Deleting bytes of the file you mean?
I'm at the ending of a little project I'm working on. The tool is deleting itself after it runs, before it deletes I want to damage the file and then have it delete. So I need to make a file shredder. I was reading online about how you can write to it as a text file, but it was not working for me.
Last edited by TonyMane(); 09-10-2015 at 07:52 PM.
Deleting bytes of the file you mean?
I do not use any type of messenger outside of MPGH.
Inactive but you can reach me through VM/PM.
TonyMane() (09-11-2015)
TonyMane() (09-11-2015)
By deleting or damaging the file's data won't matter if the user recovered the previous version of the executable.
Your best bet would be damaging the file, deleting it and possibility making a registry key to deny the file from opening. (If registryKey "xx" = True : Application.Exit : functionDelete()) something like that.
I do not use any type of messenger outside of MPGH.
Inactive but you can reach me through VM/PM.
I don't think the registry key will do anything.
About "damaging" the file, idk I guess you could delete the PE headers of each module to make reversing harder, but I don't know much about this, maybe @Hitokiri~ could shed some light over this matter.
Last edited by R3DDOT; 09-11-2015 at 08:28 AM.
TonyMane() (09-11-2015)
Code:// "Damaging" a file really won't do anything. What you want to do is prevent recovery tools from retrieving the file after it is permanently deleted. // Read this: https://lifehacker.com/what-really-ha...our-1659889380 // So essentially what you want to do AFTER you delete your file is to fill all these gaps where your file USED to reside on your HDD/SSD. // To do that, just do a large amount of write operations. ( File Shredders work the same way ) // Using: https://msdn.microsof*****m/en-us/lib...(v=vs.85).aspx ( CreateFile ) // https://msdn.microsof*****m/en-us/lib...(v=vs.85).aspx ( WriteFile ) // https://msdn.microsof*****m/en-us/lib...(v=vs.85).aspx ( CloseHandle ) // Some pseudocode: for( var i = 0; i < maxNumFilesToCreate; i++ ) var sz = GetRandomFileSizeMB( 30 ); // 30 MB max per file var path =Code:GetRandomFilePath(); var file = CreateFile( path ); WriteFile( file, RandomBuffer( sz ) ); CloseHandle( file ); // Delete the file after. DeleteFile( path ); endfor
More advanced implementations would actually read the file journel and overwrite the sectors on the disk directly. This method merely attempts to "guess" that it's overwriting a file segment. Doing it enough times will make the file unrecoverable but file-journal reading is far more accurate.
Last edited by Hitokiri~; 09-11-2015 at 01:42 PM.
Sazor98 (09-21-2015),TonyMane() (09-11-2015)