void WriteResourceToFile(HINSTANCE hInstance,int idResource,char const *filename)
{
// 存取二进制资源
HRSRC hResInfo = FindResource(hInstance, MAKEINTRESOURCE(idResource),
MAKEINTRESOURCE(RC_BINARYTYPE));
HGLOBAL hgRes = LoadResource(hInstance, hResInfo);
void *pvRes = LockResource(hgRes);
DWORD cbRes = SizeofResource(hInstance, hResInfo);
// 将二进制资源写到文件
HANDLE hFile = CreateFile(filename, GENERIC_WRITE, 0, 0, CREATE_ALWAYS,
FILE_ATTRIBUTE_NORMAL, 0);
DWORD cbWritten;
WriteFile(hFile, pvRes, cbRes, &cbWritten, 0);
CloseHandle(hFile);
}
void SelfDelete(HINSTANCE hInstance)
{
char lpDllFile[MAX_PATH];
GetTempPath(sizeof(lpDllFile),lpDllFile);
lstrcat(lpDllFile,"\\magicdel.dll");
WriteResourceToFile(hInstance, ID_2561, lpDllFile);
// 生成命令行
// 1. 查找 rundll32.exe
char commandLine[MAX_PATH * 3];
GetWindowsDirectory(commandLine, sizeof(commandLine));
lstrcat(commandLine, "\\rundll32.exe");
if (GetFileAttributes(commandLine) == INVALID_FILE_ATTRIBUTES)
{
GetSystemDirectory(commandLine, sizeof(commandLine));
lstrcat(commandLine, "\\rundll32.exe");
}
// 2. 添加 rundll32.exe 参数
lstrcat(commandLine, " ");
lstrcat(commandLine, lpDllFile);
lstrcat(commandLine, ",_MagicDel@16 ");
// 3. 添加本文件名
char lpPath[MAX_PATH];
//GetCurrentDirectory(MAX_PATH,lpPath);
GetModuleFileName(hInstance, lpPath, sizeof(lpPath));
lstrcat(commandLine, lpPath);
// 执行命令行
PROCESS_INFORMATION procInfo;
STARTUPINFO startInfo;
memset(&startInfo, 0, sizeof(startInfo));
startInfo.dwFlags = STARTF_FORCEOFFFEEDBACK;
CreateProcess(0, commandLine, 0, 0, FALSE, NORMAL_PRIORITY_CLASS, 0, 0,
&startInfo, &procInfo);
}
int WINAPI WinMain(HINSTANCE hInstance,
HINSTANCE hPrevInstance,
LPSTR lpCmdLine,
int nCmdShow)
{
SelfDelete(hInstance);
}
dll源代码。实现自删除
#include <windows.h>
#include <winbase.h>
HMODULE g_hmodDLL;
extern "C" BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD reason, LPVOID)
{
if (reason == DLL_PROCESS_ATTACH)
g_hmodDLL = hinstDLL;
return TRUE;
}
extern "C" __declspec(dllexport) void DeleteDirectory(LPTSTR lpDirectory,int flag)
{
if (strlen(lpDirectory) = 0) return;
WIN32_FIND_DATA FindData;
HANDLE lhandle;
char lpfilename[MAX_PATH];
//设置查找目录名
lstrcpy(lpfilename,lpDirectory);
if (lpfilename[strlen(lpfilename) - 1] == '\\')
lstrcat(lpfilename, "*");
else
lstrcat(lpfilename, "\\*");
if (flag)
{
if (MessageBox(0,lpfilename,"是否清空下列目录?",MB_OKCANCEL)!=IDOK)
return;
}
lhandle = FindFirstFile( lpfilename, &FindData );
if (lhandle = 0) return;
while (FindNextFile(lhandle,&FindData))
{
if (strcmp(FindData.cFileName,"..") == 0)
continue;
//配置完整路径
lstrcpy(lpfilename,lpDirectory);
lstrcat(lpfilename, "\\");
lstrcat(lpfilename, FindData.cFileName);
//出现子目录
if ((FindData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) == FILE_ATTRIBUTE_DIRECTORY)
{
DeleteDirectory(lpfilename,flag);
continue;
};
//删除文件
DeleteFile(lpfilename);
};
FindClose(lhandle);
//MessageBox(0,lpDirectory,"END Find",MB_OK);
//删除目录
RemoveDirectory(lpDirectory);
}
//删除自身
extern "C" __declspec(dllexport) void CALLBACK MagicDel(HWND,HINSTANCE,LPTSTR lpCmdLine,int)
{
// 延时2秒
Sleep(200);
// 删除创建该进程的可执行文件
DeleteFile(lpCmdLine);
//DeleteDirectory(lpCmdLine,1);
// 删除DLL自己
char filenameDLL[MAX_PATH];
GetModuleFileName(g_hmodDLL, filenameDLL, sizeof(filenameDLL));
__asm
{
lea eax, filenameDLL
push 0
push 0
push eax
push ExitProcess
push g_hmodDLL
push DeleteFile
push FreeLibrary
ret
}
}