MHarris Posted August 4, 2010 Share Posted August 4, 2010 Our site has recently blocked the autoitscript.com domain due to a US-CERT monthly watchlist. This July 19, 2010 report lists autoitscript.com under the "Malicous Code (CAT3) IP Addresses and Hostnames" category of hostnames that were either linked directly (hosting malicous code, active botnet command, etc.) or indirectly (redirecting to a malicius website, etc.) to a CAT3 incident. Our cybersecurity people blindly block all items in this watchlist and refuse to remove the block. Therfore, I am trying to find out if there was a security incident on the autoitscript domain a month or so ago that may have been fixed. If so, perhaps I can make a valid argument to the US-CERT to have it removed. Please note that I am typing this on my cell phone due to this block and so please forgive any syntax or textual errors. Link to comment Share on other sites More sharing options...
Moderators Melba23 Posted August 4, 2010 Moderators Share Posted August 4, 2010 MHarris,A CAT3 incident? No idea what that is, so I cannot help you there. It sounds like US-CERT are being over-zealous - a common trait among self-appointed guardians. Quis custodiet ipsos custodes?Alas, AutoIt is used by some to create malicious code - as is every other computer language, although we do our very best to keep such idiots away from here. So if they block this site for that they must logically block every site which deals with coding of any kind - like MSDN for example!As to the Bot side of things, could I suggest you direct whoever you need to contact to this page where they can see that we do not condone, nor support, any form of botting.I hope this helps. M23 Any of my own code posted anywhere on the forum is available for use by others without any restriction of any kind Open spoiler to see my UDFs: Spoiler ArrayMultiColSort ---- Sort arrays on multiple columnsChooseFileFolder ---- Single and multiple selections from specified path treeview listingDate_Time_Convert -- Easily convert date/time formats, including the language usedExtMsgBox --------- A highly customisable replacement for MsgBoxGUIExtender -------- Extend and retract multiple sections within a GUIGUIFrame ---------- Subdivide GUIs into many adjustable framesGUIListViewEx ------- Insert, delete, move, drag, sort, edit and colour ListView itemsGUITreeViewEx ------ Check/clear parent and child checkboxes in a TreeViewMarquee ----------- Scrolling tickertape GUIsNoFocusLines ------- Remove the dotted focus lines from buttons, sliders, radios and checkboxesNotify ------------- Small notifications on the edge of the displayScrollbars ----------Automatically sized scrollbars with a single commandStringSize ---------- Automatically size controls to fit textToast -------------- Small GUIs which pop out of the notification area Link to comment Share on other sites More sharing options...
PsaltyDS Posted August 4, 2010 Share Posted August 4, 2010 (edited) Can you provide a link to that watch list? I don't find it at their site, nor any reference to AutoIt in their search engine.Edit: Added link to search. Edited August 4, 2010 by PsaltyDS Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law Link to comment Share on other sites More sharing options...
MHarris Posted August 4, 2010 Author Share Posted August 4, 2010 Unfortunately, the document is unclassified \ for official use only; I may only share it with other personnel with a valid "need to know" within my "federal agency or state government network". I have sent an email to sag@us-cert.gov to see if this can be shared with anyone else. Link to comment Share on other sites More sharing options...
MHarris Posted August 4, 2010 Author Share Posted August 4, 2010 (edited) I received a response from US-CERT regarding the autoitscript.com web page. Turns out the domain was on the list because of a file called SciTE4AutoIt3; a number of AV compainies have signatures for this file identifying it as a potential key logger. Due to my inquiries and the reputation of the vendoe they will likeky remove the entry from the block list. Edited August 4, 2010 by MHarris Link to comment Share on other sites More sharing options...
PsaltyDS Posted August 4, 2010 Share Posted August 4, 2010 They were hitting on the EDITOR?! Must be a government project! Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law Link to comment Share on other sites More sharing options...
Developers Jos Posted August 4, 2010 Developers Share Posted August 4, 2010 Must be the au3recorder they mark as keylogger since it kinda is and has a Hook.dll for the recording purpose. Jos SciTE4AutoIt3 Full installer Download page - Beta files Read before posting How to post scriptsource Forum etiquette Forum Rules Live for the present, Dream of the future, Learn from the past. Link to comment Share on other sites More sharing options...
jchd Posted August 5, 2010 Share Posted August 5, 2010 Yes, that and other similar code that we already discussed on the other forum (like this). This wonderful site allows debugging and testing regular expressions (many flavors available). An absolute must have in your bookmarks.Another excellent RegExp tutorial. Don't forget downloading your copy of up-to-date pcretest.exe and pcregrep.exe hereRegExp tutorial: enough to get startedPCRE v8.33 regexp documentation latest available release and currently implemented in AutoIt beta. SQLitespeed is another feature-rich premier SQLite manager (includes import/export). Well worth a try.SQLite Expert (freeware Personal Edition or payware Pro version) is a very useful SQLite database manager.An excellent eBook covering almost every aspect of SQLite3: a must-read for anyone doing serious work.SQL tutorial (covers "generic" SQL, but most of it applies to SQLite as well)A work-in-progress SQLite3 tutorial. Don't miss other LxyzTHW pages!SQLite official website with full documentation (may be newer than the SQLite library that comes standard with AutoIt) Link to comment Share on other sites More sharing options...
doudou Posted August 5, 2010 Share Posted August 5, 2010 They were hitting on the EDITOR?!Must be a government project! That's what happens when idiots try to protect other idiots from threats neither of them understand... I bet, this "well-secured" network runs original XP machines and they are currently evaluating SP 1 for potential drawbacks, while their users are only allowed to go on the Net with their cellphones.I wonder, why some people or organizations need computers? UDFS & Apps: Spoiler DDEML.au3 - DDE Client + ServerLocalization.au3 - localize your scriptsTLI.au3 - type information on COM objects (TLBINF emulation)TLBAutoEnum.au3 - auto-import of COM constants (enums)AU3Automation - export AU3 scripts via COM interfacesTypeLibInspector - OleView was yesterday Coder's last words before final release: WE APOLOGIZE FOR INCONVENIENCE Link to comment Share on other sites More sharing options...
jchd Posted August 5, 2010 Share Posted August 5, 2010 They need lots of PCs to compute how much taxes you owe them. This wonderful site allows debugging and testing regular expressions (many flavors available). An absolute must have in your bookmarks.Another excellent RegExp tutorial. Don't forget downloading your copy of up-to-date pcretest.exe and pcregrep.exe hereRegExp tutorial: enough to get startedPCRE v8.33 regexp documentation latest available release and currently implemented in AutoIt beta. SQLitespeed is another feature-rich premier SQLite manager (includes import/export). Well worth a try.SQLite Expert (freeware Personal Edition or payware Pro version) is a very useful SQLite database manager.An excellent eBook covering almost every aspect of SQLite3: a must-read for anyone doing serious work.SQL tutorial (covers "generic" SQL, but most of it applies to SQLite as well)A work-in-progress SQLite3 tutorial. Don't miss other LxyzTHW pages!SQLite official website with full documentation (may be newer than the SQLite library that comes standard with AutoIt) Link to comment Share on other sites More sharing options...
doudou Posted August 5, 2010 Share Posted August 5, 2010 They need lots of PCs to compute how much taxes you owe them.Funny, that you mention it. In 15 years they haven't managed to produce a single correct computation - I'm still getting refunds for 1997!!!So, my question stands: what do they need computers for? UDFS & Apps: Spoiler DDEML.au3 - DDE Client + ServerLocalization.au3 - localize your scriptsTLI.au3 - type information on COM objects (TLBINF emulation)TLBAutoEnum.au3 - auto-import of COM constants (enums)AU3Automation - export AU3 scripts via COM interfacesTypeLibInspector - OleView was yesterday Coder's last words before final release: WE APOLOGIZE FOR INCONVENIENCE Link to comment Share on other sites More sharing options...
czardas Posted August 5, 2010 Share Posted August 5, 2010 So, my question stands: what do they need computers for?Artificial Lack of Intelligence. operator64 ArrayWorkshop Link to comment Share on other sites More sharing options...
ShawnW Posted August 5, 2010 Share Posted August 5, 2010 Artificial Lack of Intelligence. What makes you think there is anything Artifical about their Lack of Intelligence? Link to comment Share on other sites More sharing options...
czardas Posted August 5, 2010 Share Posted August 5, 2010 LMAO I just don't see why it needs to be automated. operator64 ArrayWorkshop Link to comment Share on other sites More sharing options...
doudou Posted August 5, 2010 Share Posted August 5, 2010 LMAOI just don't see why it needs to be automated. Automation of Laziness and Ignorance? UDFS & Apps: Spoiler DDEML.au3 - DDE Client + ServerLocalization.au3 - localize your scriptsTLI.au3 - type information on COM objects (TLBINF emulation)TLBAutoEnum.au3 - auto-import of COM constants (enums)AU3Automation - export AU3 scripts via COM interfacesTypeLibInspector - OleView was yesterday Coder's last words before final release: WE APOLOGIZE FOR INCONVENIENCE Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now