Jump to content
Sign in to follow this  
jfrandol

FileInstall in compiled EXE with Digital Signature

Recommended Posts

jfrandol

When I compile the following script into an .EXE and then digitally sign and timestamp the .exe with Microsofts command line tools (signcode.exe)

;msgbox (0,"title",@TempDir)

FileInstall("C:\Temp\RC\WinVNC.exe", @TempDir & "\")

FileInstall("C:\Temp\RC\VNCHooks.dll", @TempDir & "\")

Run(@ComSpec & " /c " & @TempDir & '\winvnc.exe', "")

RunWait(@ComSpec & " /c " & @TempDir & '\winvnc.exe -connect rc.accountable.com::443', "")

It generates an .exe that won't run, it consumes a lot of CPU then eventually puts up a dialog "AutoIt Error: Unable to open the script file."

Has anyone else attempted to digitally sign a autoit compiled .EXE ?

thanks for any experiences you can relate..

John f.

Share this post


Link to post
Share on other sites
Jon

When I compile the following script into an .EXE and then digitally sign and timestamp  the .exe with Microsofts command line tools (signcode.exe)

;msgbox (0,"title",@TempDir)

FileInstall("C:\Temp\RC\WinVNC.exe", @TempDir & "\")

FileInstall("C:\Temp\RC\VNCHooks.dll", @TempDir & "\")

Run(@ComSpec & " /c " & @TempDir & '\winvnc.exe', "")

RunWait(@ComSpec & " /c " & @TempDir & '\winvnc.exe -connect rc.accountable.com::443', "")

It generates an .exe that won't run, it consumes a lot of CPU then eventually puts up a dialog "AutoIt Error: Unable to open the script file."

Has anyone else attempted to digitally sign a autoit compiled .EXE ?

thanks for any experiences you can relate..

John f.

Unfortunately, the signing modifies the exe file so that when autoit tries to scan it and unpack the script it won't be able to find it (the long delay) and then fail.

Share this post


Link to post
Share on other sites
jfrandol

Thanks for the response Jon - I knew it was something like that but thought it was due to my included files (the FileInstall lines) - but now see its a general problem with any compiled script.

It appears that the code that scans for and unpacks the script from the self contained .exe is not in the downloadable source ? (I couldn't find it,I guess it would be the source code for AutoitSC.bin?

I would make a stab at 'fixing' this if I knew where to look - since I have some experience in C (a little in C++) - and I really like AutoIT's ability to make a small .EXE with no runtime dependancies - BUT in todays world, some people would really like me to sign my small .exe's (it makes them feel better...) :whistle:

John F

Share this post


Link to post
Share on other sites
Wabbit

Should be fixed in the next beta.

So is there a solution for this, or are we just out of luck? I want a small AutoIt3 script, compiled to an exe to run without constantly popping up the security question. Can this be fixed? Changing the security options doesn't seem to be a good option, and even if we do that, it causes IE 7 to complain CONSTANTLY about security level.

Anyone have any ideas?

Share this post


Link to post
Share on other sites
JSThePatriot

So is there a solution for this, or are we just out of luck? I want a small AutoIt3 script, compiled to an exe to run without constantly popping up the security question. Can this be fixed? Changing the security options doesn't seem to be a good option, and even if we do that, it causes IE 7 to complain CONSTANTLY about security level.

Anyone have any ideas?

It seems you are speaking of another matter.

Are you on Windows Vista, or just working with IE 7? Answer this question, and maybe there is a solution. Jon has created a manifest file that should eliminate any security issues on Vista, but it has to be put with each script or something of that sort.

Thanks,

JS


AutoIt Links

File-String Hash Plugin Updated! 04-02-2008 Plugins have been discontinued. I just found out.

ComputerGetInfo UDF's Updated! 11-23-2006

External Links

Vortex Revolutions Engineer / Inventor (Web, Desktop, and Mobile Applications, Hardware Gizmos, Consulting, and more)

Share this post


Link to post
Share on other sites
Wabbit

It seems you are speaking of another matter.

Are you on Windows Vista, or just working with IE 7? Answer this question, and maybe there is a solution. Jon has created a manifest file that should eliminate any security issues on Vista, but it has to be put with each script or something of that sort.

Thanks,

JS

Well, the one I am having problems on is a Windows Media Center Edition 2005, svcpk 2. I upgraded to IE 7 on it from IE 6.1.

It runs fine on my XP Pro PC with IE 7 and me with Admin rights, but on the Media Center pc running with user rights, it won't just run. Instead, it pops up a prompt saying that the publisher can't be verified and asks if the user wants to run the program.

I just want the program to run without prompting. The only way I could fine to do this was to go into IE 7 options > Security Tab > Security Level custom level button > and change the "Launching Programs and Unsafe Files" option from prompt to enable.

Two problems: 1: I don't like changing this option for obvious reasons. 2: Any time IE is opened, instead of going straight to the home page, it opens a big warning page complaining about the change, and there is a permanent click bar at the top of the page offering to reset the security change. A huge pain and confusing for basic users.

Thanks!

Share this post


Link to post
Share on other sites
JSThePatriot

Well, the one I am having problems on is a Windows Media Center Edition 2005, svcpk 2. I upgraded to IE 7 on it from IE 6.1.

It runs fine on my XP Pro PC with IE 7 and me with Admin rights, but on the Media Center pc running with user rights, it won't just run. Instead, it pops up a prompt saying that the publisher can't be verified and asks if the user wants to run the program.

I just want the program to run without prompting. The only way I could fine to do this was to go into IE 7 options > Security Tab > Security Level custom level button > and change the "Launching Programs and Unsafe Files" option from prompt to enable.

Two problems: 1: I don't like changing this option for obvious reasons. 2: Any time IE is opened, instead of going straight to the home page, it opens a big warning page complaining about the change, and there is a permanent click bar at the top of the page offering to reset the security change. A huge pain and confusing for basic users.

Thanks!

Search Google, and maybe MSDN for Manifest File. Or something similar. I dont know exactly what would be causing this on the MCE 05, except for maybe that is where they tested some of Vista's code, which requires Manifest files to be setup to allow the program to run without prompt.

JS


AutoIt Links

File-String Hash Plugin Updated! 04-02-2008 Plugins have been discontinued. I just found out.

ComputerGetInfo UDF's Updated! 11-23-2006

External Links

Vortex Revolutions Engineer / Inventor (Web, Desktop, and Mobile Applications, Hardware Gizmos, Consulting, and more)

Share this post


Link to post
Share on other sites
Valik

A manifest isn't going to do anything, AutoIt's manifest is compiled into it.

Share this post


Link to post
Share on other sites
Wabbit

A manifest isn't going to do anything, AutoIt's manifest is compiled into it.

What is manifest? It seems like Windows is looking for a publisher on the program. Would adding some information to some part of the compiled exe do this?

Share this post


Link to post
Share on other sites
JSThePatriot

A manifest isn't going to do anything, AutoIt's manifest is compiled into it.

Thanks. My mistake.

JS


AutoIt Links

File-String Hash Plugin Updated! 04-02-2008 Plugins have been discontinued. I just found out.

ComputerGetInfo UDF's Updated! 11-23-2006

External Links

Vortex Revolutions Engineer / Inventor (Web, Desktop, and Mobile Applications, Hardware Gizmos, Consulting, and more)

Share this post


Link to post
Share on other sites
Wabbit

Ok, I found an easy work around...

It turns out there is a cool new feature in Windows, perhaps it came along with IE 7, that puts a "block" on programs that are downloaded from the Internet, including email.

Since I had emailed the program to my home pc, it picked up the block. When I looked at the properties for the program on that pc, I found a little button at the bottom that let me unblock the program.

Problem solved.

Thanks!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.