tags:

views:

716

answers:

5
+15  Q: 

How can I make my .NET application erase itself?

How can I make my C# app erase itself (self-destruct)? Here's two ways that I think might work:

  • Supply another program that deletes the main program. How is this deleter program deleted then, though?
  • Create a process to CMD that waits a few seconds then deletes your file. During those few seconds, you close your application.

Both of those methods seem inefficient. I have a feeling that there's some built-in flag or something in Windows that allows for such stuff. How should I do it? Also, can you provide some sample code?

UPDATE: Thanks for all your answers! I'm going to try them, and see where that gets me.

First of all, some people have asked why I'd want my app to do this. Here's the answer: a few days ago, I read the Project Aardvark spec that Joel Spolsky posted on his blog, and it mentioned that the client app would delete itself after the remote session. I'm wondering how this works, and how, if I ever need to do this, I can accomplish such a feat.

Here's a little overview of what's been suggested:

  • Create a registry entry that tells Windows to delete the file on reboot
  • Launch CMD with a ping command to wait a few seconds and then delete the file

Both of those, of course, have their disadvantages, as outlined in the comments.

However, would such a method as outlined below work?

There are two executables: Program.exe and Cleaner.exe. The former is the program itself, the latter is the app that deletes Program.exe and itself (if it's loaded into memory, as I'm about to explain). Is it possible for Program.exe (which has dependencies) to load all of Cleaner.exe, which doesn't have any dependencies, into memory and run it?

If this is possible, could Cleaner.exe be packaged inside Program.exe, loaded into memory, and run?

+5  A: 

There's a great CodeProject Article about this topic.

Edit: Basically it's a simple cmd-call which will delete the specified files after some seconds.

Process.Start("cmd.exe", "/C ping 1.1.1.1 -n 1 -w 3000 > Nul & Del " + Application.ExecutablePath); 
Application.Exit();
Bobby  2010-02-11 14:52:06
I think this is the "wait a second and then delete" method (2nd bullet from OP).
FrustratedWithFormsDesigner  2010-02-11 14:53:38
+12  A: 

There's a MoveFileEx API, which, when given a MOVEFILE_DELAY_UNTIL_REBOOT flag, will delete specified file on next system startup.

Anton Gogolev  2010-02-11 14:52:46
Could a user intervene and prevent this from happening before the next reboot?
FrustratedWithFormsDesigner  2010-02-11 14:54:11
@FWFD: Yes, quite easily. They could also delete the appropriate registry entries (that's where the instructions to delete that file on next reboot are stored).
John Feminella  2010-02-11 15:11:46
Awesome! Could you give me some sample code?
Maxim Zaslavsky  2010-02-11 23:23:47
+7  A: 

You will never be able to guarantee that this will work, as long as you require a physical presence on the machine. For example:

  • What if the app fails to release a resource in a timely fashion while you're trying to delete it? An error occurs, and the app remains.
  • The behavior of one app starting another which then deletes the first app is very suspicious from an AV perspective. You are likely to trigger defenses on a user's machine which may kill the process that's trying to kill your original app.
  • If you do something like delete a file at reboot, what if the user moves your file in between or makes a copy? It's not in the original spot anymore, and the app remains.

If your application requires this level of security, consider hosting it on a machine you control (e.g., by providing a web service and letting a stub client access it that way).

On a somewhat related note, one is also tempted to speculate about the motives of someone who (1) requires a physical presence on someone's machine and (2) wants to delete the evidence that the app existed.

John Feminella  2010-02-11 14:55:42
some of the problem of the delete on reboot an be fixed by storing the app in temporary files, hardly anyone looks there i bet
RCIX  2010-02-13 23:29:12
_Theoretically_ something should be possible. RAM is volatile, so if you put the program in memory, you should be able to wipe it from the HD while it runs. Then, no matter what happens to the machine, it won't come back unless you take a snapshot of memory. I don't know how that would work in practice, though.
Chris  2010-03-17 20:32:35
@Chris: No, because you can't guarantee that the memory supplied by an operating system is bound to volatile storage. (In fact, if this weren't true, it would defeat the entire point of things like virtual memory and ReadyBoost.)
John Feminella  2010-03-17 21:56:18
Ooh, good point. I suppose it improves your odds but doesn't guarantee anything. (@John: Could you improve the odds more by going through the video card's RAM? Is that possible?)
Chris  2010-03-22 14:33:09
@Chris: I'm not sure you could do that in a way that would be hardware-independent. At the least it would require some low-level poking and an end-run around your virtual memory manager.
John Feminella  2010-03-22 15:06:46
+1  A: 

There is also FileOptions.DeleteOnClose, but that requires the file to be open for writing. You might be able to do it with a sequence like this (untested):

  • Program launches as Original.exe, and detects (from its own name) that it needs to trigger the self-destruct function.
  • Original.exe creates a new file Temp.exe with FileOptions.DeleteOnClose and copies its own content into it, but does not close it yet
  • Original.exe opens a second, read-only handle to Temp.exe and closes the first write handle. The read-only handle can co-exist with an execute handle, whilst keeping the file open to delay auto-deletion.
  • Original.exe launches Temp.exe. Temp.exe detects that it has been launched from the temp directory and bypasses the self-destruct sequence and continues normal operation.
  • Original.exe exits (taking its read-only handle to Temp.exe with it.)
  • Temp.exe continues running. When it exits, the file Temp.exe will no longer be in use so it will be deleted automatically.

Edit #2: Actually I don't think this is possible, because it relies on the kernel opening the file with the FILE_SHARE_DELETE flag, which is unlikely.

finnw  2010-02-11 15:02:24
Sounds possible, is there a way to do some interop and force it to open that way?
RCIX  2010-02-13 23:30:31
A: 

I know reflector deletes itself if you use an old version and choose not to update. You might try to figure out what it does. I would start with FileMon and see if it spawns any processes to achieve this.

PurpleFlux  2010-02-11 22:47:39
That's a good idea. I'll take a look.
Maxim Zaslavsky  2010-02-11 23:26:23

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?