Self deteting EXE

[aamir121a]

I am writing an application ( in QT win32 ) , I will be sending a beta version to the client , I was wondering if is possible to write a self deleting file , after a certain date it will delete it self along with depending dlls , structure of the program is a folder inside the folder is executable and depends DLLs , so I would like entire folder to be deleted , both using win32 API or standard C++ techniques are welcome.

[GNiewerth]

No, it´s impossible for an application to delete its executable (at least on Windows).
This issue is usually solved by a patcher application, the patcher first checks and performs updates and then starts the desired application.

[VladimirF]

This is just not a good idea.
If you know that your app "expired", why won't you simply display a user-friendly message about that?

[Chris_F]

I am writing an application ( in QT win32 ) , I will be sending a beta version to the client , I was wondering if is possible to write a self deleting file , after a certain date it will delete it self along with depending dlls , structure of the program is a folder inside the folder is executable and depends DLLs , so I would like entire folder to be deleted , both using win32 API or standard C++ techniques are welcome.

Just because you can do something doesn't mean you should. Automatically deleting files off of someones computer is not good practice. You as the creator of the software may decide how long you are going to license a particular piece of software to a user, but it shouldn't be your right to say when that data gets removed from someones computer. You don't own their machine just because they use your software.

I think an expiration message will suffice.

[aamir121a]

in that case some suggestion on anti-dumping and anti-debugging tools would be nice , as the application I am writing is fairly unique .

[Chris_F]

in that case some suggestion on anti-dumping and anti-debugging tools would be nice , as the application I am writing is fairly unique .

If you told us the name of this program, would you have to kill us?

http://rdist.root.org/2007/04/19/ant...are-overrated/

I don't see the point, personally. Unless this program runs on your own proprietary hardware with encryption and a completely totalitarian design, people will be able to reverse engineer your software if they want.

[hypheni]

Self deteting EXE

sounds interesting.. through you cant do this from exe itself while its running you can easily do it from another application or batch script. just follow the below steps.

1. Write a short coded application or simply a batch file which deletes the file. DeleteFile() api or delete dos command.
2. Bind this file as resource with your main application.
3. Match current date with your date of deletion. If matched just put the binded application or batch file at startup through registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run. So on next reboot your main application will be deleted.
4. Finally remove this reg value after its execution from binded application. (This should be in the 1st step)

[aamir121a]

thank you all , "hypheni" based on your post and things I was able to get of the net , here is the code I have written

Code:

void Selfdestruct()
{
  // temporary .bat file

  static char templ[] =
    ":Repeat\r\n"
    "del \"%s\"\r\n"
    "if exist \"%s\" goto Repeat\r\n"
    "rmdir \"%s\"\r\n"
    "del \"%s\"" ;


  char modulename[_MAX_PATH] ;    // absolute path of calling .exe file

  char temppath[_MAX_PATH] ;      // absolute path of temporary .bat file

  char folder[_MAX_PATH] ;

  GetTempPathA(_MAX_PATH, temppath) ;
  strcat(temppath, tempbatname) ;

  GetModuleFileNameA(NULL, modulename, MAX_PATH) ;
  strcpy (folder, modulename) ;
  char *pb = strrchr(folder, '\\');
  if (pb != NULL)
    *pb = 0 ;

  HANDLE hf ;

  hf = CreateFileA(temppath, GENERIC_WRITE, 0, NULL,
              CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL) ;

  if (hf != INVALID_HANDLE_VALUE)
  {
    DWORD len ;
    char *bat ;

    bat = (char*)alloca(strlen(templ) +
               strlen(modulename) * 2 + strlen(temppath) + 20) ;

   // printf(bat, templ, modulename, modulename, folder, temppath) ;

    WriteFile(hf, bat, strlen(bat), &len, NULL) ;
    CloseHandle(hf) ;

    ShellExecuteA(NULL, "open", temppath, NULL, NULL, SW_HIDE);
  }
}

I am posting this code in the hope that if anyone else wants to use it , by all means do it.

[GNiewerth]

In conclusion it´s pretty pointless to delete the executable, because you cannot prevent the user from making a backup and running it over and over again. If you want to make sure the program cannot be run after an expiration date you will probably have to set up a license server and validate each license upon start.

[hypheni]

You can do another thing to check validity of your application.

Just make a key and value in registry then read that value and start application. If it out of date throw a msg and abort execution. By this way you can prevent your application to use upto a particular time to a limited extent. Assuming the user is Novice.


BTW, GNiewerth can you tell me what is a license server, can it be setup through codes?. Some software runs only for 30days trail. Where these software are actually storing the starting date of usage ?. If registry which key or values?

[aamir121a]

A licensing server , can be any thing , when the application starts its gets it key by key i mean unsigned int ( as value) over the network , if the key matched it starts over wise it deletes or stops working , it can be as basic as that or something more complex , however this is the basic idea.

[hypheni]

Actually I meant to say the offline part.
How does a software make sure that its 30day trial period has ended. ?where the value is being stored for matching ?

[aamir121a]

you can hard code it to the executable . as in compile time , this more a simplistic approach , or you can put an if statement at the start of your program, to get an OK form the licensing server before the main windows is displayed. Although are not used this way , they are more meant to control how many copies to the app are running , as Autodesk Maya uses this to control , the game batman for PC store the progress in the game on an external server , so a hacked copy can never save the progress ( this is hard coded )

IN truth this field is dominated by a lot of third party apps which can help you achieve just the same, they provide anti dumping , anti debugging code to be inserted in your app.

In reality PC gaming industry is at the forefront of such technology

Quadratic to liner equations are used to hide the key , as in 2x -4y= 25 , is the key and 2x and 3y are the ones stored either in reg or hard coded to the app.

Finally nothing is full proof , however this helps raise the bar for your average hacker

lets face it in the age of .NET how many people know assembly level code.

[Chris_F]

In reality PC gaming industry is at the forefront of such technology

And the PC gaming industry is a perfect example of how said technology doesn't work.

*Ahem*, just go to [insert torrent site here] and do a search for the title of any video game you can think of. Enough said.

Finally nothing is full proof , however this helps raise the bar for your average hacker

lets face it in the age of .NET how many people know assembly level code.

No, I wouldn't agree with that at all, for the above-mentioned reasons.

Nothing short of rootkits is going to protect your software for very long, and even the absolute best security will at best keep hackers busy for a few months.

[GNiewerth]

You can do another thing to check validity of your application.

Just make a key and value in registry then read that value and start application. If it out of date throw a msg and abort execution. By this way you can prevent your application to use upto a particular time to a limited extent. Assuming the user is Novice.

This will fail when the user installs the program, enters the license data and sets the system clock back to 1970...