thanks for your answers and i did google
well, here's what i came up with:
Code:
commd * * * db "cmd.exe /c del ",0
processinfo PROCESS_INFORMATION <>
startup * * STARTUPINFO * * * * <>
clbuff * * *db 500 dup (?)
TotalCleanUp PROC
;remove the program itself
;-------------------------
invoke GetCommandLine
mov ComLine,eax
invoke lstrcpy,addr clbuff,addr commd
invoke lstrcat,addr clbuff,ComLine
mov startup.wShowWindow,SW_HIDE
invoke CreateProcess,NULL,addr clbuff,NULL,NULL,FALSE,0,NULL,NULL,addr startup,addr processinfo
invoke ExitProcess,0
TotalCleanUp ENDP
btw, here's the same code in C for those who do not understand ASM:
Code:
#include <stdio.h>
#include <windows.h>
#include <strings.h>
int main(void)
{
* *char buffer[500]="cmd.exe /c del ";
* *STARTUPINFO si;
* *PROCESS_INFORMATION pi;
* *ZeroMemory( &si, sizeof(si) );
* *si.cb = sizeof(si);
* *ZeroMemory( &pi, sizeof(pi) );
* *strcat(buffer,GetCommandLine());
* *CreateProcess(NULL,buffer,NULL,NULL,FALSE,0,NULL,NULL,&si,&pi);
* *return 0;
* *
}
so my problem is solved
i want to include it to prevent brute forcing. if i let the program run 100 times before this code is executed the program can not be bruteforced without first RE'ing it by removing this code
thanks for the help tho
