让所有”暴力删除工具”无语的代码

来源:MJ0011内核研究所

挑战一下,看谁的工具能删除它?

用下面代码创建:

PVOID buf = malloc(200000);
WCHAR path [MAX_PATH] ;
ZeroMemory(buf , 200000);

GetSystemDirectoryW(path , MAX_PATH);
wcscpy((wchar_t *)buf , L"\\\\?\\C:\\test");
CreateDirectoryW((wchar_t *)buf , 0);
ULONG i ;

for ( i = 0 ; i < 1023 ; i ++)
{
wcscat((wchar_t *)buf , L\\test);
CreateDirectoryW((wchar_t *)buf , 0);

}
wcscat((wchar_t *)buf , L\\test.exe);
wcscat(path , L"\\calc.exe");
CopyFileW(path , (wchar_t *)buf , FALSE);

return ;

相关日志

发表评论