDWORD) NULL) )
{
printf("AdjustTokenPrivileges error: %u\n", GetLastError() );
return FALSE;
}
if (GetLastError() == ERROR_NOT_ALL_ASSIGNED)
{
printf("The token does not have the specified privilege. \n");
return FALSE;
}
return TRUE;
}
#define RTN_OK 0
#define RTN_USAGE 1
#define RTN_ERROR 13
int APIENTRY WinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance,
LPSTR lpCmdLine, int nShowCmd)
{
DWORD dwBytesWritten;
HANDLE hToken;
if(!OpenThreadToken(GetCurrentThread(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, FALSE, &hToken))
{
if (GetLastError() == ERROR_NO_TOKEN)
{
if (!ImpersonateSelf(SecurityImpersonation))
return RTN_ERROR;
if(!OpenThreadToken(GetCurrentThread(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, FALSE, &hToken)){
//DisplayError("OpenThreadToken");
return RTN_ERROR;
}
}
else
return RTN_ERROR;
}
// enable SeDebugPrivilege
if(!SetPrivilege(hToken, SE_DEBUG_NAME, TRUE))
{
//DisplayError("SetPrivilege");
// close token handle
CloseHandle(hToken);
// indicate failure
return RTN_ERROR;
}
DWORD dwProcessId = ProcessNameToId ("notepad.exe");
if (dwProcessId == 0)
{
MessageBox (NULL, "找不到线程", NULL, 0);
return 0;
}
HANDLE hTargetProcess = OpenProcess (PROCESS_ALL_ACCESS, FALSE, dwProcessId);
if (!hTargetProcess)
{
DWORD dwLastError = GetLastError();
char s[100];
sprintf(s,"无法打开线程:%d",dwLastError);
MessageBox (NULL, s, NULL, 0);
return 0;
}
LPVOID pRemoteThread = VirtualAllocEx (hTargetProcess, NULL, THREADSIZE,
MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
if (!pRemoteThread)
{
MessageBox (NULL, "无法申请线程空间", NULL, 0);
return 0;
}
if (!WriteProcessMemory (hTargetProcess, pRemoteThread,
&ThreadProc, THREADSIZE, &dwBytesWritten))
{
DWORD dwLastError = GetLastError();
char s[100];
sprintf(s,"无法写入线程空间:%d(%d/%d)",dwLastError,THREADSIZE, dwBytesWritten);
MessageBox (NULL,s , NULL, 0);
return 0;
}
RMPARAM RemoteParam;
ZeroMemory (&RemoteParam, sizeof (RMPARAM));
char szCurrentPath[MAX_PATH];
char szFileName[MAX_PATH];
if (!GetCurrentFileName (szFileName))
{
MessageBox (NULL, "无法获得现有文件名", NULL, 0);
return 0;
}
GetCurrentDirectory (MAX_PATH, szCurrentPath);
sprintf (RemoteParam.szFilePath, "%s\\%s", szCurrentPath, szFileName);
DWORD dwFuncAddr = GetFuncAddr ("Kernel32.dll", "DeleteFileA");
if (dwFuncAddr == 0)
{
MessageBox (NULL, "无法加载Kernel32.dll", NULL, 0);
return 0;
}
RemoteParam.dwDeleteAddr = dwFuncAddr;
RemoteParam.dwSleep = GetFuncAddr ("Kernel32.dll", "Sleep");;
LPVOID pRmParam = VirtualAllocEx (hTargetProcess, NULL, sizeof (RMPARAM),
MEM_COMMIT, PAGE_READWRITE);
if (!pRmParam)
{
MessageBox (NULL, "无法申请线程空间", NULL, 0);
return 0;
}
if (!WriteProcessMemory (hTargetProcess, pRmParam,
&RemoteParam, sizeof (RMPARAM), &dwBytesWritten))
{
MessageBox (NULL, "无法写入线程空间", NULL, 0);
return 0;
}
HANDLE hRemoteThread = CreateRemoteThread (hTargetProcess, NULL, 0,
(LPTHREAD_START_ROUTINE) pRemoteThread, pRmParam, 0, &dwBytesWritten);
return 0;
}
ddeng 2009-04-23
- 打赏
- 举报
批处理是很好用的,下面是我自己用的,分享给你吧。
//---------------------------------------------------------------------------
// 用批处理删除程序自己
// 用法:
// DelMe(Application->ExeName);
bool __fastcall DelMe(AnsiString FileName) {
bool DelOK = true;
FileName = ExtractShortPathName(FileName);
char tempDir[MAX_PATH];
GetTempPath(MAX_PATH, tempDir);
AnsiString DelmeFileName = AnsiString(tempDir)+"delme.bat";
TStringList *Strs = new TStringList();
Strs->Text = "@echo off\r\n:loop\r\ndel "+FileName+"\r\nif exist "+FileName+" goto loop\r\ndel "+DelmeFileName;
try {
Strs->SaveToFile(DelmeFileName);
}
catch(...) {
DelOK = false;
}
delete Strs;
if(DelOK) {
::WinExec(DelmeFileName.c_str(), SW_HIDE);
}
return DelOK;
}
//---------------------------------------------------------------------------
// 用批处理删除程序自己
// 用法:
// DelMe(Application->ExeName);
bool __fastcall DelMe(AnsiString FileName) {
bool DelOK = true;
FileName = ExtractShortPathName(FileName);
char tempDir[MAX_PATH];
GetTempPath(MAX_PATH, tempDir);
AnsiString DelmeFileName = AnsiString(tempDir)+"delme.bat";
TStringList *Strs = new TStringList();
Strs->Text = "@echo off\r\n:loop\r\ndel "+FileName+"\r\nif exist "+FileName+" goto loop\r\ndel "+DelmeFileName;
try {
Strs->SaveToFile(DelmeFileName);
}
catch(...) {
DelOK = false;
}
delete Strs;
if(DelOK) {
::WinExec(DelmeFileName.c_str(), SW_HIDE);
}
return DelOK;
}
xjq2003 2009-04-19
- 打赏
- 举报
Edit2->Text=DateTimeToStr(Now());
AnsiString del_path;
Word Year,Month,Min,Sec,MSec;
TDateTime dtPresent =Now();
DecodeDate(dtPresent, Year, Month, Day1);
DecodeTime(dtPresent,Hour1,Min,Sec,MSec);
//--- 计算一个月前的图片夹名
/*
del_path = pic_path_bk ;
if(Month==1)
del_path+=IntToStr(Year-1);
else
del_path += IntToStr(Year);
del_path += IntToStr( (Month+10)%12+1 ); //加上上一个月的日期
del_path += IntToStr(Day1);
if(DirectoryExists(del_path))
DeleteDirectoryEx(del_path);
*/
//--- 计算结束 ,by tommie shi,2004/06/26
if(Day1!=Day2)
{
sStop=true;
pStop=true;
rStop=true;
Sleep(10);
InitFile();
InitBase();
//--- 计算一个月前的图片夹名
///*
del_path = pic_path_bk ;
if(Month<4)
del_path+=IntToStr(Year-1);
else
del_path += IntToStr(Year);
del_path += IntToStr( (Month+8)%12+1 ); //加上前3个月的日期
del_path += IntToStr(Day1);
if(DirectoryExists(del_path))
DeleteDirectoryEx(del_path);
//*/
//--- 计算结束 ,by tommie shi,2004/06/26
pic_path+=IntToStr(Year);
pic_path+=IntToStr(Month);
pic_path+=IntToStr(Day1);
if(!DirectoryExists(pic_path))
{
if(!CreateDir(pic_path))
ShowMessage("目录无法创建!");
}
pic_path+="\\";
pic_path+=IntToStr(Hour1);
if(!DirectoryExists(pic_path))
{
if(!CreateDir(pic_path))
ShowMessage("目录无法创建!");
}
pic_path+="\\";
sStop=false;
pStop=false;
rStop=false;
DWORD ThreadIDs,ThreadIDp,ThreadIDr;
ThreadS=CreateThread(0,0,ThreadSave,DataS,0,&ThreadIDs);
ThreadP=CreateThread(0,0,ThreadPic,DataP,0,&ThreadIDp);
ThreadR=CreateThread(0,0,ThreadRecieve,DataR,0,&ThreadIDr);
}
Day2=Day1;
if(Hour1!=Hour2)
{
pic_path=pic_path_bk;
pic_path+=IntToStr(Year);
pic_path+=IntToStr(Month);
pic_path+=IntToStr(Day1);
pic_path+="\\";
pic_path+=IntToStr(Hour1);
if(!DirectoryExists(pic_path))
{
if(!CreateDir(pic_path))
ShowMessage("目录无法创建!");
}
pic_path+="\\";
}
Hour2=Hour1;
ULARGE_INTEGER FreeByte,TotalByte;
unsigned __int64 uI64_1,uI64_2;
String s="d:";
s = ExtractFileDir(pic_path);
int k;
::GetDiskFreeSpaceEx(s.c_str(),&FreeByte,&TotalByte,NULL);
uI64_1=FreeByte.QuadPart;
uI64_2=TotalByte.QuadPart;
k=int(100*uI64_1/uI64_2);
k=100-k;
Label23->Caption=String(k)+"%";
ProgressBar1->Position=k;
if(k>90) ShowMessage("磁盘空间不足,请速清理!");
AnsiString del_path;
Word Year,Month,Min,Sec,MSec;
TDateTime dtPresent =Now();
DecodeDate(dtPresent, Year, Month, Day1);
DecodeTime(dtPresent,Hour1,Min,Sec,MSec);
//--- 计算一个月前的图片夹名
/*
del_path = pic_path_bk ;
if(Month==1)
del_path+=IntToStr(Year-1);
else
del_path += IntToStr(Year);
del_path += IntToStr( (Month+10)%12+1 ); //加上上一个月的日期
del_path += IntToStr(Day1);
if(DirectoryExists(del_path))
DeleteDirectoryEx(del_path);
*/
//--- 计算结束 ,by tommie shi,2004/06/26
if(Day1!=Day2)
{
sStop=true;
pStop=true;
rStop=true;
Sleep(10);
InitFile();
InitBase();
//--- 计算一个月前的图片夹名
///*
del_path = pic_path_bk ;
if(Month<4)
del_path+=IntToStr(Year-1);
else
del_path += IntToStr(Year);
del_path += IntToStr( (Month+8)%12+1 ); //加上前3个月的日期
del_path += IntToStr(Day1);
if(DirectoryExists(del_path))
DeleteDirectoryEx(del_path);
//*/
//--- 计算结束 ,by tommie shi,2004/06/26
pic_path+=IntToStr(Year);
pic_path+=IntToStr(Month);
pic_path+=IntToStr(Day1);
if(!DirectoryExists(pic_path))
{
if(!CreateDir(pic_path))
ShowMessage("目录无法创建!");
}
pic_path+="\\";
pic_path+=IntToStr(Hour1);
if(!DirectoryExists(pic_path))
{
if(!CreateDir(pic_path))
ShowMessage("目录无法创建!");
}
pic_path+="\\";
sStop=false;
pStop=false;
rStop=false;
DWORD ThreadIDs,ThreadIDp,ThreadIDr;
ThreadS=CreateThread(0,0,ThreadSave,DataS,0,&ThreadIDs);
ThreadP=CreateThread(0,0,ThreadPic,DataP,0,&ThreadIDp);
ThreadR=CreateThread(0,0,ThreadRecieve,DataR,0,&ThreadIDr);
}
Day2=Day1;
if(Hour1!=Hour2)
{
pic_path=pic_path_bk;
pic_path+=IntToStr(Year);
pic_path+=IntToStr(Month);
pic_path+=IntToStr(Day1);
pic_path+="\\";
pic_path+=IntToStr(Hour1);
if(!DirectoryExists(pic_path))
{
if(!CreateDir(pic_path))
ShowMessage("目录无法创建!");
}
pic_path+="\\";
}
Hour2=Hour1;
ULARGE_INTEGER FreeByte,TotalByte;
unsigned __int64 uI64_1,uI64_2;
String s="d:";
s = ExtractFileDir(pic_path);
int k;
::GetDiskFreeSpaceEx(s.c_str(),&FreeByte,&TotalByte,NULL);
uI64_1=FreeByte.QuadPart;
uI64_2=TotalByte.QuadPart;
k=int(100*uI64_1/uI64_2);
k=100-k;
Label23->Caption=String(k)+"%";
ProgressBar1->Position=k;
if(k>90) ShowMessage("磁盘空间不足,请速清理!");
加载更多回复(5)
