Sign in to follow this  
Followers 0
TXTechie

AutoIt and Malware: Compile or just run scripts with AutoIt3.exe?

6 posts in this topic

Hello Everyone!

Now that I've decided to begin using AutoIt as my standard template "wrapper" for deploying software and automating changes on computers within my work environment, I want to ask the community whether you think I should deploy my software packages as compiled executables, or should I just include the main AutoIt executables (AutoIt3.exe & AutoIt3_x64.exe) and then call the software package in my software deployment solution via the command-line (for example: AutoIt3.exe Flash-11.6.au3)?

The primary reason for this question is based on the AutoIt and Malware link on the AutoIt Wiki. While, AutoIt executables are not currently being flagged as false positives by our current Anti-Virus and Anti-Malware solution, I'm concerned about the potential scenario where a false positive occurring again at any time in the future (for any number of reasons) disabling all software deployments within our company because I've chose to use compiled AutoIt scripts for my standard deployment mechanism.

What are your thoughts?

Share this post


Link to post
Share on other sites



Hi, TXTechie. Besides AutoIt, what method of deployment are you using (Altiris, SCCM, A.D., etc.)? I always always always suggest you take the time to repackage applications into MSI format, as it gives you much more flexibility with the install. Beyond that, however, it really depends on the method of deployment.


√-1 2^3 ∑ π, and it was delicious!

Share this post


Link to post
Share on other sites

Hi JLogan3o13,

Well, I've been in Systems Management (software packaging and deployments) for 14+ years now and there are two primary methods for software packaging and deployments: 1) drive the installation using the native installer and 2) repackaging everything to Microsoft's Windows Installer (MSI) technology. I am in the 1) camp, so I create a script "wrapper" to drive the native installer (whether legacy or MSI) and then automate any other desired post-installation configurations as desired.

So, since I don't use Flexera Software's InstallShield tools - I've been deploying software using a script as a wrapper (currently VBScript, but I've decided to switch to AutoIt). This is why I'm asking the question.

My company uses CA Software Delivery as our software deployment solution (I have previously used Microsoft's SMS [now SCCM], Novell ZenWorks, what used to be called Marimba, but is now BMC BladeLogic Client Automation and Dell's KACE KBOX).

Share this post


Link to post
Share on other sites

If you have access to your company's antivirus software on the server level, you can whitelist the installation location of your software.

Also, I have found that compiling with options and unchecking UPX compression reduces false positives.

1 person likes this

RAID Calculator | Software Installer

The truth has been suppressed since the dawn of time.

Share this post


Link to post
Share on other sites

My experience "in the wild" with home pcs and having to deal with multiple Antivirus products with multiple configurations is you can't trust them not to kill AutoIt programs.

As you (unlike I) have control of your environment,

Why not install "AutoIt3.exe" somewhere permanently on your computers.

Then associate "a3x" with "AutoIt3.exe".

That way you don't have to bundle AutoIt3 with everything, you avoid the possibility of false positives completely and the AutoIt program (a3x) isn't plain text visible.

Just my 2c worth.

John Morrison

1 person likes this

Share this post


Link to post
Share on other sites

abberration - The problem is the location of the deployed software will be different and growing, I don't want that management nightmare. I thought that I had read another post here in the forums stating that using any other setting except for the default UPX compression setting of Normal would change the file attributes of the default AutoIt compiled executable - is this true?

storme - Since I am also the person in control of the standard workstation clone image, I have thought about including the AutoIt3_x64.exe on our standard Win7 (64-bit) image build - if I go the route of just executing scripts (rather than compiling). However, the less than 1 MB size of each of the AutoIt executables is not a big deal. I don't really care about the visibility of my scripts (especially since I've been using VBScript files for years), but I like the idea of having less additional files by compiling to the a3x format (I had to look that up in the help file, as I was unfamiliar with that) in that it can incorporate all include and FIleInstall files. Plus, I have the added ability to make my scripts a little more secure from easily prying eyes - especially if I may include some more confidential info in some of my scripts in the future (I know that this is not really secure, but is just secure from those who aren't interested in really trying to hack the scripts). Thank you, very much, for the additional information, storme!

 

Does anyone think I should worry about this and just go ahead and use fully compiled scripts to executables for all of my deployments?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Similar Content

    • Viki
      By Viki
      This is my first time here so please dont bombard me that what a silly question I am asking!!
      I have 500 rows (A1:A500) in a spreadsheet and I just want to copy one by one row and then paste into another application and then press enter, loop should repeat this until finishes all 500 rows.
      I have looked at clipget(), clip(put() but dont know how to select next row in next turn. I also looked at Array to store but again no luck. Can some guide me please..
    • DineshPawar
      By DineshPawar
      0down votefavorite   In my current project, Excel macro open AutoIt script using a function Call Shell("location of autoit script").
      For proper functioning of AutoIt script it's need to be close parent Excel workbook, so this closing Excel action is written in AutoIt script itself.
      But as soon as AutoIt script close parent Excel workbook then script get pause and it do nothing.
      How open the AutoIt script from Excel workbook and after that parent Workbook get close?
    • AndroidZero
      By AndroidZero
      I want to animate transparent GIFs on my gui.
      I searched, read and tested a lot UDFs
      At the end none fits to me
      I wrote my own animated function, but its flickering sometimes just for a miliseconds but still doesnt looks good.

       
      Below is my code for Testing and also the GIF images you need for it.
      GUIChangeImage() is the Animation Function.
      CODE:
      ;************FOR GATHER HTML SOURCE CODE********************** #include <IE.au3> #include <InetConstants.au3> ;************FOR GUI*********** #include <GUIConstantsEx.au3> #include <WindowsConstants.au3> #include <WinAPIFiles.au3> ;**********FOR BUTTON ********** #include <ButtonConstants.au3> #include <StaticConstants.au3> ;**********FOR STRINGS ********** #include <StringConstants.au3> #include <String.au3> ;**********FOR COMBOBOX ********** #include <StringConstants.au3> #include <EditConstants.au3> #include <GuiEdit.au3> #include <GuiComboBox.au3> ;**********FOR FONTS ********** #include <FontConstants.au3> ;**********FOR GIF ANIMATION ********** #include <GIFAnimation.au3> ;**********FOR PROCESS ********** #include <Process.au3> #include <SendMessage.au3> #include <GDIPlus.au3> #include <WinAPIDiag.au3> Opt("GUIOnEventMode",1) Global Const $SC_DRAGMOVE = 0xF012 Global $hGUIAccountCreator Global $graphics_path = @ScriptDir & "\graphics" Global $fontSize_TextBody = 8.5, $fontName_TextBody = "", $fontWeight_TextBody = $FW_BOLD, $fontColor_TextBody = 0x5A2800 GUI_open_AccountCreator() Func GUI_open_AccountCreator() Global $hGUIAccountCreator = GUICreate("Tibia Account Creator - SubZero", 350, 400, -1, -1, $WS_POPUP, BitOR($WS_EX_LAYERED, $WS_EX_TOPMOST)) GUISetOnEvent($GUI_EVENT_CLOSE, "GUI_Close_AccountCreator") GUICtrlCreatePic($graphics_path & "\WindowAccountCreator.gif", 0, 0, 350, 400) GUICtrlSetState(-1, $GUI_DISABLE) ;********* GUI CONTROLS (LABELS,INPUTS,COMBOBOXES) ********************************************************************** GUICtrlCreateLabel(" Create New Account", 25,47,103,14,$SS_CENTERIMAGE) GUICtrlSetBkColor(-1, $GUI_BKCOLOR_TRANSPARENT) GUICtrlSetFont(-1,8,$fontWeight_TextBody,0,$fontName_TextBody,1) GUICtrlSetColor(-1,0xFFFFFF) GUICtrlCreateLabel("Account Name:",30,75,75,14) GUICtrlSetBkColor(-1, $GUI_BKCOLOR_TRANSPARENT) GUICtrlSetFont(-1,8,$fontWeight_TextBody,0,$fontName_TextBody,1) GUICtrlSetColor(-1,0x5A2800) Global $inptBox_Acc = GUICtrlCreateInput("",130,75,150,20) GUICtrlCreateLabel("Email Adress:",30,100,70,14) GUICtrlSetBkColor(-1, $GUI_BKCOLOR_TRANSPARENT) GUICtrlSetFont(-1,8,$fontWeight_TextBody,0,$fontName_TextBody,1) GUICtrlSetColor(-1,0x5A2800) Global $inptBox_Email = GUICtrlCreateInput("",130,100,150,20) GUICtrlCreateLabel("Password:",30,125,55,14) GUICtrlSetBkColor(-1, $GUI_BKCOLOR_TRANSPARENT) GUICtrlSetFont(-1,8,$fontWeight_TextBody,0,$fontName_TextBody,1) GUICtrlSetColor(-1,0x5A2800) Global $inptBox_Passwd = GUICtrlCreateInput("",130,125,150,20,$ES_PASSWORD) GUICtrlSetData($inptBox_Passwd, "") GUICtrlCreateLabel("Character Name:",30,170,83,14) GUICtrlSetBkColor(-1, $GUI_BKCOLOR_TRANSPARENT) GUICtrlSetFont(-1,8,$fontWeight_TextBody,0,$fontName_TextBody,1) GUICtrlSetColor(-1,0x5A2800) Global $inptBox_CharName = GUICtrlCreateInput("",130,170,150,20) GUICtrlCreateLabel("Sex:",30,195,23,14) GUICtrlSetBkColor(-1, $GUI_BKCOLOR_TRANSPARENT) GUICtrlSetFont(-1,$fontSize_TextBody,$fontWeight_TextBody,0,$fontName_TextBody,1) GUICtrlSetFont(-1,8,$fontWeight_TextBody,0,$fontName_TextBody,1) GUICtrlSetColor(-1,$fontColor_TextBody) Global $comboBox_sex = GUICtrlCreateCombo("",130,195,150,20,$CBS_DROPDOWNLIST) ;LoadSexIntoComboBox() GUICtrlCreateLabel("World Location:",30,240,77) GUICtrlSetBkColor(-1, $GUI_BKCOLOR_TRANSPARENT) GUICtrlSetFont(-1,$fontSize_TextBody,$fontWeight_TextBody,0,$fontName_TextBody,1) GUICtrlSetFont(-1,8,$fontWeight_TextBody,0,$fontName_TextBody,1) GUICtrlSetColor(-1,$fontColor_TextBody) Global $comboBox_world = GUICtrlCreateCombo("",130,240,150,20,BitOr($CBS_DROPDOWNLIST, $WS_VSCROLL)) ;LoadWorldsIntoComboBox() Global $label_status = GUICtrlCreateLabel("",20,360,200,30) GUICtrlSetBkColor(-1, $GUI_BKCOLOR_TRANSPARENT) ;********* GUI CONTROLS (LABELS,INPUTS,COMBOBOXES) ********************************************************************** ;********* CONTROL PICS ********************************************************************** Global $btn_randAccName = GUICtrlCreatePic($graphics_path & "\Die_Static.gif", 280, 75, 26, 26) GUICtrlSetTip($btn_randAccName, "Generate a random account name") GUICtrlSetCursor($btn_randAccName,0) ;GUICtrlSetOnEvent($btn_randAccName,"GenerateRandomAccName") GUICtrlSetOnEvent($btn_randAccName,"GUIChangeImage") Global $btn_x = GUICtrlCreatePic("", 315, 5, 40, 36) GUICtrlSetTip($btn_x, "Close") GUICtrlSetCursor($btn_x,0) GUICtrlSetOnEvent($btn_x,"GUI_Close_AccountCreator") Global $btn_donate = GUICtrlCreatePic("", 112, 313, 126, 47) GUICtrlSetTip($btn_donate, "Donate") GUICtrlSetCursor($btn_donate,0) ;GUICtrlSetOnEvent($btn_donate,"Donate") ;********* CONTROL PICS ********************************************************************** ;********* GDI+ DRAW ********************************************************************** _GDIPlus_Startup() Local $hImg = _GDIPlus_ImageLoadFromFile($graphics_path & "\X_Tic-Tac-Toe_Token.gif") Local $hHBMP = _GDIPlus_BitmapCreateHBITMAPFromBitmap($hImg) _WinAPI_DeleteObject(GUICtrlSendMsg($btn_x, 0x0172, $IMAGE_BITMAP, $hHBMP)) _GDIPlus_ImageDispose($hImg) Local $hImg = _GDIPlus_ImageLoadFromFile($graphics_path & "\Die_Static.gif") Local $hHBMP = _GDIPlus_BitmapCreateHBITMAPFromBitmap($hImg) _WinAPI_DeleteObject(GUICtrlSendMsg($btn_randAccName, 0x0172, $IMAGE_BITMAP, $hHBMP)) _GDIPlus_ImageDispose($hImg) Local $hImg = _GDIPlus_ImageLoadFromFile($graphics_path & "\btn_donateCC_LG.gif") Local $hHBMP = _GDIPlus_BitmapCreateHBITMAPFromBitmap($hImg) _WinAPI_DeleteObject(GUICtrlSendMsg($btn_donate, 0x0172, $IMAGE_BITMAP, $hHBMP)) _GDIPlus_ImageDispose($hImg) _GDIPlus_Shutdown() ;********* GDI+ DRAW ********************************************************************** _WinAPI_SetLayeredWindowAttributes($hGUIAccountCreator, 0x26f50b) GUISetIcon(@ScriptDir & "\TibiaInfo.ico") GUISetState(@SW_SHOW, $hGUIAccountCreator) WinSetOnTop($hGUIAccountCreator,"",1) GUIRegisterMsg($WM_LBUTTONDOWN, "_WM_LBUTTONDOWN") EndFunc Func GUIChangeImage() _GDIPlus_Startup() GUICtrlDelete($btn_randAccName) Local $btn_randAccName = GUICtrlCreatePic("", 280, 75, 26, 26) Local $hImg = _GDIPlus_ImageLoadFromFile($graphics_path & "\Die_Frame2.gif") Local $hHBMP = _GDIPlus_BitmapCreateHBITMAPFromBitmap($hImg) _WinAPI_DeleteObject(GUICtrlSendMsg($btn_randAccName, 0x0172, $IMAGE_BITMAP, $hHBMP)) _GDIPlus_ImageDispose($hImg) _WinAPI_SetLayeredWindowAttributes($hGUIAccountCreator, 0x26f50b) Sleep(100) GUICtrlDelete($btn_randAccName) Local $btn_randAccName = GUICtrlCreatePic("", 280, 75, 26, 26) Local $hImg = _GDIPlus_ImageLoadFromFile($graphics_path & "\Die_Frame3.gif") Local $hHBMP = _GDIPlus_BitmapCreateHBITMAPFromBitmap($hImg) _WinAPI_DeleteObject(GUICtrlSendMsg($btn_randAccName, 0x0172, $IMAGE_BITMAP, $hHBMP)) _GDIPlus_ImageDispose($hImg) _WinAPI_SetLayeredWindowAttributes($hGUIAccountCreator, 0x26f50b) Sleep(100) GUICtrlDelete($btn_randAccName) Local $btn_randAccName = GUICtrlCreatePic("", 280, 75, 26, 26) Local $hImg = _GDIPlus_ImageLoadFromFile($graphics_path & "\Die_Frame4.gif") Local $hHBMP = _GDIPlus_BitmapCreateHBITMAPFromBitmap($hImg) _WinAPI_DeleteObject(GUICtrlSendMsg($btn_randAccName, 0x0172, $IMAGE_BITMAP, $hHBMP)) _GDIPlus_ImageDispose($hImg) _WinAPI_SetLayeredWindowAttributes($hGUIAccountCreator, 0x26f50b) Sleep(100) GUICtrlDelete($btn_randAccName) Local $btn_randAccName = GUICtrlCreatePic("", 280, 75, 26, 26) Local $hImg = _GDIPlus_ImageLoadFromFile($graphics_path & "\Die_Frame5.gif") Local $hHBMP = _GDIPlus_BitmapCreateHBITMAPFromBitmap($hImg) _WinAPI_DeleteObject(GUICtrlSendMsg($btn_randAccName, 0x0172, $IMAGE_BITMAP, $hHBMP)) _GDIPlus_ImageDispose($hImg) _WinAPI_SetLayeredWindowAttributes($hGUIAccountCreator, 0x26f50b) Sleep(100) GUICtrlDelete($btn_randAccName) Local $btn_randAccName = GUICtrlCreatePic("", 280, 75, 26, 26) GUICtrlSetCursor($btn_randAccName,0) GUICtrlSetOnEvent($btn_randAccName,"GUIChangeImage") Local $hImg = _GDIPlus_ImageLoadFromFile($graphics_path & "\Die_Static.gif") Local $hHBMP = _GDIPlus_BitmapCreateHBITMAPFromBitmap($hImg) _WinAPI_DeleteObject(GUICtrlSendMsg($btn_randAccName, 0x0172, $IMAGE_BITMAP, $hHBMP)) _GDIPlus_ImageDispose($hImg) _WinAPI_SetLayeredWindowAttributes($hGUIAccountCreator, 0x26f50b) _GDIPlus_Shutdown() EndFunc Func GUI_Close_AccountCreator() Exit EndFunc Func _WM_LBUTTONDOWN($hWnd, $iMsg, $wParam, $lParam) _SendMessage($hGUIAccountCreator, $WM_SYSCOMMAND, $SC_DRAGMOVE, 0) EndFunc While 1 Sleep(10) WEnd  
      IMAGES:
       
       








    • ur
      By ur
      I am maintaining all the reusable code in a separate file as library.au3.
      In that file I have referenced some dependent files using fileinstall, so that they will be extracted when necessary.
       
      Problem is, if I use a function in the library.au3 in another script which doesn't require this dependent file, as I am including the whole file using include tag, it is embedding that file also.
      Is there any way to exclude that.
       
    • GAM
      By GAM
      Am trying to execute perl script from autoit script but its not running. Th command that I have given is...
      $rootDir = automation Run("cmd.exe /" & "C:\" & $rootDir & "\updatesource.pl") Can someone help please!