Skip to content

Latest commit

 

History

History
36 lines (29 loc) · 1.18 KB

README.md

File metadata and controls

36 lines (29 loc) · 1.18 KB

Houdini

Houdini is a rust library that allows you to delete your executable while it's running.

This is fairly straightforward for unix systems, since the executable is released after getting mapped to the memory. We just need to find where it is and unlink it.

On Windows, we use a method discovered by @jonasLyk. My implementation heavily references @byt3bl33d3r's Nim implementation in OffensiveNim and in turn LloydLabs' initial C PoC.

Usage

// With a default placeholder value on windows (`svcmsrpc`)
use houdini;

fn main() {
    match houdini::disappear() {
        Ok(_) => println!("Pulled a Houdini!!"),
        Err(e) => println!("Nope! => {}", e),
    };
}
// With a placeholder you provide
use houdini::disappear;

fn main() {
    #[cfg(target_os = "windows")]
    match houdini::disappear_with_placeholder("temporary") {
        Ok(_) => println!("Pulled a Houdini!!"),
        Err(e) => println!("Nope! => {}", e),
    };
}