AutoCamo - 98.18b

[Ontosy]

The fix solve the previous problem. Ty

When i compile AC create A3C_NDTDFPVRPTHVV.bin .dat .a3x .exe in folder of source script. Do it is possible to instruct to use the %temp% folder also via other parameter in config?

Edited January 3, 2014 by Ontosy

[Mobius]

Sorry Ontosy,

But I am unable to replicate a situation on xp or w7 whereby the a3x and bin file are generated in the script folder, other than the "keep temporary files" option.

I will look into adding a build option for temporary directory specification.

The following information would help me diagnose/replicate your problem:

Perform a build with extra log info enabled and copy and paste the log into a post, then press CTRL + M and select:

Dump to log -> Parsed

And copy and paste that into the same post please.

Vlad

[Ontosy]

Excuse me, i have a A3C_TMP=1 setted.

I thought that if it is equal to zero, it creates the temporary files in the same directory as the source and then deletes them.

But I was wrong?

[Mobius]

Ah that would explain it, thanks Ontosy

The A3C_TMP option tells AC to copy all temporary files from the temp folder to the folder of the script after the build.

The option is there for debugging, and so a user can check the necessary files to ensure peace of mind

Its not a necessary part of the build, in fact rather foolishly I never considered the implications regarding AV software concerning copying the modified build files (executables and data) to a location outside of the temp directory.

My bad, one more thing for the help references.

Vlad

[Mobius]

I've had a report saying that the APC option does not work for some users, although it worked fine under xp and w7.

Admittedly the author does not use antivirus at all and has disabled account protection under w7, which is probably not the best environment for testing.

Has anyone else had problems with seemingly unexecutable output after using the APC option?

Vlad

[Ontosy]

No problem A3C_APC in XP. What is APC?

[Mobius]

Thanks Ontosy,

Do you by any chance use any software masquerading as security, such as 3rd party Antivirus or firewall?

APC (silly ass name derived from the original procedure name) is a very old method of compressing and embedding the interpreter within an executable wrapper.

AutoCamo's purpose is to make your standalone exe's slightly harder to decompile / interrogate by tools that rely on static file string and data sequences.

By embedding the interpreter within another exe in addition to lightly obfuscating the a3x sequences, allows the output to greater withstand the basic checks performed by such tools.

Unless of course the person / program using it makes a target of themselves by asking for money or is malicious or is part of a community that is used to reverse engineering such as game bot developers.

When I called it camo I was thinking of camstick or clothing or foliage or chronic myopia or brain trauma in the interrogator, and nothing more.

Vlad

[Ontosy]

Not use AntiVirus here.

[Mobius]

Not use AntiVirus here.

All good then, bare in mind that until I can get to the root of the problem for those that reported it, your distributables that use APC might not work for the end user.

Can't say I'm surprised, the code for it is nearly 5 years old and the method is far older than that.

[Ontosy]

Stopped with Symantec Endpoint Protection.

[Mobius]

No big surprises there, the first of many no doubt, which is why I decided to use the version of APC I posted in the mvp forum, its expendable.

An APC'd output exe

https://www.virustotal.com/en/file/4f1a96df5d44ac662f1018de44bcc6205e854e4d1d0d3c35315e02bce1676abc/analysis/1389113580/

A UPX'd then APC'd output exe

https://www.virustotal.com/en/file/12ff79f755b64bf6e084dc01687e362ffe1dc2dc552bffb8a7f5abf9023d6494/analysis/1389113667/

Vlad

Edited January 9, 2014 by Mobius

[WhiteLion]

hello vlad my old friend

after a long IDLE time I updated autoit to v3.3.8.11.2 beta and your A3C from v62.x to v81.12

now I ve problems to use my config (au3) file (see below) for this latest versions, no patching is made and some other errors included.

I dont really get all this new options you added to latest version.... maybe you can help me?

thanx in advanced!

Config:

#cs A3C
A3C_OUT=C:\Program Files\AutoIt3\AutoIT-eigenerkrams\multitool\MultiTool\P-em_x86.exe
A3C_ICO=C:\Program Files\AutoIt3\AutoIT-eigenerkrams\multitool\MultiTool\pem128.ico
A3C_IRI=99
A3C_RND=1337
A3C_SUB=WIN
A3C_KOR=1
A3C_A2E=c:\Program Files\AutoIt3\Beta\Aut2Exe\Aut2exe.exe
A3C_BIN=c:\Program Files\AutoIt3\Beta\Aut2Exe\AutoItSC.bin
A3C_VRL=2057
A3C_CMP=2
A3C_NO_VERSION=1
[A3C_RES]
TRAY_MNU=4}166}2057}#@BIN>
INPUTBOX_DLG=5}1000}2057}#@BIN>
STR_TBL=6}7}2057}#@BIN>
STR_TBL=6}8}2057}#@BIN>
STR_TBL=6}9}2057}#@BIN>
STR_TBL=6}10}2057}#@BIN>
STR_TBL=6}11}2057}#@BIN>
STR_TBL=6}12}2057}#@BIN>
STR_TBL=6}313}2057}#@BIN>
MANIFEST=24}1}1033}#@BIN>
[A3C_PBE]
[A3C_VER]
ProductName=P-em x86
FileVersion=2.01
CompanyName=TKserver
[A3C_PAT]
U=AutoIt}Jelly+}2
U=Script}KitKat}0
[]

#ce ;A3C
Run('"c:\Program Files\AutoIt3\Aut2Exe\A3C.exe" ' &'"'& @SCRIPTFULLPATH &'"')

logfile:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Build Start

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Compiler Processing
Config error c:\Program Files\AutoIt3\Aut2Exe\CFG\DRXL\c:\Program.drx

Fuzzy seed: 53009198 From 1337
Compiler: 3, 3, 11, 2
Resource script detected

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Interpreter Processing
Interface: Window
Config error c:\Program Files\AutoIt3\Aut2Exe\CFG\DRXL\c:\Program.drx

Interpreter: Not found FileVersion
Warning, compiler & interpreter version strings differ!

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Resources
TRAY_MNU Added
INPUTBOX_DLG Failed to find resource
Build Aborted

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Build End

[Mobius]

Hey WhiteLion,

Good to see you too , I will get right on it, thankyou for the reproducer and log output.

Vlad

[Mobius]

This file is an experimental update type, the archive needs to be extracted to your current AutoCamo 81.12 folder, overwriting existing files. It is likely that these will be added to the main thread as more bugs get found, rather than releasing full downloads all the time.

Fixes the following major issues

A3C.exe : Bug resulting in AutoCamo not recognizing a space in the path to the DRXL patch file.

A3C.exe : Bug when A3C is told to delete an interpreter icon not reporting a fail.

A3C_RES.mnu : The resource element menu items to "Preserve interpreter defaults" contained the macro @OUT> when it should have been @BIN> for AutoCamo 81.12 .

Fixes the following minor issues

Some of the macro help references were not formatted or explained.

Adds the following

C for compiler phase and I for interpreter phase as possible parameters for when to run an executable. This means that both DRXL (A3C_PAT) and other executables (A3C_PBE) can now run in all available phases of the build.

This example may or may not help explain the different stages available when DRXL.exe or other programs and internal instructions can be performed during the build.

To add this to your currently open build via AutoCamo's interface:

1. Copy the contents of the code box below to the clipboard.

2. Press ALT + E to go to Execute sub window

3. Click the "list import" toolbar button and select "From Clipboard" menu item

4. Press ALT + P to go to Patches sub window

5. Click the "list import" toolbar button and select "From Clipboard" menu item

These are merely comments, however DRXL.exe will be executed multiple times for the patch comments which can delay the build a little.

[A3C_PBE]
=$$ PBE Prep Comment}}}}P
=$$ PBE Compiler Comment}}}}C
=$$ PBE Interpreter Comment}}}}I
=$$ PBE Before build Comment}}}}B
=$$ PBE During build Comment}}}}D
=$$ PBE After build Comment}}}}A
[A3C_PAT]
#=DRXL Prep Comment}}P
#=DRXL Both Comment}}B
#=DRXL Compiler Comment}}C
#=DRXL Interpreter Comment}}I
#=DRXL During build Comment}}D
#=DRXL After build Comment}}A
[]

---

WhiteLion,

You did me a big favour there thankyou , I'll try and explain some of the options in your config.

You have the option A3C_NO_VERSION set to 1 when it should not be set at all if you want your version information data to be added to the output. Or do you have it disabled because you are using Aut2Exe's native version info commands?

As of AutoIt 3.3.10+ the InputBox dialog resource is added to the output exe by Aut2Exe when required, So this line in your config to preserve it caused A3C to abort when it could not be found.

INPUTBOX_DLG=5}1000}2057}#@BIN>

You are using the option A3C_KOR to tell A3C to delete the original interpreter resources, and in your resource config section you are preserving a large chunk of the resources (Which is fine), However the overall result ends up simply deleting some of the stock icons.

Might I suggest this alternative which does the same as your config for fewer lines:

; Just a suggestion but you might want to change your A3C_RND value if this is a public distribution
; I have removed A3C_KOR intentionally which results in the resources not being deleted.
; The resource instructions now just delete the icons which was the result of your original config.
;
; All other options have been removed either because the defaults are fine or because they are not necessary.
#cs A3C
A3C_OUT=C:\Program Files\AutoIt3\AutoIT-eigenerkrams\multitool\MultiTool\P-em_x86.exe
A3C_ICO=C:\Program Files\AutoIt3\AutoIT-eigenerkrams\multitool\MultiTool\pem128.ico
A3C_RND=1337
A3C_A2E=C:\Program Files\AutoIt3\Beta\Aut2Exe\Aut2Exe.exe
[A3C_RES]
Delete Empty=ICO}162}2057}
Delete Red x=ICO}164}2057}
Delete Crosshair=ICO}169}2057}
[A3C_VER]
ProductName=P-em x86
FileVersion=2.1
CompanyName=TKServer
[A3C_PAT]
@NV=1}}B
U=Script}KitKat}B
U=AutoIt}Jelly+}I
[]
#ce ;A3C
Run("Notepad.exe")

I suck at explaining / documenting things (as you may have gathered) but if there is anything else I will certainly try.

Vlad

Edited January 11, 2014 by Mobius

[Mobius]

Edited post above one final time, hopefully fixing all haywire codebox output (strange) and incorrect info it contained.

Edited January 11, 2014 by Mobius

[WhiteLion]

hi vlad  

thank you for trying to help me out.... but I think I am to dumb to get all the stuff how autoit handles the script and or I missed the new concept of the tool / or maybe autoit sucks with moving the script to resource. ... at leased I ve no Idea what I am doing wrong.... 

I tried various things out but nothing worked.

Things I don´t understand:

- When I do edit the options changes I do will be dropped: I set in A3C (for exmpl. the lines for making patches ) changes will be dropped after I leave the line. I ve no idea how to change these stuff in your tool. - is there a save button I missed !?

- When I compile the script and execute it ... not my program will be started - your tool (A3C) starts .... I dont rly get this!?
 

Maybe you can give me a full example how to stumble my compiled scriped that all the AutoIt strings are removed from the compiled exe file (I always open it up with an hex editor and still there are simple strings (like "AutoIt", "AUTOIT" "Script"), where you can recognize easily that its a autoit script). All Icons should be removed that I only have my own Icon. File Version stuff should be set. and script should be maximum scrambled. 

maybe you can make an example for dummies like me.

thanx again for your help and sorry for my bad English what may be a reason for my problems too!

[Mobius]



hi vlad  

thank you for trying to help me out.... but I think I am to dumb to get all the stuff how autoit handles the script and or I missed the new concept of the tool / or maybe autoit sucks with moving the script to resource. ... at leased I ve no Idea what I am doing wrong.... 

I tried various things out but nothing worked.

I don't want to hear you call yourself dumb again marine , I doubt you are alone in misunderstanding the recent changes, hell if you weren't using my tool (which is not very user friendly) you wouldn't even have to think about how AutoIt standalones are crafted.

So chin up and lets see if theres light at the end of this rainbow.

Things I don´t understand:

- When I do edit the options changes I do will be dropped: I set in A3C (for exmpl. the lines for making patches ) changes will be dropped after I leave the line. I ve no idea how to change these stuff in your tool. - is there a save button I missed !?

The save popup menu is invoked by either clicking the toolbar button (2nd from the left) at the top of the window, or by pressing CTRL + S.

- When I compile the script and execute it ... not my program will be started - your tool (A3C) starts .... I dont rly get this!?

Now we are getting somewhere, you are storing the build options inside an Au3 script that is not the script you want to build! I was curious about that in your posted config data (the line that contains the Run() function which loads AutoCamo on the script), but it seems you are using what was once called a "Quicklaunch" build script in an older version of AC before it was possible to save directly to a source file.

Okay lets sort this out for you:

1 Run or open the script that contains your build options into AC's interface.

2 Invoke the save popup menu described above and select: Browse (cfg a3c au3)

3 In the save dialog click on the file type combo box and select: Script [au3] , now navigate to and select the script file you actually want to build (P-em_x86.au3 for example), then click save.

AC will likely display a message box saying that there was no previous build options so it going to put them at the top of the script instead, and another message box indicating success or failure.

The script you just saved to is the file you must load with AC whenever you want to build, to save confusion I suggest you delete the "quicklaunch" script that originally contained your build options.

If you invoke the save popup menu one last time, at the bottom you will see an entrance for P-em_x86.au3 (or whatever your script is actually called), it is this menu item that you use to quickly save any changes you make in the interface. You only really need to select this before you close AutoCamo's window, but you can use it as much as you like.

4 At this point just click the build button or press CTRL + G , wait for the build to finish then execute the output exe to make sure it built the right script (it should have).

If it didn't you can pretty much ignore the rest of this post and tell me it failed.

5 You are probably used to launching A3C.exe by double clicking on that quicklaunch script you posted, since you can no longer do this you need some alternatives for launching AC on your files:

If you don't mind shell integration there is a script distributed with AC that adds right click file options for these extensions: .Au3 .A3c and .cfg . To run it press CTRL + K to bring up the kit popup menu and select: Execute -> AutoIt -> Shell integrate AutoCamo -> Run

Then select Yes to proceed.

An alternative would be to create a .a3c file as a shortcut to your script within AutoCamo's A3C sub directory, which can then be selected from the interface by either clicking the large icon or the Input button.

To do this manually is fairly simple:

1 Go to AC's list explorer by pressing ALT + Z

2 In the list explorer toolbar click the Z button to display the path popup menu and select: A3C -> Templates

3 Right click anywhere in the explorer window that does not contain a file or information to display another popup menu and select: New File

4 Enter the name of the a3c file in the input box and click ok, for example: P-em_x86.a3c

5 Right click on the file you just created in the explorer and select 'Code edit' from the popup menu, which loads the file into Scite.

6 In Scite add the following configuration line and save the changes.

A3C_IN = x:\Full path to\Your Script.au3

So WhiteLion yours is probably C:Program FilesAutoIt3AutoIT-eigenerkramsmultitoolMultiToolP-em_x86.au3 , if not enter the correct path.

7 And thats it, now whenever you want to build you would select 'P-em_x86' from the input popup menu invoked by either clicking the Input button or the large icon or by pressing CTRL + I

After explaining all that I think I'll add an internal option for something like this in a future update.

Maybe you can give me a full example how to stumble my compiled scriped that all the AutoIt strings are removed from the compiled exe file (I always open it up with an hex editor and still there are simple strings (like "AutoIt", "AUTOIT" "Script"), where you can recognize easily that its a autoit script). All Icons should be removed that I only have my own Icon. File Version stuff should be set. and script should be maximum scrambled.

maybe you can make an example for dummies like me.

thanx again for your help and sorry for my bad English what may be a reason for my problems too!

Here is an example, extract it to AutoCamo's A3C subdirectory then select the example from the Input popup menu by pressing CTRL + I , You will recognise it if put in the right place.

Dude you can't just purge all instances of the String AutoIt and script in the compiler and interpreter without knowing what you are doing! Why?

Reason 1 The patches are all case sensitive, Which means searching for 'AutoIt' is going to ignore any other variations of that word, likewise for 'Script' and any other string you are trying to replace. Plus you have to consider there may be ansi and unicode versions of the string in the interpreter.

Reason 2 The string AUTOIT and SCRIPT are used in both function names and macros and other places, which means that you would have to avoid using anything in your source that would normally contain those strings, which is possible but not recommended.

If you would like to save yourself some time in the Hex editor:

After AC has finished building your script

1 Go to the Console sub window by pressing ALT + C

2 In the 'Program' edit box put:

<@DRX>

3 In the 'Commandline' edit box put:

~nl ~nv "@OUT>" @IS UNI`AutoIt @IS ANS`AutoIt

4 In the console toolbar click the 'Run' button (second from left) and select from the popup menu: Current Fields

Please wait for the process to finish, this can take a bit of time if the output is a reasonable size, which AutoIt standalones are these days.

In the console box you should now have a numbered list of file offsets and variations of the string AutoIt both ansi and unicode generated by DRXL to give you a rough idea what you are dealing with.

You can do this with Script or any strings if you like.

5[/] This is optional but if you want to store that command for future use:

In the 'Description' edit box put something like:

DRXL search AutoIt

Then in the console toolbar click the 'Elements' button (Leftmost) , and from the popup menu select: Control -> Add to run / elements menu

Now at a later date you can either edit this command by selecting it from the 'user' sub menu in the elements menu or run it directly by selecting it from the run menu.

I hope some of this helps.

Vlad

[Mobius]

Bug fix update 82.14b download added to main thread

Fixed major issues

A3C.exe

Bug causing the new parameter I for execution instructions to

not be registered correctly at build time.

Bug when using the APC option would sometimes generate an

executable that would not run or would get stuck in a loop.

Bug causing the log sub window to be given focus after certain

commands were executed from the console sub window.

Temporary drxl files like the config and log were still being

generated outside of the temporary build folder. Now they are

handled like the other temporary files. Also the temporary

output exe file was being left behind when it should not have.

Bug when using list import to generate a resource list from

another executable would not populate the file parameter.

Also the same feature added icon groups to the list when they

are not supported this way.

DRXL.exe

Major bug due to inept linked list handling causing random

crashes under windows 7 and Vista when simply searching or

replacing ansi and unicode strings, or using the @ token at

the beginning of an instruction id to generate it on the fly.

Bug when searching for the first instance of a null byte would

display / store an offset even when no null exists in the

target.

Bug causing quad based hexidecimal output from the function

#VO to be invalid.

AWC.exe

Bug generating some defunct A3C build options.

Compiled as a console application instead of window.

Still only very basic wrapper parameters supported.

Fixed minor issues

A3C help file mistakes

A3C menu item mistakes (internal and predefined)

Some popup menus displayed incorrect or no icons.

A3C new internals

Menu Items

Two save menu items for quickly saving to an a3c shortcut:

Input file .a3c shortcut:

Only stores the path to the Input source in the a3c shortcut. This is for users that store build options in the source file.

Full .a3c shortcut:

Stores all build options in the a3c shortcut. This is for users that don't want to store build options in the source file.

Both items create an a3c file in the A3CUser sub directory, which can then be selected from the Input menu, and both items require that a full path to the Input source file be specified as the input parameter in the main sub window to work.

The name of the a3c file is generated from the source filename which could lead to the a3c shortcut being overwritten if you have two or more projects that use the same main source file name and try to save shortcuts to them.

Keyboard shortcuts

A selected item in a list control found in the resources -

execute - version info and patches sub window can be moved

using the following keyboard shortcuts.

ALT + UP Move up

ALT + DOWN Move down

ALT + LEFT Move to top

ALT + RIGHT Move to bottom

CTRL + ENTER when the console window has focus will

execute the command currently in the editor fields.

APC wrapper components

These are all temporary as this will likely be dropped by the next full update. In all honesty user you would spend more time trying to hide the fact that an apc wrapper exists than you ever would trying to defend your work.

There are two slightly different executable APC stubs. (both of which are highly flagged by certain antivirus tools so serve only as an example of method to the curious)

There is also a method that might allow a wrapped output exe to be used with some types of exe packer or protector.

Commandline switches

~apc1 : Make default loader stub support other tools.

~apc2 : Use alternate loader stub, supports other tools by default.

Loading non build options

Configuration options such as macros and menus are now looked

for in the last build config file loaded with A3C_INC as well

as the first build config file loaded.

Editor line wrapping

The info - log and console editor controls now wrap input

that exceeds the width of the control; which cuts down on

redundant horizontal scrolling but can mess up formatting so

the help editor control does not use it.

A3C new externals

Added .a3c file shortcuts for some AutoIt distributed examples

Added a few .a3c examples of using APC with UPX and MPRESS.

Vlad

[Guest]

Thank you very much for this tool!

I appreciate the effort you put on this tool. You did it to save a lot of headache to other people and I am very grateful to you!

This is the result when a number of brains share their outputs. And it works excellent in the autoit community - the main reason why I'm not leaving this language.

[Mobius]

gil900,

Thankyou for your kind words, although it's still a little rough and probably causes more headaches than it saves.

Why would you want to discard the language?

Vlad