Exe自杀

  1. //http://hi.baidu.com/zxhouse
  2. #include <windows.h>   
  3.   
  4. BOOL DeleteMyself(WCHAR *pHelper)   
  5. {   
  6.     int ret;   
  7.      WCHAR helper[MAX_PATH];   
  8.      ZeroMemory(helper, sizeof(helper));   
  9.     if (pHelper)   
  10.          wcsncpy(helper, pHelper, MAX_PATH-2);   
  11.     else  
  12.          wcscpy(helper, L"calc.exe");   
  13.        
  14.      STARTUPINFOW si = {sizeof(STARTUPINFOW),0};   
  15.      PROCESS_INFORMATION pi;   
  16.        
  17.      HANDLE hSYNC = OpenProcess(SYNCHRONIZE, TRUE, GetCurrentProcessId());   
  18.        
  19.     if (CreateProcessW(NULL, helper, 0, 0, TRUE, CREATE_SUSPENDED, 0, 0, &si, &pi))   
  20.      {   
  21.          CONTEXT ctx = {CONTEXT_FULL,0};   
  22.          ret = GetThreadContext(pi.hThread, &ctx);   
  23.            
  24.          WCHAR MyselfPath[MAX_PATH];   
  25.         int nPathLen = GetModuleFileNameW(NULL, MyselfPath, MAX_PATH);   
  26.            
  27.          struct StackContext   
  28.          {   
  29.              DWORD_PTR DeleteFileW;   
  30.              DWORD_PTR WaitForSingleObject_argv1;   
  31.              DWORD_PTR WaitForSingleObject_argv2;   
  32.              DWORD_PTR ExitProcess;   
  33.              DWORD_PTR DeleteFileW_argv1;   
  34.              DWORD_PTR shit;   
  35.              DWORD_PTR ExitProcess_argv1;   
  36.          }stackctx;   
  37.            
  38.          HMODULE hKernel32 = GetModuleHandleW(L"Kernel32.dll");   
  39.            
  40.          ctx.Eip = (DWORD_PTR)GetProcAddress(hKernel32, "WaitForSingleObject");   
  41.          ctx.Esp = (DWORD_PTR)VirtualAllocEx(pi.hProcess, 0, 512*1024, MEM_COMMIT, PAGE_EXECUTE_READWRITE);   
  42.          ctx.Esp += 256*1024;   
  43.          stackctx.DeleteFileW = (DWORD_PTR)GetProcAddress(hKernel32, "DeleteFileW");   
  44.          stackctx.WaitForSingleObject_argv1 = (DWORD_PTR)hSYNC;   
  45.          stackctx.WaitForSingleObject_argv2 = (DWORD_PTR)-1;   
  46.          stackctx.ExitProcess = (DWORD_PTR)GetProcAddress(hKernel32, "ExitProcess");   
  47.          stackctx.DeleteFileW_argv1 = (DWORD_PTR)VirtualAllocEx(pi.hProcess, 0, (nPathLen+1)*sizeof(WCHAR), MEM_COMMIT, PAGE_EXECUTE_READWRITE);   
  48.          ret = WriteProcessMemory(pi.hProcess, (LPVOID)stackctx.DeleteFileW_argv1, MyselfPath, (nPathLen+1)*sizeof(WCHAR), NULL);   
  49.         if (!ret) return FALSE;   
  50.            
  51.          stackctx.shit = 0;   
  52.          stackctx.ExitProcess_argv1 = 0;   
  53.            
  54.          ret = WriteProcessMemory(pi.hProcess, (LPVOID)(ctx.Esp), &stackctx, sizeof(stackctx), NULL);   
  55.         if (!ret) return FALSE;   
  56.            
  57.          ret = SetThreadContext(pi.hThread, &ctx);   
  58.         if (!ret) return FALSE;   
  59.            
  60.          ResumeThread(pi.hThread);   
  61.          CloseHandle(pi.hThread);   
  62.          CloseHandle(pi.hProcess);   
  63.         return TRUE;   
  64.      }else  
  65.      {   
  66.         return FALSE;   
  67.      }   
  68. }   
  69.   
  70.   
  71. int main()   
  72. {   
  73.      DeleteMyself(0);   
  74.     return 0;   
  75. }   
  76.   
  77. //2000/xp/2003/vista 上已经测试通过

你可能感兴趣的:(职场,休闲,Exe自杀)