+- +-

+-User

Welcome, Guest.
Please login or register.
 
 
 
Forgot your password?

+-Stats

Members
Total Members: 129
Latest: dilpreetkaur
New This Month: 1
New This Week: 1
New Today: 0
Stats
Total Posts: 319
Total Topics: 160
Most Online Today: 2
Most Online Ever: 68
(October 18, 2019, 12:38:07 am)
Users Online
Members: 0
Guests: 1
Total: 1

Author Topic: Deleting files with NtDeleteFile  (Read 796 times)

zwclose7

  • Administrator
  • Full Member
  • *****
  • Posts: 155
  • I love anime and science!
    • View Profile
    • My blog
Deleting files with NtDeleteFile
« on: February 25, 2015, 06:16:13 pm »
The NtDeleteFile Native API function deletes a file. Unlike the Win32 DeleteFile function, which calls NtSetInformationFile with the FileDispositionInformation information class to delete the file, NtDeleteFile works even the file is being opened by other processes.

Here is an example usage of NtDeleteFile.

Code: [Select]
#pragma warning(disable:4005)

#include <stdio.h>
#include <Windows.h>
#include <ntstatus.h>
#include "ntdll.h"

#pragma comment(lib,"ntdll.lib")

NTSTATUS NTAPI MyDeleteFile(PWSTR FileName)
{
NTSTATUS status;
wchar_t FullPath[1024];

UNICODE_STRING NtPath;
OBJECT_ATTRIBUTES ObjectAttributes;

if(!SearchPath(NULL,FileName,NULL,1024,FullPath,NULL))
{
return STATUS_OBJECT_NAME_NOT_FOUND;
}

if(!RtlDosPathNameToNtPathName_U(FullPath,&NtPath,NULL,NULL))
{
return STATUS_OBJECT_NAME_NOT_FOUND;
}

InitializeObjectAttributes(&ObjectAttributes,&NtPath,OBJ_CASE_INSENSITIVE,NULL,NULL);

status=NtDeleteFile(&ObjectAttributes);

RtlFreeUnicodeString(&NtPath);
return status;
}

int wmain(int argc,wchar_t* argv[])
{
NTSTATUS status;

if(argc<2)
{
printf("\nUsage: NtDelete [File name]\n");
return -1;
}

status=MyDeleteFile(argv[1]);

if(!NT_SUCCESS(status))
{
printf("\nError: Unable to delete file (%#x)\n",status);
return -1;
}

printf("\nFile successfully deleted.\n");
return 0;
}

Alex.

  • Guest
Re: Deleting files with NtDeleteFile
« Reply #1 on: April 09, 2015, 02:50:23 pm »
Low level apis .Great for terminate purpose

 

+-Recent Topics

Independent Call Girls in Chandigarh by dilpreetkaur
June 21, 2021, 01:02:52 pm

Hi zwclose7. How to create process by using NT apis? by zwclose7
June 01, 2021, 03:09:52 pm

Poison of the Day by zwclose7
March 16, 2020, 06:45:08 pm

IRC by AzeS
February 17, 2020, 08:18:01 am

Native API tutorial by hMihaiDavid
January 08, 2019, 02:11:02 am

The properties of GP nerve agent by xchg
October 19, 2018, 07:40:57 pm

A new route of synthesis for G-series agents by Basquyatti
October 15, 2018, 06:12:57 am

Synthesis of Methylisobutylcarbinylsarin (GH) by APC process by Basquyatti
October 14, 2018, 07:55:33 am

Synthesis conventional of Sarin by Basquyatti
October 02, 2018, 07:57:32 am

Reaction CX-7 (Experimental) by zwclose7
October 02, 2018, 12:46:47 am