Jump to content

Recommended Posts

  • Replies 424
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

CodeCrypter enables you to encrypt scripts without placing the key inside the script. This is because this key is extracted from the user environment at runtime by, for example: password us

@RTFC I see a few differences between your modified version of CryptoNG and the original version that could be problematic.  When comparing the version of CryptotNG.au3 that you distribute, which

Found the issue, which was indeed a bug. Please stand by for an updated bundle... CodeScannerCrypter bundle version 2.4 is now released, with many thanks to @Roman for flagging the bug.

Posted Images

Hi !

I just test it and i don't know how you did it, but that's simply amazing !!

I didn't change the key since I have to understand better how it works and how to create

a script that would run ok on another environnements :)

For an advice, maybe you could put every needed files in one zip,

and some Tools to automate the crypt process.

last advice, it's not easy to use codescanner ( treeview click interface ), a little more explanation would be interesting :)

but at last, that's amazing. How much security can we guess with this ? Does it prevent decompilation ?

i'll test with bigger script I have and try to report you.

Hope some users will test it too, maybe afraid of all needed scripts, but as you said, once understood, it's easy :)

Great job !

-- Arck System _ Soon -- Ideas make everything

"La critique est facile, l'art est difficile"

Projects :

[list] [*]Au3Service : Run your exe as service V3 / Updated 29/07/2013 Get it Here [/list]
Link to post
Share on other sites

Hi arcker,

Read many of your posts in the past; your Service UDF is outstanding, I use it almost daily! :thumbsup:

Thanks very much for responding so positively and your helpful suggestions! :)

A single zip package is easily set up, but a bit of a pain to maintain afterwards (whenever any of the pieces change, I'd have to update every bundle too). But it's probably an additional threshold for people who might be mildly interested, but don't want to have to jump through lots of hoops to get it working. So I can definitely set that up now.

Tools to automate the crypt process?  CodeCrypter was supposed to take care of that (see Presets). Or do you mean selecting/setting up a new key definition? Interesting suggestion, I'll have to think about that.

Codescanner is as you say kind of sparsely explained, it's true. :think: But I don't see how a tutorial pdf or FAQ is going to help much. I suppose I could make a short flash video tutorial (and maybe another one for CodeCrypter?), to show that it really can all be done in a few clicks. People don't have to program a single line to obfuscate and heavily encrypt  their script, I guess I need to clarify this. If any Moderator is reading this, how would posting a video work? Would I post a YouTube link or should I upload an .flv directly, or do it some other way? Any suggestions welcome (I'm still a complete noob on all this posting stuff).

How much security?

A determined, skilful attacker would be able through decompilation to figure out how you obtain your decryption key, but not what it is, unless they have access to the full environment (host machine, User ID, and whatever else you use as key(s)) where the script is intended to run. So your script is safe to the extent to which the key is protected. No amount of decompilation can reveal what is not present to begin with, and the key itself is never stored anywhere. But if an attacker can install hidden spying software on a legitimate user's machine and/or fake-personify the user, there's not much I can do against that. Nothing is 100% secure, and people are usually the weakest link in any crypto.

To give an example: an attacker can figure out by analysing the code that you're using (for example) keytype 1, which queries the user for a password at startup. They could of course also figure this out if they can watch a legitimate user start the script. So then it's simply a question of whether the real user can keep their password safe without taping a note of it to their keyboard or screen. I suggested in CodeCrypter's Q&A pdf to create a more secure key by maybe combining something user-specific, something machine-specific and your own web server's response to the script's unique serial number (you'd have to put that serial number in yourself, I'm afraid, and define an InetGet() keytype in MCFinclude).

The encryption itself is currently using Ward's AES, which AFAIK even the NSA has trouble with (no obvious backdoor in the algorithm, like DES for example), but you can use whatever algorithm you want (just replace the few encryption calls in MCF and one decrpytion call in MCfinclude).

I've tried to give people as much control as possible.

Thanks again for your encouragements! I'll see if I can make things easier...


Link to post
Share on other sites

Hi there!

I just started looking into scripting, and chose AutoIt since my boss thought it was simply amazingly easy to understand once you get the hang of it.

Although I am indeed at the bottom of the knowledge tree, i understand what you have done here and I must say it is rather impressive.

Personally, I have only made small installers, using different multi install sources like Ninite.com (for Client and Internal machines) and it is working perfectly fine.

I am looking to expand my knowledge, which is why I am commenting on this post - I hope brilliant people like yourself and your commenters keep this up :)

Lastly, i wish to thank the community for posting examples like this, I have read alot of examples and posts in the "GUI help" sections to get ideas and expand my understanding.

Thank you!

Link to post
Share on other sites

Hi Siggassen, and welcome to the AutoIT forums!

Thanks for your comments, very much appreciated!

I only started using AutoIt less than a year ago myself (did have previous programming experience though). The great thing about this language (to me at least) is that it is not only incredibly simple and intuitive to get started with, but it also keeps growing with you; as your own knowledge expands, you discover new, powerful ways to use it (Dll calls, for example). And I've benefited greatly from other people's amazing UDFs (code annotations also clarify a lot) and their helpful replies to queries. Not at all like some other forums I know...

Best of luck with your projects! :bye:


Link to post
Share on other sites


Thx for your word about Services UDF, even if I really fixed it early ( you learn so much in 5 years Oo )

I try to pass more time here on community to help since autoit has served me well in the past years in my carrier :)

For your project, no problem for the automatization of the crypt process.

I would just post a screenshot about codescanner and how to program it, even if I love this interface, it's original and

all information we need is here.

I've another question : I've seen a lot of execute, so I wonder about performance, even if I know that's not the point here.

if you have just some bench on it :)

-- Arck System _ Soon -- Ideas make everything

"La critique est facile, l'art est difficile"

Projects :

[list] [*]Au3Service : Run your exe as service V3 / Updated 29/07/2013 Get it Here [/list]
Link to post
Share on other sites

Hi again arcker,

Thanks re. the interface, it was the first time I used TreeViews, so I thought, might as well see how else it could be useful aside from showing includes and calls.

Screenshots would be quick and easy to do, I'll see if I can rustle something up when I have a spare moment.

Benchmarks I haven't done yet. I suspect it's very reliant on your baseline, i.e., the kinds of commands your script is using. As a rough rule of thumb (mentioned in my Q & A / FAQ pdf in the CodeCrypter thread), I guesstimated a factor 2 for single encryption (keytype visible in MCFCC calls) and a factor 3 for nested encryption (keytype hidden), but that may be wide off the mark. You can reduce the processing load by enabling subset encryption, so under the Tab Encrypt you would enable the subset checkbox and set the proportion (or percentage) to less than 1 (c.q. <100%); the encryption then only affects a proportion (selected at random). If you enter an integer number N larger than one, CodeCrypter will sequentially encrypt only every N-th line (of the total number of encryptable lines). So you can reduce the extra processing load that way if you're not too worried about your code design and ideas being partly legible.

You can also encypt specific lines (well, phrases) you select yourself, for example a particular bunch of UDFs you need to protect, leaving the GUI part in clear code. See the Q & A pdf for instructions how to do this. (Basically you run a full encrypt pass first, then rebuild the phrasesNew array the way you want from phrasesUsed and phraseEncryp, then call CreateNew.)

Finally, the simplest way to reduce the processing load is to move the location where you include MCFinclude.au3 in your script. If this is your first line, then all other includes that follow it will be encrypted too, and since these #includes are publicly available anyway, it may be a waste of time to shield that. So I tend to make MCFinclude the last include before my main code starts, so only my own stuff is protected. (I would however obfuscate everything, since it costs nothing extra in processing power).

Slowdown is definitely an issue, you're right. I tested CodeCrypter on a few AutoIt games, and unless you reduce the encryption to a subset of about 10%, games like Mario and Autoiteroids become so slow that they're unplayable; same story with trancexx's XMplayer, which just fails altogether if more than a tiny fraction is encrypted. If slowdown is an issue, you'll have to do some fine-tuning to decide which parts of your code need protection most. It can be a difficult trade-off.

BTW I updated CodeScanner this morning, still version 2.0, but fixed a small bug.

Link to post
Share on other sites

Hello nullschritt,

Nope, not using key pairs. It works like this:

  • you include the supplied file MCFinclude.au3 in your script
  • this file contains an initialisation function called MCFCC_Init()
  • this function contains various optional calls and macros that when invoked, return some string from the environment. You can use one (or more) of the pre-supplied ones, or add new calls (to existing functions or your own UDF) yourself. One of the supplied defaults (option 1) is for example the old chestnut of the user password query dialog box at startup. The important part is, these calls all extract some information from the run-time environment (the user, the host machine, the network, the internet, whatever).

The returned string is your decryption key for the encrypted code lines.

Now the trick is that you can tell Codecrypter when you encrypt to use either:

  • a direct call to your chosen initialisation function (in this case the target will work only in your own environment), OR
  • an "expected response" you enter yourself, that matches some other environment (so the target will only work there).

CodeCrypter uses the response as key to encrypt your code, and edits the dummy call to MCFCC_Init to initialise with your defined function call, and the moment you exit CodeCrypter, the key is gone. When the encrypted script is started, MCFCC_Init calls your selected function, this returns some string, which is used as decryption key. If the returned string does not match your original key, only garbage is returned, and the programme won't run.

Hope that clarifies matters! ;)

For more information, see the Remarks section inside the CodeCrypter script.

Edited by RTFC
Link to post
Share on other sites

First I give you my special thanks for sharing this useful tool! Nice to see in this forum that kind of tools which are trying to protect our work!

I have a little issue or I can't understand very well but .... I use autoit-v. and:

1. I have a simple script in which I placed the MCFinclude.au3

2. I place the requared include AES.au3, MCF.au3, MCFinclude.au3, readCSdatadump.au3

3. Furst I run CodeScanner ( with WriteMetaCode=True ). It create folder myscript.au3.CS_DATA

4. Then codecrypter.exe which create MCF0test.au3

All this is ok but my new script give this error:

#include _MCFCC("0x04E69DA809736DCB6752B39D3C6CF669184CBAD8C44FABBB9456EF6E3673E1AC487",3)

MCF0test.au3(2,10) : ERROR: illegal character in include directive.
#include _

I make something wrong.. the help file is not helping me ;)


Link to post
Share on other sites

Hello TonyBriscoe,

Firstly ,thanks for your comments.

Re. your issue, something definitely went very wrong because your new script should no longer contain any includes.

My first suggestion would be to create a BackTranslated testMCF0.au3 (either from CodeScanner or from CodeCrypter) from your original script. If this script still contains lines that start with #include ... then that would be very odd. In that case, I would love to analyse your script to see how that could possibly have happened.

Secondly,  maybe I've misunderstood, but your point 2 seems to suggest that you've included MCF.au3 etc in your script?? If that's the case, that would be a mistake, because you should only include MCFinclude.au3 (which automatically includes AES.au3). Under no circumstance should any of the other includes you mention in point 2 be explicitly incorporated in your script.

Thanks for pointing this out, I will amend the instructions to clarify this.

So 1) remove all MCF-related #includes from your script except MCFinclude.au3, and 2) do a BackTranslate, and check that all #include lines are removed from your testMCF0.au3 output. If not, then please let me know.

Best of luck,


Link to post
Share on other sites

No, my simple script contain only MCFinclude.au3 include.

#include <MCFinclude.au3>

Local $Is = 1
While $Is<11
    MsgBox(-1,"Count Up to 10",".. and the count is: " &$Is,1)

All other necessery file (AES.au3, MCF.au3, MCFinclude.au3, readCSdatadump.au3) I placed in the include folder of the autoit program.

The BackTranslated give me this ( again it have includes inside ):

; Source Language: AutoIt
; Extracted from : D:\test\myscript.au3
; on             : 2013-10-29, at 21:15:08
; CodeScanner was itself running AutoIt version:
; This Single-Build was generated on 2013-10-29, at 21:15:45

#include "MemoryConstants.au3"       ; {file:4}{line:3}
#include "StructureConstants.au3"       ; {file:4}{line:4}
#include "ProcessConstants.au3"       ; {file:4}{line:5}

#include "SecurityConstants.au3"       ; {file:5}{line:3}
#include "StructureConstants.au3"       ; {file:5}{line:4}

#include "StructureConstants.au3"       ; {file:7}{line:3}
#include "FileConstants.au3"       ; {file:7}{line:4}

Global $__gaWinList_WinAPI[64][2] = [[0, 0]]       ; {file:7}{line:19}{ref637}
Global Const $__WINAPICONSTANT_GW_HWNDNEXT = 2       ; {file:7}{line:47}{ref658}
Global Const $__WINAPICONSTANT_GW_CHILD = 5       ; {file:7}{line:48}{ref659}

Func __WinAPI_EnumWindowsAdd($hWnd,$sClass="")       ; {file:7}{line:1898}
    If $sClass="" Then $sClass=_WinAPI_GetClassName($hWnd)       ; {file:7}{line:1899}
    $__gaWinList_WinAPI[0][0]+= 1       ; {file:7}{line:1900}
    Local $iCount=$__gaWinList_WinAPI[0][0]       ; {file:7}{line:1901}

And this is given potential issues:


I think that there is something wrong with my included files. I uploaded them here if you want to take a look:


Thanks for your reply and trying to help!

Link to post
Share on other sites

Hi again,

Sorry to hear you're still having trouble with this. I've tried unsuccessfully to reproduce your problem, first with my own test scripts, then (when you posted your code) with yours.

That CodeScanner output is nothing to worry about; those includes are flagged quite often as redundant (depends on which WinAPI functions are actually called), and regardless of whether CodeScanner considers files redundant, the MCF writer processes them anyway, so in CodeCrypter you can still decide to keep everything in.

I have trouble downloading from your posted link; FF requests my permission to download large files, but offers no way of giving it (apparently lots of people are struggling with the same problem on the web). I've been playing with the permissions, but nothing I tried lifts the block.

I did however copy your test script, ran it, CodeScanned it, BackTranslated it, encrypted it.

I can't find anything wrong with it, and everything works as normal at this end.

I've attached my copy of your script (weird.au3), the single build (MCF0.txt), the backtranslation (MCF0.au3), and the encrypted version (MCf0test.au3) using default settings.

weird.zip (apologies for the renaming, I have too many "test" scripts/dirs already)

The encrypted version uses password "test" all lower-case

Some questions:

  • Does this happen only with this script or with every script you try?
  • Are your original scripts ASCII or UniCode? (bit of a long shot)
  • What happens when you process my copy of your original script (weird.au3)?
  • Can you do a file compare between your version and my copy?


Codescan + CreateMCF0 + Backtranslation is enough (don't forget to call Create Single Build before each Backtranslation; a newer version of MCF (not yet uploaded) will do this automatically, but this one still requires manual labour (well, an extra click). If the Backtranslate still has #includes in it then it failed.

I must say I'm baffled :unsure: , and not being able to reproduce the error makes it difficult for me to help you, I'm sorry to say. If my copied version is essentially the same as yours, then I suspect there's something peculiar in your AutoIt environment (as we are running the same version, it can't be that). and could you perhaps just attach your own version of your script to your next post here (the web code paste in the post may hide some low-level differences)? Thanks.


Edited by RTFC
Link to post
Share on other sites


I finally managed to download your includes, hooked them up, reran your test script, and it all works flawlessly here.

If the tests in my previous post don't clarify matters, you could edit your MCF.au3 (maybe save a copy of the original first) around line 795, in recursive UDF _WriteMCF0()  where the very first metacode checked for is "{incl". I suspect that somehow, in your environment, for whatever reason, that stringtest fails. If you have a hex editor, you may also wish to check "#include ..." lines in metacode files MCF1-MCF* for 00h, FFh, or other "empty" characters that are not 09h or 20h. If the StringinStr fails to find the  {incl#} metacode tag because of some file corruption, then the converter would treat it as a normal compiler directive, and copy it verbatim.

You could perhaps add a Msgbox(0,"",$curline), if $pos1<1 And stringleft($curline,8)="#include" to determine which lines are skipped, that will help you focus on whatever is tripping up the StringinStr test.

Link to post
Share on other sites

So sorry for the trouble that I've created for you by downloading the files.. This was my mistake to not upload them here..

Thank you very much for taking your time and given me enough examples and explanations to help me with solving the problem, but it still persist :( .

Some answers:

  • Does this happen only with this script or with every script you try? - This happen with every script.
  • What happens when you process my copy of your original script (weird.au3)? - it works fine.
  • Can you do a file compare between your version and my copy? - Yes, the only difference is in the beggining where my script begin with some includes and some missing Globals..

I think that the codescanner miss some includes, so after that the codecrypter can't do his wokr correct.

I attach the files that you need to compare and I'll try again to see what is wrong with me according your suggestions.

Wishing you all the best!



Link to post
Share on other sites

I am a 24-carat, industrial strength moron. :doh:

What do all your retained includes have in common? They are all Constants files.

Your latest upload allowed me to check your CodeScanner settings. What do you have switched off? Include constants files.

Now I haven't figured out how CodeScanner was able to process MetaCode with this switch off; it's automatically switched on whenever you set WriteMetaCode on. You didn't edit your CodeScanner.ini file by hand inbetween, did you?

Anyway, I'll add some additional checks in CodeScanner to ensure that this will be impossible in future; expect an update in the near future.

For now, just make sure you've got "Include Constants files" switched on in the Settings before you process your target source. That should fix it.

Link to post
Share on other sites

Thank you so mutch!

    In the beginning I changed only the WriteMetaCode to be True in the CodeScanner settings and I did not pay attention that IncludeConstants was False ! Now all works PERFECT and I can continue using it in my main projects! I will continue to give my feedback here.

  Once again Thank You for your excellent work!



Link to post
Share on other sites

Glad I could help! :)

Thanks for persisting, the output shows that I need to build in some extra settings checking in CodeScanner (working on it...) I guess because writemetacode and includeconstants are normally synced, I failed to consider the notion of them becoming unsynced later. It's not supposed to happen, but Murphy's Law always applies. My bad. :idiot:

Link to post
Share on other sites

CodeScanner updated to version 2.1 (MCF-related bug fixes), updated in bundle, and FAQ updated.

Link to post
Share on other sites
  • 4 weeks later...


first I want to say thank you for your nice tool-package.

I have some problems to get SetError() to work with an encrypted script.

Take the following example-script and then encrypt it with codecrypter:

#include "..\CodeScannerCrypterBundle\MCFinclude.au3"

Func _Test($test)
    If $test == "" Then
        Return SetError(1, 0, "")
    Return $test

Local $test = _Test("test")
If @error Then
    ConsoleWrite("1st call Error: " & @error & @CRLF)
    ConsoleWrite("1st call Value: " & $test & @CRLF)

$test = _Test("")
If @error Then
    ConsoleWrite("2nd call Error: " & @error & @CRLF)
    ConsoleWrite("2nd call Value: " & $test & @CRLF)

The (unencoded) original output after run the script is:

1st call Value: test
2nd call Error: 1

But after encryption the console output is:

1st call Value: test
2nd call Error: 0

Do you have an idea, how to overcome this?

Thanks in advance.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By TheXman
      Encryption / Decryption / Hashing
      Cryptography API: Next Generation (CNG) is Microsoft's long-term replacement for their CryptoAPI.  Microsoft's CNG is designed to be extensible at many levels and cryptography agnostic in behavior.  Although the Crypt.au3 UDF lib that is installed with AutoIt3 still works perfectly, the advapi32.dll functions that it uses have been deprecated.  In addition the Crypt.au3 UDF lib, as it is currently written, has a very limited ability to decrypt AES data that was not encrypted using Crypt.au3.  That is because Crypt.au3 functions do not allow you to specify an actual key or initialization vector (IV).  It only lets you specify data to be used to derive a key and uses a static IV.  This UDF was created to offer a replacement for the deprecated functions used by Crypt.au3.  According to Microsoft, deprecated functions may be removed in future release.  It was also created to allow more flexibility in encryption/decryption and to expand the ability for users to implement cryptography in their scripts.
      This UDF implements some of Microsoft's Cryptography API: Next Generation (CNG) Win32 API functions.  It implements functions to encrypt/decrypt text and files, generate hashes, derive keys using Password-Based Key Derivation Function 2 (PBKDF2), and has several cryptography-related helper functions.  The UDF can implement any encryption/decryption algorithms and hashing algorithms that are supported by the installed cryptography providers on the PC in which it is running.  Most, if not all, of the values that you would commonly use to specify that desired algorithms, key bit lengths, and other magic number type values, are already defined as constants or enums in the UDF file.
      To flatten the learning curve, there is an example file that shows examples of all of the major functionality.  This example file is not created to be an exhaustive set of how to implement each feature and parameter.  It is designed to give you a template or guide to help you hit the ground running in terms of using the functions.  I have tried to fully document the headers of all of the functions as well as the code within the functions themselves.    As of v1.4.0, there is also a Help file that includes all of the functions, with examples.
      Current UDF Functions
      Algorithm-Specific Symmetric Encryption/Decryption Functions _CryptoNG_AES_CBC_EncryptData _CryptoNG_AES_CBC_DecryptData
        _CryptoNG_AES_CBC_EncryptFile _CryptoNG_AES_CBC_DecryptFile
        _CryptoNG_AES_ECB_EncryptData _CryptoNG_AES_ECB_DecryptData
        _CryptoNG_AES_GCM_EncryptData _CryptoNG_AES_GCM_DecryptData
        _CryptoNG_3DES_CBC_EncryptData _CryptoNG_3DES_CBC_DecryptData
        _CryptoNG_3DES_CBC_EncryptFile _CryptoNG_3DES_CBC_DecryptFile
        Generic Symmetric Encryption/Decryption Functions _CryptoNG_EncryptData _CryptoNG_DecryptData
        _CryptoNG_EncryptFile _CryptoNG_DecryptFile
        Hashing Functions _CryptoNG_HashData _CryptoNG_HashFile
        Asymmetric (Public/Private Key) Encryption/Decryption Functions _CryptoNG_RSA_CreateKeyPair
        _CryptoNG_RSA_EncryptData _CryptoNG_RSA_DecryptData
        Misc / Helper Functions _CryptoNG_CryptBinaryToString _CryptoNG_CryptStringToBinary
        _CryptoNG_EnumAlgorithms _CryptoNG_EnumRegisteredProviders _CryptoNG_EnumKeyStorageProviders
      Related Links
      Cryptography API: Next Generation - Main Page
      Cryptography API: Next Generation - Reference
      Cryptography API: Next Generation - Primitives
      Cryptography API: Next Generation - Cryptographic Algorithm Providers
    • By RTFC
      The CodeScannerCrypterBundle (ca. 2.9 MB unzipped) contains the following UDFs and utilities:
      CodeScanner: analyse AutoIt script structure and content, identify potential issues, generate MCF data files CodeCrypter: front-end GUI for the MCF library, for script encryption (without storing the decryption key(s) in the script!) MetaCodeFile UDF (MCF library): for analysis and user-defined alterations of AutoIt script structure and content MCFinclude.au3: #include this UDF in any AutoIt script that you wish CodeCrypter to process CryptoNG, by TheXman; encryption UDF using Bcrypt dll calls (32/64-bit; various algorithms) StoreCCprofile.au3/readCSdatadump.au3/helloworld.au3: auxiliary utilities and example script HowToCodeCrypt.pdf: a simple guide in five steps CodeCrypterFAQ.pdf: questions and answers, partly based upon exchanges in the CodeCrypter thread. MetaCodeTutorial.pdf: the MCF engine explained; useful for encryption, GUI translation, code translation, and much more... Please follow the links for additional information.
    • By RTFC
      MetaCode offers a way to:
      separate a script's structure from its content remove all redundant definitions (globals and UDFs) change any content (and some structure) combine (new) structure and (new) content into a new script The most useful applications implemented so far are:
      Fast language translation (not just text strings, also variable names and UDF names) Obfuscation (vars and/or UDFs) Script Encryption (conditionals, calls, and macros) Encryption is powerful because the key is not stored anywhere; you can define it to be a user password, macro, environment spec/variable, server response, something you define yourself, or a combination thereof; anything goes, as long as it's not a fixed string or fixed value. More info in the CodeCrypter thread: ?do=embed' frameborder='0' data-embedContent>'?do=embed' frameborder='0' data-embedContent>>
      ?do=embed' frameborder='0' data-embedContent>
      But MetaCode has more potential than that; it allows you to tinker with any type of content separately, then rebuild a new version. So for example, you can have a single script structure and numerous different language modules you just plug in to create a new version in a different language.
      A brief Tutorial is here: MetaCode Tutorial.pdf
      The MCF library itself can be found in the CodeScannerCrypter bundle.
      And a little example how to use it for translating your GUI into a different language:
       UI_Translator.7z (new version that should work with the new version of Google Translate, see post #13 below)
      MCF.au3 is just the library plus the MCFinclude.au3 file you need to include in any script you wish to encrypt.
      There is no GUI here. However, I did write a separate front-end for it called CodeCrypter, which you can find here:
      ?do=embed' frameborder='0' data-embedContent>'?do=embed' frameborder='0' data-embedContent>>
      ?do=embed' frameborder='0' data-embedContent>
      MCF uses output generated by my CodeScanner version 2.8+, which you can find here:
      '?do=embed' frameborder='0' data-embedContent>>
      CodeScanner also depends on MCF.au3 now, as it can now call a few of its functions.
      I should also mention Ward's excellent AES.au3 UDFs used for the encryption and decryption calls,  which is now included in the CodeScannerCrypter bundle (thanks to Ward for allowing to include it). You can find the original (unpatched) version here:
      '?do=embed' frameborder='0' data-embedContent>>
      Note: you can replace the encryption/decryption calls with whatever algorithm you like (hint: the native <Crypt.au3> library is too slow for most purposes, better stick to machine code routines)
      So just to be clear:
      CodeScanner (v2.8+) needs MCF (earlier versions won't work!) CodeCrypter needs MCF (plus anything that MCF needs) MCF itself needs MCFinclude (part of MCF zip) MCF also needs readCSdatadump (part of the CodeScanner package, you need the latest version packaged with CodeScanner v2.8; earlier versions won't work!) both MCF and MCFinclude currently rely on AES.au3 by Ward So you basically need to download the whole bundle for any of it to work.
      If you have any questions, please start by reading the MCF Tutorial and the CodeCrypter FAQ (you can download the latter separately from the CodeCrypter thread).
      Next, read the extensive Remarks sections in MCF.au3, MCFinclude.au3, and CodeCrypter.au3
      If still no joy, then please post. However, I'm not online that often, and logged in to the forum even less, so response may take a while).
    • By Radix

      I would like to know if it is possible to implement an autoit script with GOST algorithm. I noticed that there are seven different algorithms in the standard UDF, but I urgently need a command line crypter with GOST algorithm. I just lack the algorithm part. Is it possible to adapt GPLib in the autoit script?


    • By RestrictedUser
      I had created login form and this form first goes to de-crypting file that encrypted then read the saved credentials by de-cryptied file, but doesn't work properly!
      I want just read encrypted data without saving de-crypted file, just read! 
      #NoTrayIcon #include <Crypt.au3> #include <FileConstants.au3> #include <MsgBoxConstants.au3> #include <ButtonConstants.au3> #include <EditConstants.au3> #include <GUIConstantsEx.au3> #include <StaticConstants.au3> #include <WindowsConstants.au3> ;==================================Variables=================================== ;Encryption settings _Crypt_Startup() $PEK = _Crypt_DeriveKey("BS#Password", $CALG_AES_256, $CALG_SHA_512) $DefaultCredFile = "[Credentials]" & @CRLF & "BUsername=NoAdmin" & @CRLF & "BPassword=NoAdmin" & @CRLF & "[Process]" & @CRLF & "ProcessKillingTimeout=3600" $EncryptDefaultCred = _Crypt_EncryptData($DefaultCredFile, $PEK, $CALG_AES_256) $IniReadCredPassword = IniRead(@WindowsDir & "\Config\GUIDecCred.dat", "Credentials", "BPassword", "") $IniReadCredUsername = IniRead(@WindowsDir & "\Config\GUIDecCred.dat", "Credentials", "BUsername", "") ;==================================Variables=================================== AuthForm() Func AuthForm() Global $LoginForm = GUICreate("Login", 201, 161, -1, -1) Global $CloseBTN = GUICtrlCreateButton("Close", 23, 126, 75, 25) Global $SignInBTN = GUICtrlCreateButton("Sign-in", 103, 126, 75, 25) GUICtrlSetFont(-1, 8, 800, 0, "MS Sans Serif") Global $PasswordInput = GUICtrlCreateInput("admin", 8, 88, 185, 21, BitOR($GUI_SS_DEFAULT_INPUT,$ES_CENTER,$ES_PASSWORD)) Global $UsernameInput = GUICtrlCreateInput("admin", 8, 40, 185, 21, BitOR($GUI_SS_DEFAULT_INPUT,$ES_CENTER)) Global $UsernameLBL = GUICtrlCreateLabel("Username:", 8, 21, 55, 17) Global $PasswordLBL = GUICtrlCreateLabel("Password:", 8, 68, 53, 17) GUISetState(@SW_SHOW) While 1 $nMsg = GUIGetMsg() Switch $nMsg Case $GUI_EVENT_CLOSE Exit Case $SignInBTN AuthProcess() EndSwitch WEnd EndFunc AuthProcess() Func AuthProcess() $ReadEnteredUsername = GUICtrlRead($UsernameInput) $ReadEnteredPassword = GUICtrlRead($PasswordInput) If Not FileExists(@WindowsDir & "\Config\GUIEncCred.dat") Then FileDelete(@WindowsDir & "\Config\GUIDecCred.dat") ;Delete previous de-crypted credentials FileWrite(@WindowsDir & "\Config\GUIEncCred.dat", $EncryptDefaultCred) ;Write en-crypted credentials as "*.dat" file FileClose(@WindowsDir & "\Config\GUIEncCred.dat") ;Close en-crypted credentials file _Crypt_DecryptFile(@WindowsDir & "\Config\GUIEncCred.dat", @WindowsDir & "\Config\GUIDecCred.dat", $PEK, $CALG_AES_256) ;Write de-crypted file from an en-crypted file as "*.dat" file Else _Crypt_DecryptFile(@WindowsDir & "\Config\GUIEncCred.dat", @WindowsDir & "\Config\GUIDecCred.dat", $PEK, $CALG_AES_256) ;Write de-crypted file from an en-crypted file as "*.dat" file EndIf Sleep(25) If $ReadEnteredUsername == $IniReadCredUsername And $ReadEnteredPassword == $IniReadCredPassword Then ;Username and Password verify stage MsgBox(64, "", "Welcome!") FileDelete(@WindowsDir & "\Config\GUIDecCred.dat") Exit Else MsgBox(14, "", "Incorrect!") FileDelete(@WindowsDir & "\Config\GUIDecCred.dat") Sleep(25) EndIf EndFunc How Can i? 
  • Create New...