Sign in to follow this  
Followers 0
BubbleGumDancer

obfuscate source code example?

4 posts in this topic

How can I protect my code from decompilation?

The fact of the matter is you can't fully protect your code. AutoIt is an interpreted language, so all scripts are interpreted, and that script has to get stored somewhere ;) There is still hope though. You can take certain measures to prevent decompiled code from being usable to the person that decompiled. The first step is to obfuscate your code. This causes the code to become unreadable. Basically variables and functions are renamed, making it very hard to make head or tail of what is what.

can anyone please post a script example of a method to obfuscate autoit source code to make the scripts unreadable?


If you were twice as smart, you'd still be stupid.

Share this post


Link to post
Share on other sites



The option is built in to AutoIt when you go to compile it. It's the last tab in the window that pops up with the compile options.


010101000110100001101001011100110010000001101001011100110010000

001101101011110010010000001110011011010010110011100100001

My Android cat and mouse game
https://play.google.com/store/apps/details?id=com.KaosVisions.WhiskersNSqueek

We're gonna need another Timmy!

Share this post


Link to post
Share on other sites

#3 ·  Posted (edited)

If you are using SciTE to edit your scripts, you can select the obfuscation options when you select 'Compile', and it will automatically add the necessary lines to your script. The most common options are listed in the box, but extra ones are available via F1.

Typically after adjusting your compilation options, it will result in something like this at the VERY top of your main script:

#Region ;**** Directives created by AutoIt3Wrapper_GUI ****
#AutoIt3Wrapper_outfile=MyProgram.exe
#AutoIt3Wrapper_UseUpx=y
#AutoIt3Wrapper_Run_Obfuscator=y
#Obfuscator_Parameters=/striponly
#EndRegion ;**** Directives created by AutoIt3Wrapper_GUI ****

My preference is actually the following though, which strips unnecessary functions, shrinks variable and function names sizes down, and avoids the string/number encryption (which would add more to the excution time):

#Obfuscator_Parameters=/om /cn=0 /cs=0 /sf=1 /sv=1

Be aware that even with the latest version and string/number encryption, the code can still be decompiled (way too easily unfortunately). It will be confusing to read the decompiled script however if you allow it to rename function and variable names.

*edit: Oops, meant *number* encryption

Edited by Ascend4nt

Share this post


Link to post
Share on other sites

#4 ·  Posted (edited)

Here's an example with some code I whipped up for another member last night.

Note that I had to shorten the AutoIt code DRAMATICALLY in the obfuscated version, since the forum wouldn't let me post that much.. I kept getting the error

Posted Image You must enter a post.

Un-obfuscated:

25 lines @ 802 bytes

Obfuscated:

863 lines @ 65,704 bytes

Not Obfuscated

#Region ;**** Directives created by AutoIt3Wrapper_GUI ****
#AutoIt3Wrapper_UseX64=n
#AutoIt3Wrapper_Run_Obfuscator=y
#EndRegion ;**** Directives created by AutoIt3Wrapper_GUI ****
#include <Array.au3>

Dim $Search[3][4] = [   ["hello",   "hi",   "hey"], _
                        ["brb",     "afk",  "bbl"], _
                        ["bye",     "cya",  "ttyl"] ]
Dim $Respond[3] = ["Why hello there!", "See you soon.", "Goodbye!"]
Global $Search, $Respond

For $i = 1 To 5
    $Me = InputBox("Prompt", "Input a message.")
    reply(StringLower($Me))
Next

Func reply($Message)
    $Check = _ArraySearch($Search, StringLower($Message))
    If Not @error Then
        MsgBox(262144, "Message", $Respond[$Check])
    Else
        MsgBox(262144, "Message", "I don't know what to say to that.")
    EndIf
EndFunc

Obfuscated

global $Os
A5700002242_()
global $A51C2802215=A5700002242($Os[0x223]),$A47C2901B22=A5700002242($Os[0x224]),$A0BC2A05F62=A5700002242($Os[0x225]),$A56C2B01754=A5700002242($Os[0x226]),$A27C2C06260=A5700002242($Os[0x227]),$A03C2D00619=A5700002242($Os[0x228]),$A28C2E05757=A5700002242($Os[0x229]),$A00C2F01212=A5700002242($Os[0x22A]),$A3DD2001556=A5700002242($Os[0x22B]),$A16D2100626=A5700002242($Os[0x22C]),$A5BD2201446=A5700002242($Os[0x22D]),$A2DD2402721=A5700002242($Os[0x22E]),$A61D2502F16=A5700002242($Os[0x22F]),$A07D260245C=A5700002242($Os[0x230]),$A2BD270220E=A5700002242($Os[0x231]),$A55D2805B4F=A5700002242($Os[0x232]),$A06D2905E33=A5700002242($Os[0x233]),$A16D2B0005B=A5700002242($Os[0x234]),$A04D2C03559=A5700002242($Os[0x235])
Func A5800103904(ByRef $A3310F03010, $A622000315B)
If Not Isdeclared("SSA5800103904") Then
Global $A0920103933=A5700002242($Os[0x1]),$A6220203F07=A5700002242($Os[0x2]),$A5F20304C0F=A5700002242($Os[0x3]),$A4320404253=A5700002242($Os[0x4]),$A2120504660=A5700002242($Os[0x5]),$A3620603C2F=A5700002242($Os[0x6]),$A2D2070392D=A5700002242($Os[0x7]),$A3520800119=A5700002242($Os[0x8]),$A0F20A05F03=A5700002242($Os[0x9])
Global $SSA5800103904=0x01
EndIF
If Not IsArray($A3310F03010) Then Return SetError(Number($A0920103933), Number($A6220203F07), -Number($A5F20304C0F))
If UBound($A3310F03010, Number($A4320404253)) <> Number($A2120504660) Then Return SetError(Number($A3620603C2F), Number($A2D2070392D), -Number($A3520800119))
Local $A1B20904857 = UBound($A3310F03010)
ReDim $A3310F03010[$A1B20904857 + Number($A0F20A05F03)]
$A3310F03010[$A1B20904857] = $A622000315B
Return $A1B20904857
EndFunc
Func A4100205238(Const ByRef $A3310F03010, $A622000315B, $A3220B01807 = 0, $A0920C05C0A = 0)
If Not Isdeclared("SSA4100205238") Then
Global $A1920D0331A=A5700002242($Os[0xA]),$A0F20E00B28=A5700002242($Os[0xB]),$A4920F05101=A5700002242($Os[0xC]),$A4C30004316=A5700002242($Os[0xD]),$A4530104E20=A5700002242($Os[0xE]),$A0D30202451=A5700002242($Os[0xF]),$A3630304D4E=A5700002242($Os[0x10]),$A063040171E=A5700002242($Os[0x11]),$A4830500652=A5700002242($Os[0x12]),$A323060104C=A5700002242($Os[0x13]),$A0D30705E30=A5700002242($Os[0x14]),$A2530805154=A5700002242($Os[0x15]),$A5430901700=A5700002242($Os[0x16]),$A0530A0261D=A5700002242($Os[0x17]),$A2D30B05C51=A5700002242($Os[0x18]),$A1430D05160=A5700002242($Os[0x19]),$A4130E0372F=A5700002242($Os[0x1A]),$A4130F0490E=A5700002242($Os[0x1B]),$A534000565A=A5700002242($Os[0x1C]),$A3340104C07=A5700002242($Os[0x1D]),$A044020580C=A5700002242($Os[0x1E]),$A0740302A06=A5700002242($Os[0x1F]),$A5240400C01=A5700002242($Os[0x20]),$A2940503912=A5700002242($Os[0x21]),$A1D4060312C=A5700002242($Os[0x22])
Global $SSA4100205238=0x01
EndIF
If Not IsArray($A3310F03010) Then Return SetError(Number($A1920D0331A), Number($A0F20E00B28), -Number($A4920F05101))
If UBound($A3310F03010, Number($A4C30004316)) <> Number($A4530104E20) Then Return SetError(Number($A0D30202451), Number($A3630304D4E), -Number($A063040171E))
Local $A1B20904857 = UBound($A3310F03010) - Number($A4830500652)
If $A0920C05C0A < Number($A323060104C) Or $A0920C05C0A > $A1B20904857 Then $A0920C05C0A = $A1B20904857
If $A3220B01807 < Number($A0D30705E30) Then $A3220B01807 = Number($A2530805154)
If $A3220B01807 > $A0920C05C0A Then Return SetError(Number($A5430901700), Number($A0530A0261D), -Number($A2D30B05C51))
Local $A5730C01309 = Int(($A0920C05C0A + $A3220B01807) / Number($A1430D05160))
If $A3310F03010[$A3220B01807] > $A622000315B Or $A3310F03010[$A0920C05C0A] < $A622000315B Then Return SetError(Number($A4130E0372F), Number($A4130F0490E), -Number($A534000565A))
While $A3220B01807 <= $A5730C01309 And $A622000315B <> $A3310F03010[$A5730C01309]
If $A622000315B < $A3310F03010[$A5730C01309] Then
$A0920C05C0A = $A5730C01309 - Number($A3340104C07)
Else
$A3220B01807 = $A5730C01309 + Number($A044020580C)
EndIf
$A5730C01309 = Int(($A0920C05C0A + $A3220B01807) / Number($A0740302A06))
WEnd
If $A3220B01807 > $A0920C05C0A Then Return SetError(Number($A5240400C01), Number($A2940503912), -Number($A1D4060312C))
Return $A5730C01309
EndFunc
Func A3F00306335(ByRef $A3310F03010, $A2940704E29, $A1A40804752 = "")
If Not Isdeclared("SSA3F00306335") Then
Global $A0940900C08=A5700002242($Os[0x23]),$A5640A05747=A5700002242($Os[0x24]),$A4940B0621C=A5700002242($Os[0x25]),$A5740C03201=A5700002242($Os[0x26]),$A5E40D0284E=A5700002242($Os[0x27]),$A5140E0103E=A5700002242($Os[0x28]),$A5A40F0500C=A5700002242($Os[0x29]),$A0D5000022E=A5700002242($Os[0x2A]),$A3750500B62=A5700002242($Os[0x2B]),$A0250603461=A5700002242($Os[0x2C]),$A1F50A02F36=A5700002242($Os[0x2D]),$A3E50B0005D=A5700002242($Os[0x2E]),$A2150D03353=A5700002242($Os[0x2F]),$A3350E0020F=A5700002242($Os[0x30]),$A3C50F02527=A5700002242($Os[0x31]),$A3260004134=A5700002242($Os[0x32]),$A2F60104D15=A5700002242($Os[0x33]),$A1A60203F49=A5700002242($Os[0x34])
Global $SSA3F00306335=0x01
EndIF
If Not IsArray($A3310F03010) Then Return SetError(Number($A0940900C08), Number($A5640A05747), Number($A4940B0621C))
If UBound($A3310F03010, Number($A5740C03201)) <> Number($A5E40D0284E) Then Return SetError(Number($A5140E0103E), Number($A5A40F0500C), Number($A0D5000022E))
Local $A5450104D60 = UBound($A3310F03010)
Local $A5D50200809 = $A2940704E29
Local $A5D50304544[$A5D50200809]
For $A4A50403441 = Number($A3750500B62) To $A5D50200809 - Number($A0250603461)
$A5D50304544[$A4A50403441] = $A4A50403441
Next
Local $A5550700C18 = A4410C02E06($A5450104D60, $A5D50200809)
Local $A4B50805C47 = $A5550700C18
Local $A6250906009[$A5550700C18 + Number($A1F50A02F36)]
$A6250906009[Number($A3E50B0005D)] = $A5550700C18
Local $A3550C04B1B = Number($A2150D03353)
While $A4B50805C47 > Number($A3350E0020F)
A5B10D03A1F($A5450104D60, $A5D50200809, $A4B50805C47, $A5550700C18, $A5D50304544)
For $A4A50403441 = Number($A3C50F02527) To $A2940704E29 - Number($A3260004134)
$A6250906009[$A3550C04B1B] &= $A3310F03010[$A5D50304544[$A4A50403441]] & $A1A40804752
Next
If $A1A40804752 <> "" Then $A6250906009[$A3550C04B1B] = StringTrimRight($A6250906009[$A3550C04B1B], Number($A2F60104D15))
$A3550C04B1B += Number($A1A60203F49)
WEnd
Return $A6250906009
EndFunc
Func A3300404100(ByRef $A006030475D, Const ByRef $A3A60403D31, $A3220B01807 = 0)
If Not Isdeclared("SSA3300404100") Then
Global $A316050330C=A5700002242($Os[0x35]),$A4660601006=A5700002242($Os[0x36]),$A4C60706111=A5700002242($Os[0x37]),$A0B60801A21=A5700002242($Os[0x38]),$A0560901457=A5700002242($Os[0x39]),$A1660A06231=A5700002242($Os[0x3A]),$A2260B02138=A5700002242($Os[0x3B]),$A2F60C05753=A5700002242($Os[0x3C]),$A0D60D02C16=A5700002242($Os[0x3D]),$A2D60E03D10=A5700002242($Os[0x3E]),$A0460F02725=A5700002242($Os[0x3F]),$A0770001C48=A5700002242($Os[0x40]),$A0A7010573F=A5700002242($Os[0x41]),$A3770204B15=A5700002242($Os[0x42]),$A0770301B31=A5700002242($Os[0x43]),$A0470405B38=A5700002242($Os[0x44]),$A1670504551=A5700002242($Os[0x45]),$A5870602729=A5700002242($Os[0x46]),$A0F70705C1F=A5700002242($Os[0x47]),$A1970805663=A5700002242($Os[0x48]),$A2C70902C18=A5700002242($Os[0x49]),$A0D70C01302=A5700002242($Os[0x4A])
Global $SSA3300404100=0x01
EndIF

Simply put : AutoIt is NOT secure. Ever. There is no *magical program* or obfuscator that will make your code 100% safe. Yes the obfuscator helps, but by no means is it safe from hackers. Themida won't do any good for a determined individual.

I've got a friend that has a bachelor's degree in computer programming and he helps me with suggestions when I make AutoIt programs. So far, he has been able to retrieve source for all but one of my compiled executables, most of which I obfuscate and then pack with Themida.

Long story short - if you want security, go learn C++ and use some professional tool such as Themida or PC Guard.

Edited by cembry90

AutoIt Stuff:

 

UDFs: {Grow}

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0