Jump to content
Sign in to follow this  
LostProph

Securing source code

Recommended Posts

LostProph

Hi all,

I was wondering what would be the best way to protect my exe from being decompiled.

As i use alot of variables in the code obfuscating is not an option for me, as it screws up some parts of my application.

Thx in advance for any suggestions!

LostProph

Share this post


Link to post
Share on other sites
water

Did you read the FAQ on this subject? Did you search the forum?

In short: You can't protect your script 100%


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites
LostProph

Did you read the FAQ on this subject? Did you search the forum?

In short: You can't protect your script 100%

Yes i have read the faq, and yes i did a search but did not find any solution except for obfuscating.

Share this post


Link to post
Share on other sites
dani

As i use alot of variables in the code obfuscating is not an option for me, as it screws up some parts of my application.

It's not an option because you use a lot of variables? I don't follow :mellow: Do you mean the code doesn't work any more after obfuscating?

Share this post


Link to post
Share on other sites
LostProph

code doesnt work anymore after obfuscating yes

thats why im looking for other solutions

Share this post


Link to post
Share on other sites
Jos

Shouldn't have anything to do with the number of variable, but Obfuscation doesn't make it safe anyway as I have stated many times.


Visit the SciTE4AutoIt3 Download page for the latest versions  - Beta files                                How to post scriptsource        Forum Rules
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Share this post


Link to post
Share on other sites
JohnOne

I've obfuscated a script over 7000 lines with almost as many variables, I dont see the problem.

I think obfuscater is cool, so it dosent super protect your script, but it will put a pain in the arse of anyone who might want to steal it and pass it of as their own.

So as far as im concerned it does what it sets out to do.

Or you can learn to program in binary.


AutoIt Absolute Beginners    Require a serial    Pause Script    Video Tutorials by Morthawt   ipify 

Monkey's are, like, natures humans.

Share this post


Link to post
Share on other sites
Jos

I've obfuscated a script over 7000 lines with almost as many variables, I dont see the problem.

I think obfuscater is cool, so it dosent super protect your script, but it will put a pain in the arse of anyone who might want to steal it and pass it of as their own.

So as far as im concerned it does what it sets out to do.

Or you can learn to program in binary.

indeed this is what I advertise... it makes it somewhat hard to read but doesn't protect it. :mellow:

Visit the SciTE4AutoIt3 Download page for the latest versions  - Beta files                                How to post scriptsource        Forum Rules
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Share this post


Link to post
Share on other sites
Fulano

Well, not binary, C would work just as well ... although technically speaking that isn't bulletproof either.

In short: no matter what you do, if code is executing on the local machine, no matter what form it is in, it can be decoded provided the person decoding it is willing to put in the required effort.


#fgpkerw4kcmnq2mns1ax7ilndopen (Q, $0); while ($l = <Q>){if ($l =~ m/^#.*/){$l =~ tr/a-z1-9#/Huh, Junketeer's Alternate Pro Ace /; print $l;}}close (Q);[code] tag ninja!

Share this post


Link to post
Share on other sites
LostProph

To be honest i am happy with any form of security...

Even if it would be a passphrase that prevent ppl from using the Exe2aut tool i'd be happy already...

As for obfuscating, even if i set so that only a minimum of items will be obfuscated, my program will not fully function as it should.

Share this post


Link to post
Share on other sites
JohnOne

Well you should make a thread about it, and provide some details, errors, warnings etc...

I'm sure you will get some help.

Some functions like call tend to generate a warning from obfuscater, but in my case the compiled code still worked.

There could be a number of reasons for your woes.


AutoIt Absolute Beginners    Require a serial    Pause Script    Video Tutorials by Morthawt   ipify 

Monkey's are, like, natures humans.

Share this post


Link to post
Share on other sites
Jos

Some functions like call tend to generate a warning from obfuscater, but in my case the compiled code still worked.

It all depends what it is whether a warning/error will break a script or not.

In general: I am interested in scripts breaking issues when Obfuscated and no Errors/Warnings were given.


Visit the SciTE4AutoIt3 Download page for the latest versions  - Beta files                                How to post scriptsource        Forum Rules
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Share this post


Link to post
Share on other sites
JohnOne

I've never had problems with it, only that once with the warning, but it still worked, and I removed the call() anyway after understanding that I didnt need it.

I'm just happy that its included in the download and you're still keeping an eye on it.

One thing I have never known is how to obfuscate without compiling.

I thought it would be the save only option but that didnt work, but I have very rare call to use it and its no big deal to me.


AutoIt Absolute Beginners    Require a serial    Pause Script    Video Tutorials by Morthawt   ipify 

Monkey's are, like, natures humans.

Share this post


Link to post
Share on other sites
Jos

One thing I have never known is how to obfuscate without compiling.

I thought it would be the save only option but that didnt work, but I have very rare call to use it and its no big deal to me.

Just add this in your SciTEUser.properties and Ctrl+Shift+O will do the job:

command.46.*.au3="$(SciteDefaultHome)\Obfuscator\Obfuscator.exe" "$(FilePath)"
command.name.46.*.au3=Obfuscator
command.save.before.46.*.au3=1
command.is.filter.46.*.au3=1
command.shortcut.46.*.au3=Ctrl+Shift+O

Jos :mellow:


Visit the SciTE4AutoIt3 Download page for the latest versions  - Beta files                                How to post scriptsource        Forum Rules
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Share this post


Link to post
Share on other sites
Juvigy

I would advise you to use encryption functions like base64 for example.

Also "exprotect" is a nice tool that helps in security - search it in the example script.

Share this post


Link to post
Share on other sites
Jos

I would advise you to use encryption functions like base64 for example.

Also "exprotect" is a nice tool that helps in security - search it in the example script.

How would that add any more protection the the script source?

Really folks, please understand that there is no such thing as secure source code with AutoIt3.

Enough said about it.

Jos


Visit the SciTE4AutoIt3 Download page for the latest versions  - Beta files                                How to post scriptsource        Forum Rules
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.