Giters

yamakadi / houdini

A rust library that allows you to delete your executable while it's running.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Houdini

Houdini is a rust library that allows you to delete your executable while it's running.

This is fairly straightforward for unix systems, since the executable is released after getting mapped to the memory. We just need to find where it is and unlink it.

On Windows, we use a method discovered by @jonasLyk. My implementation heavily references @byt3bl33d3r's Nim implementation in OffensiveNim and in turn LloydLabs' initial C PoC.

Usage

// With a default placeholder value on windows (`svcmsrpc`)
use houdini;

fn main() {
    match houdini::disappear() {
        Ok(_) => println!("Pulled a Houdini!!"),
        Err(e) => println!("Nope! => {}", e),
    };
}
// With a placeholder you provide
use houdini::disappear;

fn main() {
    #[cfg(target_os = "windows")]
    match houdini::disappear_with_placeholder("temporary") {
        Ok(_) => println!("Pulled a Houdini!!"),
        Err(e) => println!("Nope! => {}", e),
    };
}

About

A rust library that allows you to delete your executable while it's running.

License:MIT License

Languages

Language:Rust 100.0%