please wait
Delete system files
Mar 1, 2010 at 7:37pm
Hello everyone! I wanna write a C++ code to delete a file. I use remove() finction. But it CANNOT delete any file I want. For example, I wanna delete a file from C:\\Windows directory, but that function does not do that.
P.S. I don't wanna make any virus. Just it's interesting
P.S. I don't wanna make any virus. Just it's interesting
Mar 1, 2010 at 7:47pm
Yea doing that is virus activity. So whether you truly want to or not, is meaningless. Unless you plan on frying your own windows partition you are writing a virus for illegal use.
Mar 1, 2010 at 8:03pm
DeleteFile function:
http://msdn.microsoft.com/en-us/library/aa363915(VS.85).aspx
DeleteFile("\\\\.\\C:\\Windows\\file.exe");
\\.\ at the begining of file path sometimes allows to delete file even if the file is used by another program.
http://msdn.microsoft.com/en-us/library/aa363915(VS.85).aspx
DeleteFile("\\\\.\\C:\\Windows\\file.exe");
\\.\ at the begining of file path sometimes allows to delete file even if the file is used by another program.
Mar 1, 2010 at 11:04pm
@ Seraphimsan: That's kind of pessamistic. I'd think that if the OP were capable of writing a malicious program they would know how to use a function like remove().
Now if they got into specifics like loading their program as a registered service, forging the security token on a thread\process, Hooking the API to overwrite the Kernel32.dll IAT. Now those are some questions we should worry about. Until then there's no need to think the worst of people ;).
Now if they got into specifics like loading their program as a registered service, forging the security token on a thread\process, Hooking the API to overwrite the Kernel32.dll IAT. Now those are some questions we should worry about. Until then there's no need to think the worst of people ;).
Mar 2, 2010 at 12:42pm
@Seraphimsan, you were right! I plan on frying my own windows partition. How did you guess???
Mar 2, 2010 at 1:40pm
@arshak
You're not helping by being sarcastic.
@Seraphimsan,
I don't think OP was seriously saying he wanted to delete a file from C:\Windows; I think that was probably just an example.
I tried writing a program in assembly that would be able to copy it's code into a binary file on UNIX. I had finished writing the function to copy the code
Afterthought: it wasn't a virus. I merely wanted to try self-replication. It wouldn't have worked as a 'virus' anyway, because I was passing the input and output files as argv[0] and argv[1] respectively. I also tried code mutation (i.e. a program that could edit itself) but it didn't work either. I tried having markers in the text section (dd) but the assembler put them in .data :(
You're not helping by being sarcastic.
@Seraphimsan,
I don't think OP was seriously saying he wanted to delete a file from C:\Windows; I think that was probably just an example.
| Now if they got into specifics like loading their program as a registered service, forging the security token on a thread\process, Hooking the API to overwrite the Kernel32.dll IAT. Now those are some questions we should worry about. Until then there's no need to think the worst of people ;). |
I tried writing a program in assembly that would be able to copy it's code into a binary file on UNIX. I had finished writing the function to copy the code
Afterthought: it wasn't a virus. I merely wanted to try self-replication. It wouldn't have worked as a 'virus' anyway, because I was passing the input and output files as argv[0] and argv[1] respectively. I also tried code mutation (i.e. a program that could edit itself) but it didn't work either. I tried having markers in the text section (dd) but the assembler put them in .data :(
Topic archived. No new replies allowed.