Error: Unable To Open The Script File

[faldo]

I've been searching here for about an hour now without any results... Some people have brought it up before but i don't see any answers.

Since AutoIt has become a great programing tool the security issues are also questioned. It's extremely easy to decompile a password protected AutoIt exe and the only security mesures one can take is to use SmOke_N's EnCodeIt wich is great but offers no real encryption.

So my last hope was that i could use some nasty packer to fool the infinit amount of crackers out there. But it seems that whatever alteration i do to the original compiled exe, the script engine gets messed up and ge the infamous "Unable to open the script file" once i try to run the exe.

I even tried compiling the AutoIt exe without the UPX packer and pack it afterwards... but same error comes up.

So my question to anyone who knows what i'm talking about is if there's a method to compile an autoit script with the option to specify all the commandlines (such as the UPX command line)... or if there's some other way someone has come up with in order to protect the script source?

[PsaltyDS]

I've been searching here for about an hour now without any results... Some people have brought it up before but i don't see any answers.

Since AutoIt has become a great programing tool the security issues are also questioned. It's extremely easy to decompile a password protected AutoIt exe and the only security mesures one can take is to use SmOke_N's EnCodeIt wich is great but offers no real encryption.

So my last hope was that i could use some nasty packer to fool the infinit amount of crackers out there. But it seems that whatever alteration i do to the original compiled exe, the script engine gets messed up and ge the infamous "Unable to open the script file" once i try to run the exe.

I even tried compiling the AutoIt exe without the UPX packer and pack it afterwards... but same error comes up.

So my question to anyone who knows what i'm talking about is if there's a method to compile an autoit script with the option to specify all the commandlines (such as the UPX command line)... or if there's some other way someone has come up with in order to protect the script source?

Just my $.02: Write it in something else.

AutoIT is a scripting language, though a very good one. If you need truly hardened security, you need a true compiled language, with a PKI signed front end that authorizes decrypting the remainder of the executable only after secure access to a key server, and more crazy moon-man stuff like that.

It becomes a matter of how secure do you HAVE to be with it. How slow can start up be and still be acceptable? Is it ok to requre a user-key and/or machine-key before running? How much overhead in system resources is OK? Is requiring an available secure network connection OK?

How much pain you will accept depends on how important the protected elements are to you. If it's your chatroom password, simple encryption and obsfucation are enough. If it's nuclear launch codes then no level of security on a file you will distribute is enough.

Looking at it another way, any source code you wrote is already protected by copyright without registering or anything, so how badly does that need to be hidden? Getting away from a scripting language will get you away from the high level source being contained in the .exe. Any .exe can be decompiled, but the result is assembler code that looks nothing like the original high level source in C++ or whatever.

What kind of protectable elements are you putting in the AutoIT script in the first place?

[CyberSlug]

Jon is working on a new version of Aut2Exe that will alleviate some of these problems.

[faldo]

What kind of protectable elements are you putting in the AutoIT script in the first place?

The kind that i needs to be closed source...

Believe it or not, some people needs to protect their ideas... copyright don't stop crackers

Jon is working on a new version of Aut2Exe that will alleviate some of these problems.

Sounds too good to be true... thanx ALOT! =)

Acctually... what i would suggest is that either let the user have more compile options or let the compiled exe be more "compatible" to changes... if that's doable =)

Edited March 24, 2006 by faldo

[faldo]

Hey CyberSlug, do you know anything about the progress of that development? is there any ETA... or is it just some rumor?