Jump to content
RTFC

CodeCrypter - Encrypt your Script

Recommended Posts

Okay, I'll look into it tomorrow...

Edit: one small mistake fixed. Please download MCF.au3 version 1.3 (updated) and try again.

Edited by RTFC

Share this post


Link to post
Share on other sites

version 1.3 corrected and updated.

 

I was able to successfully run codescanner, codecrypter (with obfuscation profile), and compile mcf0test without error.  Next to test out obfuscated.exe to see if it behaves correctly :).  Thanks again for your work, you could have taken the day off ;).

Share this post


Link to post
Share on other sites

We aim to please. :guitar:

Very glad to hear it, and sorry for insufficiently testing (I was rushing a bit) before submitting.

And in retrospect I should have added this filter from the start; inadvertent RegExp pattern processing probably caused other failures in the past too.

So you definitely made the right call in posting the problem. ;)

Share this post


Link to post
Share on other sites

@mesale0077:

Thanks for your message. So maybe you haven't read the recent exchanges between jack71 and me, and maybe you haven't read the MCF CodeCrypter FAQ, or the extensive Remarks sections inside the various MCF-related scripts, so let me reiterate (and I don't mean this in a negative sense towards you or anyone else :) , but...):

CodeCrypter, CodeScanner, and the MCF library are advanced tools to fundamentally alter the content (and potentially also the structure) of your target script. There are many particular code constructs that might cause either the encryption or the obfuscation to subtly alter the way in which the rebuilt script works, which may lead to it no longer functioning the way it should, or at all. Since you are supposed to use this on your own code, you are going to be the expert at identifying where and how your new script diverges in performance from the original. If you then make an effort to identify a specific issue related to the way a specific AutoIt function or tiny code snippet no longer works the way it should, I'd be very interested to hear from you; I'll try my level best to find the root cause, and if at all possible, to fix the problem in a future release (as I just did in jack71's case).

But now you come along, taking an incredibly sophisticated piece of code, designed not by you, but by one of the smartest, most capable forum members around, run it through the encryption, conclude it doesn't work , and just dump it in my lap to go an fix it. Well, I'm sorry to tell you, :blink:  it doesn't work like that, and I don't work like that. :naughty:  Just like the Help forums where you cannot expect others to write entire code sections for you, I'm not going to spend several days taking Ascend4nt's code apart on the off-chance that I might quickly identify the issue. If you want to use that code in encrypted form, you'll have to make an effort yourself. The FAQ gives you clear instructions how: test a backtranslated script first, switch various parts of the encryption off, use subset encryption to encrypt only a few percent, encrypt individual UDFs one at a time, and so forth. By selectively applying encryption, you'll be able to home in on the problem ever closer, until you reach the point where you understand what is going wrong. To take jack71's example (hope you don't mind, jack71 :lol: ), part of a RegExp pattern contained a string that looked like a variable to the MCF encoder, so obfuscation was applied to it by mistake. If you post a query with that level of detail, you'll also be able to post a tiny example script that reproduces the error, and I'll definitely have a look at it then.

But just dumping a link to someone else's code is not going to earn you any brownie points in my book. <_<  So, no, I won't look into this, unless you can convince me that you understand Ascend4nt's code sufficiently well to identify a specific issue that I can fix.

I've given you a powerful tool, gratis, and I hope it's of use, but I'm no free encryption service when things don't go your way. You may have to keep a particular code section in clear text (i.e., not encrypted), or you may have to reduce the total amount of encryption, or maybe your target script contains code that simply cannot be encrypted using CodeCrypter (I've listed several such scenarios elsewhere). Who knows? Figure it out, and if you then discover an actual bug in my code, then please let me know, and I'll try and fix that, of course.

I hope you understand.:mellow:

Share this post


Link to post
Share on other sites

working

but

'?do=embed' frameborder='0' data-embedContent>>

after cypter dont work

try please

and

my script with Au3Stripper.exe scan

or

my script add include MCFinclude.au3 with Au3Stripper.exe scan

after

codescan after codecypter run

and fast

 

No offense but why would you want to encrypt a UDF that has been publicly made by another forum member?  It would make sense to encrypt YOUR script and not the publicly made portion.  Plus if someone wants to attempt to decompile your code, it will give props to the original author :).  Just my .02.

Share this post


Link to post
Share on other sites

@legend: This error message tells you that the required include-file "MCFinclude.au3" is not found in your script. So the obvious first step would be to check and make sure that it actually is, as CodeCrypter's encryption won't work without it. If it is included, and you still get this error, then post the smallest possible sample script that reproduces the error, and we can have a look.

Edit: and please don't forget to run CodeScanner (to generate the MCF files) after adding this include to your script.

Edited by RTFC

Share this post


Link to post
Share on other sites

Hi RTFC,

Thank's for your reply, I will try that:)

Edit: now it seems i'm getting a different error: 

ffc6e60589.png

Edited by legend

Share this post


Link to post
Share on other sites

Okay, it looks like your datadump directory for your test.au3 script is not found.

Also, it looks like you are creating a single-build straight from Codescanner.

Please try to get this to work one step at a time, so we can identify the problem. :)

Here's what I'd like you to try:

1. Run CodeScanner on your test.au3 script (that includes the line "#include MCFinclude.au3") with the CodeScanner option "WriteMCF" enabled in the Settings panel.

2. check CodeScanner's report for any major errors, and fix those first (esp. any missing #includes). Rerun Codescanner until you only get minor complaints (suchas redundant #includes) or no issues at all.

3. Check that the datadump subdirectory test.au3,CS_DATA exists below test.au3's current directory, and that it contains MCF#.txt,  where # is any positive number.

4. Run CodeCrypter and load your "test.au3"; you should not get an error now.

5. follow the encryption instructions in MCFQA.pdf (first item in the FAQ) (write MCF0, BackTranslate, check test script, if okay, proceed with encryption).

Share this post


Link to post
Share on other sites

@alessandror9: Hi there, and welcome to the AutoIt forums! :)

Well, you've come to the right place; the CodeScannerCrypter bundle you can download from the first post in this thread can help you protect your AutoIt scripts! Protection involves obfuscation and/or encryption:

Obfuscation changes meaningful names of various parts of your script to meaningless names that all look very much alike to human eyes. That means that anyone reading your script will find it very hard to understand what's going on.

Encryption replaces your plaintext strings, evaluations, and function calls into Execute(Decrypt(<encrypted string/evaluation/call>)), and the beauty of this particular encryption environment is that the decryption key is not stored anywhere in the script, but extracted from the runtime environment.

Just download the bundle, and also get the MCFQA.pdf (from the same post), in which many beginner's questions are answered.

Basically, you need to add one line to your script ("#include MCFinclude.au3"), then run CodeScanner on it with the option WriteMetaCode (see Settings panel) enabled, and when CodeSCanner identifies no serious issues with your script, open it in CodeCrypter, and follow the instructions in MCFQA.pdf. Try it first on a simple test script (maybe just a "Hello World" MsgBox script) to become familiar with the steps. By default, encrpytion uses the @username macro (so the encrypted version will run only in environments where @username returns your username on the machine you encrypted the script on), but you can define any other means of extracting runtime data too, and also change the expected response, for example, to run only if @username returns "Alice", for example. The final encrypted version of your script is written to MCF0test.au3; you can rename it afterwards to whatever you like, but always test it to ensure it still works as it should.

If you get stuck, I'll be happy to help you if I can, but please read the instructions first, and also the Remarks section in the CodeCrypter script.

Best of luck! B)

RT

Edited by RTFC

Share this post


Link to post
Share on other sites

By the way, if the user got the password, will it be relative easy to decrypt and deobfuscate it?

I'm getting my password from my server (website) so it's not being stored in the source

Share this post


Link to post
Share on other sites

@alessandror9: Hi there, and welcome to the AutoIt forums! :)

Well, you've come to the right place; the CodeScannerCrypter bundle you can download from the first post in this thread can help you protect your AutoIt scripts! Protection involves obfuscation and/or encryption:

Obfuscation changes meaningful names of various parts of your script to meaningless names that all look very much alike to human eyes. That means that anyone reading your script will find it very hard to understand what's going on.

Encryption replaces your plaintext strings, evaluations, and function calls into Execute(Decrypt(<encrypted string/evaluation/call>)), and the beauty of this particular encryption environment is that the decryption key is not stored anywhere in the script, but extracted from the runtime environment.

Just download the bundle, and also get the MCFQA.pdf (from the same post), in which many beginner's questions are answered.

Basically, you need to add one line to your script ("#include MCFinclude.au3"), then run CodeScanner on it with the option WriteMetaCode (see Settings panel) enabled, and when CodeSCanner identifies no serious issues with your script, open it in CodeCrypter, and follow the instructions in MCFQA.pdf. Try it first on a simple test script (maybe just a "Hello World" MsgBox script) to become familiar with the steps. By default, encrpytion uses the @username macro (so the encrypted version will run only in environments where @username returns your username on the machine you encrypted the script on), but you can define any other means of extracting runtime data too, and also change the expected response, for example, to run only if @username returns "Alice", for example. The final encrypted version of your script is written to MCF0test.au3; you can rename it afterwards to whatever you like, but always test it to ensure it still works as it should.

If you get stuck, I'll be happy to help you if I can, but please read the instructions first, and also the Remarks section in the CodeCrypter script.

Best of luck! B)

RT

 

hello, thanks for the quick answer;)

I just tried to run the file codescanner but me error

codescanner.au3 "(4594): ==> Incorrect number of parameters in the function call .:

_ArrayAdd ($ AU3operators, "=", 0, Chr (0))

^ ERROR

what does that mean?

thank you very much:-))))

 

edit: My problem, I was using an older version of autoit:-P

Now everything works perfectly !!! gooooooddddddddd job !!!! yea :-D

Edited by alessandror9

Share this post


Link to post
Share on other sites

@allessandror9: Yes, the array UDF (<Array.au3>) was substantially enhanced by Melba23 and others for AutoIt version 3.3.12. I left legacy versions of CodeScanner/Crypter (made in version 3.3.8) available for separate download for those unable/unwilling to upgrade to 3.3.12, but the new Array UDF is much better and more versatile (Thanks again, Melba! :thumbsup: ), so if you can make the switch without too much pain, you probably should upgrade (like you've apparently just done).

Hope you find these tools of use, and happy coding!

Edited by RTFC

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By RTFC
      The CodeScannerCrypterBundle (ca. 2.5 MB unzipped) contains the following UDFs and utilities:
      CodeScanner: analyse AutoIt script structure and content, identify potential issues, generate MCF data files CodeCrypter: front-end GUI for the MCF library, for script encryption (without storing the decryption key(s) in the script!) MetaCodeFile UDF (MCF library): for analysis and user-defined alterations of AutoIt script structure and content MCFinclude.au3: #include this UDF in any AutoIt script that you wish CodeCrypter to process AES.au3, by Ward; machine code UDF for AES encryption (32-bit, patched version) CryptoNG, by TheXman; encryption UDF using Bcrypt dll calls (32/64-bit; various algorithms) StoreCCprofile.au3/readCSdatadump.au3/helloworld.au3: auxiliary utilities and example script HowToCodeCrypt.pdf: a simple guide in five steps CodeCrypterFAQ.pdf: questions and answers, partly based upon exchanges in the CodeCrypter thread. Please follow the links for additional information.
    • By TheXman
      Encryption / Decryption / Hashing
      Purpose
      Cryptography API: Next Generation (CNG) is Microsoft's long-term replacement for their CryptoAPI.  CNG is designed to be extensible at many levels and cryptography agnostic in behavior.  Although the Crypt.au3 UDF that is installed with AutoIt3 still works perfectly, the advapi32.dll functions that it uses have been deprecated.  This UDF was created to offer a replacement for the deprecated functions.  According to Microsoft, deprecated functions may be removed in future release.  Therefore, this UDF will be available when/if that happens.
      Description
      This UDF implements some of Microsoft's Cryptography API: Next Generation (CNG) Win32 API functions.  In its initial release, it implements functions to encrypt text & files, decrypt text and files, generate hashes, and the Password-Based Key Derivation Function 2 (PBKDF2) function.  The UDF can implement any of the encryption/decryption algorithms or hashing algorithms that are installed on the PC in which it is running.  Most, if not all, of the values that you would commonly use to specify that desired algorithms, key bit lengths, and other magic number type values, are already defined as constants or enums in the UDF file.
      To flatten the learning curve, there is an example file that shows examples of all of the major functionality.  This example file is not created to be an exhaustive set of how to implement each feature and parameter.  It is designed to give you a template or guide to help you hit the ground running in terms of using the functions.  I have tried to fully document the headers of all of the functions as well as the code within the functions themselves.    As of v1.4.0, there is also a Help file that includes all of the functions, with examples.
      Current UDF Functions
      _CryptoNG_3DES_CBC_DecryptData _CryptoNG_3DES_CBC_DecryptFile _CryptoNG_3DES_CBC_EncryptData _CryptoNG_3DES_CBC_EncryptFile _CryptoNG_AES_CBC_DecryptData _CryptoNG_AES_CBC_DecryptFile _CryptoNG_AES_CBC_EncryptData _CryptoNG_AES_CBC_EncryptFile _CryptoNG_CreateRSAKeyPair _CryptoNG_DecryptData _CryptoNG_DecryptFile _CryptoNG_EncryptData _CryptoNG_EncryptFile _CryptoNG_EnumAlgorithms _CryptoNG_EnumRegisteredProviders _CryptoNG_GenerateRandom _CryptoNG_HashData _CryptoNG_HashFile _CryptoNG_LastErrorMessage _CryptoNG_PBKDF2 _CryptoNG_Version  
      Related Links
      Cryptography API: Next Generation - Main Page
      Cryptography API: Next Generation - Reference
      Cryptography API: Next Generation - Primitives
      Cryptography API: Next Generation - Cryptographic Algorithm Providers
    • By RTFC
      MetaCode offers a way to:
      separate a script's structure from its content remove all redundant definitions (globals and UDFs) change any content (and some structure) combine (new) structure and (new) content into a new script The most useful applications implemented so far are:
      Fast language translation (not just text strings, also variable names and UDF names) Obfuscation (vars and/or UDFs) Script Encryption (conditionals, calls, and macros) Encryption is powerful because the key is not stored anywhere; you can define it to be a user password, macro, environment spec/variable, server response, something you define yourself, or a combination thereof; anything goes, as long as it's not a fixed string or fixed value. More info in the CodeCrypter thread: ?do=embed' frameborder='0' data-embedContent>'?do=embed' frameborder='0' data-embedContent>>
      ?do=embed' frameborder='0' data-embedContent>
      But MetaCode has more potential than that; it allows you to tinker with any type of content separately, then rebuild a new version. So for example, you can have a single script structure and numerous different language modules you just plug in to create a new version in a different language.
      A brief Tutorial is here: MetaCode Tutorial.pdf
      The MCF library itself can be found in the CodeScannerCrypter bundle.
      And a little example how to use it for translating your GUI into a different language:
       UI_Translator.7z (new version that should work with the new version of Google Translate, see post #13 below)
       
       
      MCF.au3 is just the library plus the MCFinclude.au3 file you need to include in any script you wish to encrypt.
      There is no GUI here. However, I did write a separate front-end for it called CodeCrypter, which you can find here:
      ?do=embed' frameborder='0' data-embedContent>'?do=embed' frameborder='0' data-embedContent>>
      ?do=embed' frameborder='0' data-embedContent>
      MCF uses output generated by my CodeScanner version 2.8+, which you can find here:
      '?do=embed' frameborder='0' data-embedContent>>
      CodeScanner also depends on MCF.au3 now, as it can now call a few of its functions.
      I should also mention Ward's excellent AES.au3 UDFs used for the encryption and decryption calls,  which is now included in the CodeScannerCrypter bundle (thanks to Ward for allowing to include it). You can find the original (unpatched) version here:
      '?do=embed' frameborder='0' data-embedContent>>
      Note: you can replace the encryption/decryption calls with whatever algorithm you like (hint: the native <Crypt.au3> library is too slow for most purposes, better stick to machine code routines)
      So just to be clear:
      CodeScanner (v2.8+) needs MCF (earlier versions won't work!) CodeCrypter needs MCF (plus anything that MCF needs) MCF itself needs MCFinclude (part of MCF zip) MCF also needs readCSdatadump (part of the CodeScanner package, you need the latest version packaged with CodeScanner v2.8; earlier versions won't work!) both MCF and MCFinclude currently rely on AES.au3 by Ward So you basically need to download the whole bundle for any of it to work.
       
      If you have any questions, please start by reading the MCF Tutorial and the CodeCrypter FAQ (you can download the latter separately from the CodeCrypter thread).
      Next, read the extensive Remarks sections in MCF.au3, MCFinclude.au3, and CodeCrypter.au3
      If still no joy, then please post. However, I'm not online that often, and logged in to the forum even less, so response may take a while).
      RT
×
×
  • Create New...