moldevort

Thank you for this addition; I already tested disabling UPX, still flagged and making my friends install autoit beforehands is not an option. I will try using the x64 approach

Thank you for the link. However, this doesn't answer my question - windows itself seems to block the file and I am not willing to upload my file to various antivirus sites whenever I want to change a tiny bit of a code. I am looking for a workaround

A friend of mine still has trouble opening the AutoIt-Script. He was try download a file containing the exe and the cmd - both blocked by Windows/Browser. Is there any way to reduce the risk of the file being flagged as false positive even further? (exe gets flagged by 14/70 and cmd by 5/59 according to VirusTotal)

In case you are still interested:

Thank you so much for this file. After having searched some while this is the only piece of code I could find working for php and autoit. However, I had to update some functions now being deprecated in recent versions, adapt the code to my needs, add support for Javascript as well as hmac for security reasons (e.g. AES-256 in cbc mode is quite vulnerable for certain type of attacks without hmac). In case someone is interested, I attached the files for PHP, AutoIt and JS. I added a function to CryptPhp class creating values for $keys (one key for encryption and one for creating the hmac). These values need to be the same in CryptPhp.au3, cryptphp.au3 and cryptphp.js in case you'd like to exchange data between those. test.au3 #include <CryptPhp.au3> $key1 = _CryptPhp_CreateKey() $key2 = _CryptPhp_CreateKey() ConsoleWrite( _ 'key1: ' & $key1 & @CRLF & _ 'key2: ' & $key2 & @CRLF & @CRLF) $data = '123' $encrypted = _CryptPhp_Encrypt($data) $decrypted = _CryptPhp_Decrypt($encrypted) ConsoleWrite( _ $encrypted & @CRLF & _ $decrypted & @CRLF) CryptoNG.au3 https://www.autoitscript.com/forum/topic/201002-cryptong-udf-cryptography-api-next-gen/#comments CryptPhp.au3 #include <CryptoNG.au3> Local const $keys = [ _ 'oeHHADBHRY2fDFfvA6AwHL8QneBVUzdu45REGmgxPQw=', _ 'HIZ7+30WFI3T2TWAipYbEIo7g7iDPYxiGQaUtEzNvvI=' _ ] Func _CryptPhp_CreateKey() Local $keyBinary = _CryptoNG_GenerateRandom($CNG_BCRYPT_RNG_ALGORITHM, 32) return _CryptoNG_CryptBinaryToString($keyBinary, BitOr($CNG_CRYPT_STRING_BASE64, $CNG_CRYPT_STRING_NOCRLF)) EndFunc Func _CryptPhp_Encrypt($data, $urlSafe = true) Local $iv = _CryptoNG_GenerateRandom($CNG_BCRYPT_RNG_ALGORITHM, 16) Local $encryptionKey = _CryptoNG_CryptStringToBinary($keys[0], $CNG_CRYPT_STRING_BASE64) Local $encrypted = _CryptoNG_AES_CBC_EncryptData($data, $encryptionKey, $iv) Local $hmacKey = _CryptoNG_CryptStringToBinary($keys[1], $CNG_CRYPT_STRING_BASE64) Local $hmac = _CryptoNG_HashData($CNG_BCRYPT_SHA256_ALGORITHM, $iv & $encrypted, True, $hmacKey) Local $encoded = _CryptoNG_CryptBinaryToString($iv & $encrypted & $hmac, BitOr($CNG_CRYPT_STRING_BASE64, $CNG_CRYPT_STRING_NOCRLF)) return ($urlSafe) _ ? TurnUrlSafe($encoded) _ : $encoded EndFunc Func _CryptPhp_Decrypt($data) $data = TurnUrlSafe($data, false) Local $raw = _CryptoNG_CryptStringToBinary($data, $CNG_CRYPT_STRING_BASE64) Local $iv = BinaryMid($raw, 1, 16) Local $encrypted = BinaryMid($raw, 16 + 1, BinaryLen($raw) - (16 + 32)) Local $hmacIs = BinaryMid($raw, 16 + BinaryLen($encrypted) + 1) Local $hmacKey = _CryptoNG_CryptStringToBinary($keys[1], $CNG_CRYPT_STRING_BASE64) Local $hmacShould = _CryptoNG_HashData($CNG_BCRYPT_SHA256_ALGORITHM, $iv & $encrypted, True, $hmacKey) Local $hashMatch = CTstrcmp($hmacShould, $hmacIs) == 0 if not $hashMatch then _ return false Local $encryptionKey = _CryptoNG_CryptStringToBinary($keys[0], $CNG_CRYPT_STRING_BASE64) return _CryptoNG_AES_CBC_DecryptData($encrypted, $encryptionKey, $iv) EndFunc func ord($str) return Asc(StringLeft($str, 1)) EndFunc ;source: https://www.php.net/manual/en/function.hash-equals.php#125034 func CTstrcmp($should, $is) Local $shouldLength = StringLen($should) Local $isLength = StringLen($is) Local $deltaLength = $shouldLength - $isLength Local $shouldPos = 0 for $isPos = 0 to $isLength - 1 Local $isChar = StringMid($is, $isPos + 1, 1) Local $shouldChar = StringMid($should, $shouldPos + 1, 1) $deltaLength = BitXOR(BitOR($deltaLength, ord($isChar)), ord($shouldChar)) $shouldPos = Mod($shouldPos + 1, $shouldLength) Next return $deltaLength EndFunc Func TurnUrlSafe($data, $toSafe = true) return ($toSafe) _ ? StringReplace( _ StringReplace( _ StringReplace($data, _ '+', '-'), _ '/', '_'), _ '=', '') _ : StringReplace( _ StringReplace($data, _ '-', '+'), _ '_', '/') EndFunc test.php <?php include_once 'cryptphp.php'; $key1 = CryptPhp::create_key(); $key2 = CryptPhp::create_key(); echo 'key1: '.$key1.'<br>'. 'key2: '.$key2.'<br><br>'; $data = '123'; $encrypted = CryptPhp::encrypt($data); $decrypted = CryptPhp::decrypt($encrypted); echo $encrypted.'<br>'. $decrypted.'<br><br>'; ?> <html> <script src="crypto-js.min.js"></script> <script src="cryptphp.js"></script> <script> let key1 = CryptPhp.createKey(); let key2 = CryptPhp.createKey(); document.write( 'key1: '+key1+'<br>'+ 'key2: '+key2+'<br><br>'); let data = '123'; let encrypted = CryptPhp.encrypt(data); let decrypted = CryptPhp.decrypt(encrypted); document.write( encrypted+'<br>'+ decrypted); </script> </html> cryptphp.php <?php class CryptPhp { private static $cipherAlgorithm = 'aes-256-cbc'; private static $hashAlgorithm = 'sha256'; private static $ivNumBytes = 16; private static $hashNumBytes = 32; private static $keys = [ 'oeHHADBHRY2fDFfvA6AwHL8QneBVUzdu45REGmgxPQw=', 'HIZ7+30WFI3T2TWAipYbEIo7g7iDPYxiGQaUtEzNvvI=' ]; public static function create_key() { return base64_encode(random_bytes(self::$hashNumBytes)); } public static function encrypt($data, $urlSafe = true) { $iv = random_bytes(self::$ivNumBytes); $encryptionKey = base64_decode(self::$keys[0]); $encrypted = openssl_encrypt($data, self::$cipherAlgorithm, $encryptionKey, OPENSSL_RAW_DATA, $iv); $hmacKey = base64_decode(self::$keys[1]); $hmac = hash_hmac(self::$hashAlgorithm, $iv . $encrypted, $hmacKey, true); $result = $iv.$encrypted.$hmac; return ($urlSafe) ? base64url_encode($result) : base64_encode($result); } //source: https://www.php.net/manual/en/function.hash-equals.php#125034 private static function CTstrcmp($should, $is) { $shouldLength = strlen($should); $isLength = strlen($is); $deltaLength = $shouldLength - $isLength; $shouldPos = 0; for ($isPos = 0; $isPos < $isLength; $isPos++) { $deltaLength |= ord($is[$isPos]) ^ ord($should[$shouldPos]); $shouldPos = ($shouldPos + 1) % $shouldLength; } return $deltaLength; } public static function decrypt($data) { $raw = base64url_decode($data); $iv = substr($raw, 0, self::$ivNumBytes); $encrypted = substr($raw, self::$ivNumBytes, strlen($raw) - (self::$ivNumBytes + self::$hashNumBytes)); $hmacIs = substr($raw, -self::$hashNumBytes); $hmacKey = base64_decode(self::$keys[1]); $hmacShould = hash_hmac(self::$hashAlgorithm, $iv.$encrypted, $hmacKey, true); $hashMatch = self::CTstrcmp($hmacShould, $hmacIs) === 0; if(!$hashMatch) return false; $encryptionKey = base64_decode(self::$keys[0]); return openssl_decrypt($encrypted, self::$cipherAlgorithm, $encryptionKey, OPENSSL_RAW_DATA, $iv); } } function base64url_decode($data) { return base64_decode(str_pad(strtr($data, '-_', '+/'), strlen($data) % 4, '=', STR_PAD_RIGHT)); } function base64url_encode($data) { return rtrim(strtr(base64_encode($data), '+/', '-_'), '='); } ?> cryptphp.js class CryptPhp { static cipherAlgorithm = 'aes-256-cbc'; static hashAlgorithm = 'sha256'; static iv_num_bytes = 16; static hash_num_bytes = 32; static keys = [ 'oeHHADBHRY2fDFfvA6AwHL8QneBVUzdu45REGmgxPQw=', 'HIZ7+30WFI3T2TWAipYbEIo7g7iDPYxiGQaUtEzNvvI=' ]; static createKey() { let keyBytes = crypto.getRandomValues(new Uint8Array(this.hash_num_bytes)); let key = CryptoJS.enc.Hex.parse(this.toHexString(keyBytes)); return CryptoJS.enc.Base64.stringify(key); } static encrypt(data, urlSafe = true) { let ivBytes = crypto.getRandomValues(new Uint8Array(this.iv_num_bytes)); let iv = CryptoJS.enc.Hex.parse(this.toHexString(ivBytes)); let encryptionKey = CryptoJS.enc.Base64.parse(this.keys[0]); let encrypted = CryptoJS.AES.encrypt(data, encryptionKey, { 'mode': CryptoJS.mode.CBC, iv: iv }); let hmacContent = CryptoJS.enc.Hex.parse(iv + encrypted.ciphertext); let hmacKey = CryptoJS.enc.Base64.parse(this.keys[1]); let hmac = CryptoJS.HmacSHA256(hmacContent, hmacKey); let output = CryptoJS.enc.Hex.parse(iv + encrypted.ciphertext + hmac); let result = CryptoJS.enc.Base64.stringify(output); return (urlSafe) ? this.turnUrlSafe(result) : result; } static decrypt(data) { data = this.turnUrlSafe(String(data), false); let raw = CryptoJS.enc.Base64.parse(data).toString(); let iv = raw.substr(0, this.iv_num_bytes*2); let encrypted = raw.substr(this.hash_num_bytes, raw.length - 2*(this.iv_num_bytes + this.hash_num_bytes)); let hmacIs = raw.substr(-this.hash_num_bytes*2); let hmacKey = CryptoJS.enc.Base64.parse(this.keys[1]); let hmacContent = CryptoJS.enc.Hex.parse(iv + encrypted); let hmacShould = CryptoJS.HmacSHA256(hmacContent, hmacKey).toString(); let hashMatch = this.CTstrcmp(hmacShould, hmacIs) === 0; if(!hashMatch) return false; let encryptionKey = CryptoJS.enc.Base64.parse(this.keys[0]); let decrypted = CryptoJS.AES.decrypt(CryptoJS.enc.Base64.stringify(CryptoJS.enc.Hex.parse(encrypted)), encryptionKey, { 'mode': CryptoJS.mode.CBC, iv: CryptoJS.enc.Hex.parse(iv) }); let decryptedString = decrypted.toString(CryptoJS.enc.Utf8); return decryptedString; } static turnUrlSafe(data, toSafe = true) { return (toSafe) ? data .replaceAll('+', '-') .replaceAll('/', '_') .replaceAll('=', '' ) : data .replaceAll('-', '+') .replaceAll('_', '/'); } static ord(str) { return str.charCodeAt(0); } //source: https://www.php.net/manual/en/function.hash-equals.php#125034 static CTstrcmp(should, is) { let shouldLength = should.length; let isLength = is.length; let deltaLength = should.length - is.length; let shouldPos = 0; for (let isPos = 0; isPos < isLength; isPos++) { deltaLength |= this.ord(is[isPos]) ^ this.ord(should[shouldPos]); shouldPos = (shouldPos + 1) % shouldLength; } return deltaLength; } static toHexString(byteArray) { return byteArray.reduce((output, elem) => (output + ('0' + elem.toString(16)).slice(-2)), ''); } } crypto-js.min.js https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js CryptPhp.zip

Edited

Somewhat old but maybe still of interest. As I am regularly using Zoom for meetings I needed a possibility to check if Zoom is running and has just been exited in order to know when to run some post meeting tools. Local $ignoredZoomNames[] = [ _ "zoom_acc_notify_wnd", _ "zoom_pt_notification_app_bar_wnd", _ "ZPPTMainFrmWndClassEx", _ "ZPToolBarParentWndClass" _ ] Local $searchedForZoomNames[] = [ _ "VideoFrameWndClass", _ "ZPContentViewWndClass" _ ] Local $allZoomWinNames[0] Func IsZoomActive() Local $zoomWinNames[0] Local $processList = ProcessList() for $i = 1 to UBound($processList) - 1 if $processList[$i][0] <> "Zoom.exe" then _ ContinueLoop Local $winList = _WinAPI_EnumProcessWindows($processList[$i][1], 1) Local $winNames = _ArrayExtract($winList, 1, -1, 1) for $j = 1 to UBound($winNames) Local $winName = $winNames[$j - 1] if $winName = "-1" then _ ContinueLoop if _ArraySearch($ignoredZoomNames, $winName) <> -1 then _ ContinueLoop _ArrayAdd($zoomWinNames, $winName) Next Next if UBound($zoomWinNames) == 0 then _ return false for $i = 1 to UBound($zoomWinNames) Local $winName = $zoomWinNames[$i - 1] if _ArraySearch($allZoomWinNames, $winName) <> -1 then _ ContinueLoop _ArrayAdd($allZoomWinNames, $winName) Next Local $zoomWinString = _ArrayToString($zoomWinNames, "") Local $pattern = '(' & _ArrayToString($searchedForZoomNames) & ')' Local $result = StringRegExp($zoomWinString, $pattern, 1) return @error == 0 EndFunc You could use this snipplet to record all new window names while you are using zoom (they get stored in $allZoomWinNames) This may be useful in order to identify the one you need to send your keystrokes to.

no one?

Hi, i've been googling for a few hours and couldn't find anything that works in windows 7 64bit. i installed virtual audio cable in order to use speakers and hdmi simultaneously. when changing volume on default audio device (virtual audio cable) the volume for hifi system and speakers doesnt change. therefore i need to change speaker and hdmi device level at once when changing default audio device. GetMasterVolumeLevelScalar() (_AudioEndpointVolume.au3) gives me the level of my default audio device but couldnt find a way changing the volume for other devices.