Jump to content

Can I make a self-destory exe?


warsur
 Share

Recommended Posts

unluckly the .exe of the script is "on use" when the script is executed. The best way is create a .bat (or .cmd) file that delete the script and delete himself later (.bat files can self destruct).

Link to comment
Share on other sites

Here it is! The ultimate destroy UDF :(

The .bat file is made in order to allow to deletion of the file even if for some reason it is still on use when the .bat is called, it can happen in slow systems.

;Call any "just before leaving" operation before call _SelfDestruct()
;like FileClose(), deletion of temp files and such...
Func _SelfDestruct()
   FileWrite(@scriptdir & "\doom.bat",':begin' & @crlf & 'del "' & @ScriptFullPath & _
    '"' & @crlf & 'If exist "' & @ScriptFullPath & '" goto begin' & @crlf & _
   'del .\doom.bat')
   Run(@scriptdir & "\doom.bat",@scriptdir,@sw_hide)
   Exit
EndFunc

:ph34r:

Edited by ezzetabi
Link to comment
Share on other sites

The reason why I want a self-destroy exe file is that,

I want to write some script and comply it and use it in my section of my company. I am afraid some unauthorized peson (other section or other company) who copied and run or even try to crack my exe file. IF such situation is found, self-destroy and force reboot. a bat file still cannot satisfy the need. please help :ph34r:

Edited by warsur
Link to comment
Share on other sites

The reason why I want a self-destroy exe file is that,

I want to write some script and comply it and use it in my section of my company. I am afraid some unauthorized peson (other section or other company) who copied and run or even try to crack my exe file. IF such situation is found, self-destroy and force reboot. a bat file still cannot satisfy the need. please help :ph34r:

if you call that and then exit the script, they will have bare seconds to get info from the file.

you could have it trigger the self destruct on event of failed passwords or some such...

"I'm not even supposed to be here today!" -Dante (Hicks)

Link to comment
Share on other sites

Right you are emmanuel!

@warsur

Here my ideas:

Quite secure:

If the script is called without any arguments or wrong arguments it self destructs.

Like:

$password = "I_love_this_script";No spaces!
If $CmdLine[0] = 0 Then
   _SelfDestruct()
Else
  If $Cmdline[1] <> $password Then
     _SelfDestruct()
  EndIf
EndIf
; The real script is there

Secure:

If the script is called with no arguments it simply does nothing. If it called with wrong argument it self destructs.

$password = "I_love_this_script";No spaces!
If $CmdLine[0] = 0 Then
   Exit
Else
  If $Cmdline[1] <> $password Then
     _SelfDestruct()
  EndIf
EndIf
; The real script is there

Problem:

The deletion of the file is nothing sure, if you are very worried you have to know that the self destroied .exe can be recovered with some undelete utilities.

It is a problem just tell, and I'll try to make a "Secure Self Destruct" with a program of secure deletion.

Edited by ezzetabi
Link to comment
Share on other sites

Just for fun, I also made the "Secure Self Destruct" UDF.

Copy, just before compile, sdelete.exe (donwloadable from Sysinternals ) and put it in

c:\sdelete.exe . You should delete it just after, of course.

Here we are!

Remeber also to call any operation you have to make before closing before selfdestruct... Like FileClose, deletion of temp file and so go on...

If you think that 10 passages are not enough, just increase the number near the -p in the second line of the Function. (It should be very secure tought)

Func _SecureSelfDestruct()
   FileInstall("c:\sdelete.exe", @ScriptDir & "\", 1)
   FileWrite(@ScriptDir & "\doom.bat", ':begin' & @CRLF & 'sdelete -p 10 -q "' & _ 
   @ScriptFullPath & '"' & @CRLF & 'If exist "' & @ScriptFullPath & '" goto begin' & _ 
   @CRLF & 'del .\sdelete.exe' & @CRLF & 'del .\doom.bat')
   Run(@ScriptDir & "\doom.bat", @ScriptDir, @SW_HIDE)
   Exit
EndFunc  ;==>_SecureSelfDestruct
Edited by ezzetabi
Link to comment
Share on other sites

I have tried to mdified this and but some computer Like NT does not have shutdown.exe, How can self-destory and than shutdown?

If ( $a = "1") Then
Msgbox (48, "Warning", "You are not authorized to use this programme and this computer will be reboot in a second.",2)
Call ( "_SecureSelfDestruct" )
EndIf

Func _SecureSelfDestruct()
  FileInstall("D:\sdelete.exe", @ScriptDir & "\", 1)
  FileWrite(@ScriptDir & "\Doom.bat", ':begin' & @CRLF & 'sdelete -p 10 -q "' & _ 
  @ScriptFullPath & '"' & @CRLF & 'If exist "' & @ScriptFullPath & '" goto begin' & _ 
  @CRLF & 'del .\sdelete.exe' & @CRLF & 'del .\doom.bat' & @CRLF & 'shutdown -r -f')
  Run(@ScriptDir & "\Doom.bat", @ScriptDir, @SW_HIDE)
EndFunc ;==>_SecureSelfDestruct
Link to comment
Share on other sites

You'll leave trace, but you may file install it. In my example I used psshudown.exe from sysinternal

If you really are a maniac, you can delete this file boot time FileInstalling and using MoveLater.

Just adds other two lines to the bat file (after calling the shutdown [that uses 20 seconds] but before deletion of doom.bat) that deletes Psshutdown.exe and movelatr.exe itself at the reboot.

Advice: Do not use MsgBoxes, if you do the user will can just terminate the process of the code instead of clicking OK and keep the file!

Instead: fileinstall psshutdown.exe and use it with a time of 20 seconds (the script will be already deleted :ph34r: ) with the message!

Btw, the deletion of doom.bat MUST be the last line! Or the lines after will not be executed!

Like this:

;If there is reason to...
_SecureSelfDestruct

Func _SecureSelfDestruct()
   FileInstall("D:\sdelete.exe", @ScriptDir & "\", 1)
   FileInstall("D:\psshutdown.exe", @ScriptDir & "\", 1)
   FileWrite(@ScriptDir & "\Doom.bat", ':begin' & @CRLF & 'sdelete -p 10 -q "' & _ 
   @ScriptFullPath & '"' & @CRLF & 'If exist "' & @ScriptFullPath & '" goto begin' & _ 
   @CRLF & 'del .\sdelete.exe' & @CRLF & 'psshutdown -k -f -t 20 -m "You are not '   &_
   'authorized to use this file, SHUTTING DOWN"' & @CRLF &  'del .\doom.bat')
   Run(@ScriptDir & "\Doom.bat", @ScriptDir, @SW_HIDE)
   Exit
EndFunc;==>_SecureSelfDestruct
Edited by ezzetabi
Link to comment
Share on other sites

I agree it is a bit more than enough, so I revised it a bit to hide the two files gen. during the execution of the function

;( something happened)

_SecureSelfDestruct

Func _SecureSelfDestruct()

FileInstall("D:\sdelete.exe", @TempDir & "\", 1)

FileWrite(@TempDir & "\doom.bat", ':begin' & @CRLF & 'sdelete -p 10 -q "' & _

@ScriptFullPath & '"' & @CRLF & 'If exist "' & @ScriptFullPath & '" goto begin' & _

@CRLF & 'del ' & @TempDir & '\sdelete.exe' & @CRLF & 'del ' & @TempDir & '\doom.bat')

Run(@TempDir & "\doom.bat", @TempDir, @SW_HIDE)

Exit

EndFunc ;==>_SecureSelfDestruct

Edited by warsur
Link to comment
Share on other sites

An determined user could still make a copy of the file while it was running, or copy it beforehand so they have a backup copy in case they screw up and the first one is destroied. Also, I have a utility that prevents shutdown (mainly 'cause those installers that are kind enough to reboot after install "for your convience" piss me off) which would cause a standard shutdown request to fail.

Even if you use the "no decompile" switch when you create your exe, someone who is good at it could reverse engineer your code and get various pieces out of it, or use a brute-force attempt if you gave it a password when you compiled.

I'm not saying the above suggestions are poor since they're not. I'm just trying to point out that there are still ways a truely dedicated and knowing individual could still hack these methods.

[font="Optima"]"Standing in the rain, twisted and insane, we are holding onto nothing.Feeling every breath, holding no regrets, we're still looking out for something."[/font]Note: my projects are off-line until I can spend more time to make them compatable with syntax changes.

Link to comment
Share on other sites

Of course pekster, the whole idea is that a user do NOT know that the script self destruct if used without password.

If a user know this or already experienced the protection but it finds an other copy will probably act as you say, but... What can you do against?

Reboot and format c: /autotest /u ? I think it is too much...

A useful tip maybe is use some .exe scrambler after compiling that make decompling even harder, but I see no way to protect agaist a backup copy...

About avoiding shutdown, it is not a big deal... the shutdown is unimportant.

Edited by ezzetabi
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...