BOF implementation of delete self poc that delete a locked executable or a currently running file from disk by its pid, path, or the current process.
git clone https://github.com/AgeloVito/self_delete_bof.gitmakeAnd load self_delete.cna
beacon> help self_delete
Use: self_delete [pid|path]
e.g: self_delete
self_delete 7956
self_delete /path/file.exe
self_delete
self_delete by path
self_delete by pid
x86 process without manifest
https://stackoverflow.com/questions/71834608/
https://github.com/LloydLabs/delete-self-poc
https://github.com/LloydLabs/delete-self-poc/pull/4/files