Jump to content

Recommended Posts

Okay, I'll look into it tomorrow...

Edit: one small mistake fixed. Please download MCF.au3 version 1.3 (updated) and try again.

Edited by RTFC
Link to post
Share on other sites
  • Replies 396
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

CodeCrypter enables you to encrypt scripts without placing the key inside the script. This is because this key is extracted from the user environment at runtime by, for example: password us

Codecrypter version 3.1 is released; a major upgrade, made possible by the incorporation of TheXman's CryptoNG suite (with permission, of course). Many thanks to TheXman for allowing me to incorporate

Found the issue, which was indeed a bug. Please stand by for an updated bundle... CodeScannerCrypter bundle version 2.4 is now released, with many thanks to @Roman for flagging the bug.

Posted Images

version 1.3 corrected and updated.

 

I was able to successfully run codescanner, codecrypter (with obfuscation profile), and compile mcf0test without error.  Next to test out obfuscated.exe to see if it behaves correctly :).  Thanks again for your work, you could have taken the day off ;).

Link to post
Share on other sites

We aim to please. :guitar:

Very glad to hear it, and sorry for insufficiently testing (I was rushing a bit) before submitting.

And in retrospect I should have added this filter from the start; inadvertent RegExp pattern processing probably caused other failures in the past too.

So you definitely made the right call in posting the problem. ;)

Link to post
Share on other sites

@mesale0077:

Thanks for your message. So maybe you haven't read the recent exchanges between jack71 and me, and maybe you haven't read the MCF CodeCrypter FAQ, or the extensive Remarks sections inside the various MCF-related scripts, so let me reiterate (and I don't mean this in a negative sense towards you or anyone else :) , but...):

CodeCrypter, CodeScanner, and the MCF library are advanced tools to fundamentally alter the content (and potentially also the structure) of your target script. There are many particular code constructs that might cause either the encryption or the obfuscation to subtly alter the way in which the rebuilt script works, which may lead to it no longer functioning the way it should, or at all. Since you are supposed to use this on your own code, you are going to be the expert at identifying where and how your new script diverges in performance from the original. If you then make an effort to identify a specific issue related to the way a specific AutoIt function or tiny code snippet no longer works the way it should, I'd be very interested to hear from you; I'll try my level best to find the root cause, and if at all possible, to fix the problem in a future release (as I just did in jack71's case).

But now you come along, taking an incredibly sophisticated piece of code, designed not by you, but by one of the smartest, most capable forum members around, run it through the encryption, conclude it doesn't work , and just dump it in my lap to go an fix it. Well, I'm sorry to tell you, :blink:  it doesn't work like that, and I don't work like that. :naughty:  Just like the Help forums where you cannot expect others to write entire code sections for you, I'm not going to spend several days taking Ascend4nt's code apart on the off-chance that I might quickly identify the issue. If you want to use that code in encrypted form, you'll have to make an effort yourself. The FAQ gives you clear instructions how: test a backtranslated script first, switch various parts of the encryption off, use subset encryption to encrypt only a few percent, encrypt individual UDFs one at a time, and so forth. By selectively applying encryption, you'll be able to home in on the problem ever closer, until you reach the point where you understand what is going wrong. To take jack71's example (hope you don't mind, jack71 :lol: ), part of a RegExp pattern contained a string that looked like a variable to the MCF encoder, so obfuscation was applied to it by mistake. If you post a query with that level of detail, you'll also be able to post a tiny example script that reproduces the error, and I'll definitely have a look at it then.

But just dumping a link to someone else's code is not going to earn you any brownie points in my book. <_<  So, no, I won't look into this, unless you can convince me that you understand Ascend4nt's code sufficiently well to identify a specific issue that I can fix.

I've given you a powerful tool, gratis, and I hope it's of use, but I'm no free encryption service when things don't go your way. You may have to keep a particular code section in clear text (i.e., not encrypted), or you may have to reduce the total amount of encryption, or maybe your target script contains code that simply cannot be encrypted using CodeCrypter (I've listed several such scenarios elsewhere). Who knows? Figure it out, and if you then discover an actual bug in my code, then please let me know, and I'll try and fix that, of course.

I hope you understand.:mellow:

Link to post
Share on other sites

working

but

'?do=embed' frameborder='0' data-embedContent>>

after cypter dont work

try please

and

my script with Au3Stripper.exe scan

or

my script add include MCFinclude.au3 with Au3Stripper.exe scan

after

codescan after codecypter run

and fast

 

No offense but why would you want to encrypt a UDF that has been publicly made by another forum member?  It would make sense to encrypt YOUR script and not the publicly made portion.  Plus if someone wants to attempt to decompile your code, it will give props to the original author :).  Just my .02.

Link to post
Share on other sites
  • 4 months later...

@legend: This error message tells you that the required include-file "MCFinclude.au3" is not found in your script. So the obvious first step would be to check and make sure that it actually is, as CodeCrypter's encryption won't work without it. If it is included, and you still get this error, then post the smallest possible sample script that reproduces the error, and we can have a look.

Edit: and please don't forget to run CodeScanner (to generate the MCF files) after adding this include to your script.

Edited by RTFC
Link to post
Share on other sites

Okay, it looks like your datadump directory for your test.au3 script is not found.

Also, it looks like you are creating a single-build straight from Codescanner.

Please try to get this to work one step at a time, so we can identify the problem. :)

Here's what I'd like you to try:

1. Run CodeScanner on your test.au3 script (that includes the line "#include MCFinclude.au3") with the CodeScanner option "WriteMCF" enabled in the Settings panel.

2. check CodeScanner's report for any major errors, and fix those first (esp. any missing #includes). Rerun Codescanner until you only get minor complaints (suchas redundant #includes) or no issues at all.

3. Check that the datadump subdirectory test.au3,CS_DATA exists below test.au3's current directory, and that it contains MCF#.txt,  where # is any positive number.

4. Run CodeCrypter and load your "test.au3"; you should not get an error now.

5. follow the encryption instructions in MCFQA.pdf (first item in the FAQ) (write MCF0, BackTranslate, check test script, if okay, proceed with encryption).

Link to post
Share on other sites

@alessandror9: Hi there, and welcome to the AutoIt forums! :)

Well, you've come to the right place; the CodeScannerCrypter bundle you can download from the first post in this thread can help you protect your AutoIt scripts! Protection involves obfuscation and/or encryption:

Obfuscation changes meaningful names of various parts of your script to meaningless names that all look very much alike to human eyes. That means that anyone reading your script will find it very hard to understand what's going on.

Encryption replaces your plaintext strings, evaluations, and function calls into Execute(Decrypt(<encrypted string/evaluation/call>)), and the beauty of this particular encryption environment is that the decryption key is not stored anywhere in the script, but extracted from the runtime environment.

Just download the bundle, and also get the MCFQA.pdf (from the same post), in which many beginner's questions are answered.

Basically, you need to add one line to your script ("#include MCFinclude.au3"), then run CodeScanner on it with the option WriteMetaCode (see Settings panel) enabled, and when CodeSCanner identifies no serious issues with your script, open it in CodeCrypter, and follow the instructions in MCFQA.pdf. Try it first on a simple test script (maybe just a "Hello World" MsgBox script) to become familiar with the steps. By default, encrpytion uses the @username macro (so the encrypted version will run only in environments where @username returns your username on the machine you encrypted the script on), but you can define any other means of extracting runtime data too, and also change the expected response, for example, to run only if @username returns "Alice", for example. The final encrypted version of your script is written to MCF0test.au3; you can rename it afterwards to whatever you like, but always test it to ensure it still works as it should.

If you get stuck, I'll be happy to help you if I can, but please read the instructions first, and also the Remarks section in the CodeCrypter script.

Best of luck! B)

RT

Edited by RTFC
Link to post
Share on other sites

@alessandror9: Hi there, and welcome to the AutoIt forums! :)

Well, you've come to the right place; the CodeScannerCrypter bundle you can download from the first post in this thread can help you protect your AutoIt scripts! Protection involves obfuscation and/or encryption:

Obfuscation changes meaningful names of various parts of your script to meaningless names that all look very much alike to human eyes. That means that anyone reading your script will find it very hard to understand what's going on.

Encryption replaces your plaintext strings, evaluations, and function calls into Execute(Decrypt(<encrypted string/evaluation/call>)), and the beauty of this particular encryption environment is that the decryption key is not stored anywhere in the script, but extracted from the runtime environment.

Just download the bundle, and also get the MCFQA.pdf (from the same post), in which many beginner's questions are answered.

Basically, you need to add one line to your script ("#include MCFinclude.au3"), then run CodeScanner on it with the option WriteMetaCode (see Settings panel) enabled, and when CodeSCanner identifies no serious issues with your script, open it in CodeCrypter, and follow the instructions in MCFQA.pdf. Try it first on a simple test script (maybe just a "Hello World" MsgBox script) to become familiar with the steps. By default, encrpytion uses the @username macro (so the encrypted version will run only in environments where @username returns your username on the machine you encrypted the script on), but you can define any other means of extracting runtime data too, and also change the expected response, for example, to run only if @username returns "Alice", for example. The final encrypted version of your script is written to MCF0test.au3; you can rename it afterwards to whatever you like, but always test it to ensure it still works as it should.

If you get stuck, I'll be happy to help you if I can, but please read the instructions first, and also the Remarks section in the CodeCrypter script.

Best of luck! B)

RT

 

hello, thanks for the quick answer;)

I just tried to run the file codescanner but me error

codescanner.au3 "(4594): ==> Incorrect number of parameters in the function call .:

_ArrayAdd ($ AU3operators, "=", 0, Chr (0))

^ ERROR

what does that mean?

thank you very much:-))))

 

edit: My problem, I was using an older version of autoit:-P

Now everything works perfectly !!! gooooooddddddddd job !!!! yea :-D

Edited by alessandror9
Link to post
Share on other sites

@allessandror9: Yes, the array UDF (<Array.au3>) was substantially enhanced by Melba23 and others for AutoIt version 3.3.12. I left legacy versions of CodeScanner/Crypter (made in version 3.3.8) available for separate download for those unable/unwilling to upgrade to 3.3.12, but the new Array UDF is much better and more versatile (Thanks again, Melba! :thumbsup: ), so if you can make the switch without too much pain, you probably should upgrade (like you've apparently just done).

Hope you find these tools of use, and happy coding!

Edited by RTFC
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By TheXman
      Encryption / Decryption / Hashing
      Purpose
      Cryptography API: Next Generation (CNG) is Microsoft's long-term replacement for their CryptoAPI.  CNG is designed to be extensible at many levels and cryptography agnostic in behavior.  Although the Crypt.au3 UDF that is installed with AutoIt3 still works perfectly, the advapi32.dll functions that it uses have been deprecated.  This UDF was created to offer a replacement for the deprecated functions.  According to Microsoft, deprecated functions may be removed in future release.  Therefore, this UDF will be available when/if that happens.
      Description
      This UDF implements some of Microsoft's Cryptography API: Next Generation (CNG) Win32 API functions.  In its initial release, it implements functions to encrypt text & files, decrypt text and files, generate hashes, and the Password-Based Key Derivation Function 2 (PBKDF2) function.  The UDF can implement any of the encryption/decryption algorithms or hashing algorithms that are installed on the PC in which it is running.  Most, if not all, of the values that you would commonly use to specify that desired algorithms, key bit lengths, and other magic number type values, are already defined as constants or enums in the UDF file.
      To flatten the learning curve, there is an example file that shows examples of all of the major functionality.  This example file is not created to be an exhaustive set of how to implement each feature and parameter.  It is designed to give you a template or guide to help you hit the ground running in terms of using the functions.  I have tried to fully document the headers of all of the functions as well as the code within the functions themselves.    As of v1.4.0, there is also a Help file that includes all of the functions, with examples.
      Current UDF Functions
      Algorithm-Specific Symmetric Encryption/Decryption Functions _CryptoNG_3DES_CBC_DecryptData _CryptoNG_3DES_CBC_DecryptFile _CryptoNG_3DES_CBC_EncryptData _CryptoNG_3DES_CBC_EncryptFile _CryptoNG_AES_CBC_DecryptData _CryptoNG_AES_CBC_DecryptFile _CryptoNG_AES_CBC_EncryptData _CryptoNG_AES_CBC_EncryptFile _CryptoNG_AES_ECB_DecryptData _CryptoNG_AES_ECB_EncryptData
        Generic Symmetric Encryption/Decryption Functions _CryptoNG_DecryptData _CryptoNG_DecryptFile _CryptoNG_EncryptData _CryptoNG_EncryptFile
        Hashing Functions _CryptoNG_HashData _CryptoNG_HashFile _CryptoNG_PBKDF2
        Asymmetric (Public/Private Key) Encryption/Decryption Functions _CryptoNG_RSA_CreateKeyPair _CryptoNG_RSA_EncryptData _CryptoNG_RSA_DecryptData
        Misc / Helper Functions _CryptoNG_CryptBinaryToString _CryptoNG_CryptStringToBinary _CryptoNG_GenerateRandom _CryptoNG_EnumAlgorithms _CryptoNG_EnumRegisteredProviders _CryptoNG_EnumKeyStorageProviders _CryptoNG_LastErrorMessage _CryptoNG_Version  
      Related Links
      Cryptography API: Next Generation - Main Page
      Cryptography API: Next Generation - Reference
      Cryptography API: Next Generation - Primitives
      Cryptography API: Next Generation - Cryptographic Algorithm Providers
    • By RTFC
      The CodeScannerCrypterBundle (ca. 2.5 MB unzipped) contains the following UDFs and utilities:
      CodeScanner: analyse AutoIt script structure and content, identify potential issues, generate MCF data files CodeCrypter: front-end GUI for the MCF library, for script encryption (without storing the decryption key(s) in the script!) MetaCodeFile UDF (MCF library): for analysis and user-defined alterations of AutoIt script structure and content MCFinclude.au3: #include this UDF in any AutoIt script that you wish CodeCrypter to process AES.au3, by Ward; machine code UDF for AES encryption (32-bit, patched version) CryptoNG, by TheXman; encryption UDF using Bcrypt dll calls (32/64-bit; various algorithms) StoreCCprofile.au3/readCSdatadump.au3/helloworld.au3: auxiliary utilities and example script HowToCodeCrypt.pdf: a simple guide in five steps CodeCrypterFAQ.pdf: questions and answers, partly based upon exchanges in the CodeCrypter thread. Please follow the links for additional information.
    • By RTFC
      MetaCode offers a way to:
      separate a script's structure from its content remove all redundant definitions (globals and UDFs) change any content (and some structure) combine (new) structure and (new) content into a new script The most useful applications implemented so far are:
      Fast language translation (not just text strings, also variable names and UDF names) Obfuscation (vars and/or UDFs) Script Encryption (conditionals, calls, and macros) Encryption is powerful because the key is not stored anywhere; you can define it to be a user password, macro, environment spec/variable, server response, something you define yourself, or a combination thereof; anything goes, as long as it's not a fixed string or fixed value. More info in the CodeCrypter thread: ?do=embed' frameborder='0' data-embedContent>'?do=embed' frameborder='0' data-embedContent>>
      ?do=embed' frameborder='0' data-embedContent>
      But MetaCode has more potential than that; it allows you to tinker with any type of content separately, then rebuild a new version. So for example, you can have a single script structure and numerous different language modules you just plug in to create a new version in a different language.
      A brief Tutorial is here: MetaCode Tutorial.pdf
      The MCF library itself can be found in the CodeScannerCrypter bundle.
      And a little example how to use it for translating your GUI into a different language:
       UI_Translator.7z (new version that should work with the new version of Google Translate, see post #13 below)
       
       
      MCF.au3 is just the library plus the MCFinclude.au3 file you need to include in any script you wish to encrypt.
      There is no GUI here. However, I did write a separate front-end for it called CodeCrypter, which you can find here:
      ?do=embed' frameborder='0' data-embedContent>'?do=embed' frameborder='0' data-embedContent>>
      ?do=embed' frameborder='0' data-embedContent>
      MCF uses output generated by my CodeScanner version 2.8+, which you can find here:
      '?do=embed' frameborder='0' data-embedContent>>
      CodeScanner also depends on MCF.au3 now, as it can now call a few of its functions.
      I should also mention Ward's excellent AES.au3 UDFs used for the encryption and decryption calls,  which is now included in the CodeScannerCrypter bundle (thanks to Ward for allowing to include it). You can find the original (unpatched) version here:
      '?do=embed' frameborder='0' data-embedContent>>
      Note: you can replace the encryption/decryption calls with whatever algorithm you like (hint: the native <Crypt.au3> library is too slow for most purposes, better stick to machine code routines)
      So just to be clear:
      CodeScanner (v2.8+) needs MCF (earlier versions won't work!) CodeCrypter needs MCF (plus anything that MCF needs) MCF itself needs MCFinclude (part of MCF zip) MCF also needs readCSdatadump (part of the CodeScanner package, you need the latest version packaged with CodeScanner v2.8; earlier versions won't work!) both MCF and MCFinclude currently rely on AES.au3 by Ward So you basically need to download the whole bundle for any of it to work.
       
      If you have any questions, please start by reading the MCF Tutorial and the CodeCrypter FAQ (you can download the latter separately from the CodeCrypter thread).
      Next, read the extensive Remarks sections in MCF.au3, MCFinclude.au3, and CodeCrypter.au3
      If still no joy, then please post. However, I'm not online that often, and logged in to the forum even less, so response may take a while).
      RT
    • By Radix
      Hi.

      I would like to know if it is possible to implement an autoit script with GOST algorithm. I noticed that there are seven different algorithms in the standard UDF, but I urgently need a command line crypter with GOST algorithm. I just lack the algorithm part. Is it possible to adapt GPLib in the autoit script?

      http://www.delphipages.com/comp/gplib-14771.html

      Thx.
    • By RestrictedUser
      I had created login form and this form first goes to de-crypting file that encrypted then read the saved credentials by de-cryptied file, but doesn't work properly!
      I want just read encrypted data without saving de-crypted file, just read! 
      #NoTrayIcon #include <Crypt.au3> #include <FileConstants.au3> #include <MsgBoxConstants.au3> #include <ButtonConstants.au3> #include <EditConstants.au3> #include <GUIConstantsEx.au3> #include <StaticConstants.au3> #include <WindowsConstants.au3> ;==================================Variables=================================== ;Encryption settings _Crypt_Startup() $PEK = _Crypt_DeriveKey("BS#Password", $CALG_AES_256, $CALG_SHA_512) $DefaultCredFile = "[Credentials]" & @CRLF & "BUsername=NoAdmin" & @CRLF & "BPassword=NoAdmin" & @CRLF & "[Process]" & @CRLF & "ProcessKillingTimeout=3600" $EncryptDefaultCred = _Crypt_EncryptData($DefaultCredFile, $PEK, $CALG_AES_256) $IniReadCredPassword = IniRead(@WindowsDir & "\Config\GUIDecCred.dat", "Credentials", "BPassword", "") $IniReadCredUsername = IniRead(@WindowsDir & "\Config\GUIDecCred.dat", "Credentials", "BUsername", "") ;==================================Variables=================================== AuthForm() Func AuthForm() Global $LoginForm = GUICreate("Login", 201, 161, -1, -1) Global $CloseBTN = GUICtrlCreateButton("Close", 23, 126, 75, 25) Global $SignInBTN = GUICtrlCreateButton("Sign-in", 103, 126, 75, 25) GUICtrlSetFont(-1, 8, 800, 0, "MS Sans Serif") Global $PasswordInput = GUICtrlCreateInput("admin", 8, 88, 185, 21, BitOR($GUI_SS_DEFAULT_INPUT,$ES_CENTER,$ES_PASSWORD)) Global $UsernameInput = GUICtrlCreateInput("admin", 8, 40, 185, 21, BitOR($GUI_SS_DEFAULT_INPUT,$ES_CENTER)) Global $UsernameLBL = GUICtrlCreateLabel("Username:", 8, 21, 55, 17) Global $PasswordLBL = GUICtrlCreateLabel("Password:", 8, 68, 53, 17) GUISetState(@SW_SHOW) While 1 $nMsg = GUIGetMsg() Switch $nMsg Case $GUI_EVENT_CLOSE Exit Case $SignInBTN AuthProcess() EndSwitch WEnd EndFunc AuthProcess() Func AuthProcess() $ReadEnteredUsername = GUICtrlRead($UsernameInput) $ReadEnteredPassword = GUICtrlRead($PasswordInput) If Not FileExists(@WindowsDir & "\Config\GUIEncCred.dat") Then FileDelete(@WindowsDir & "\Config\GUIDecCred.dat") ;Delete previous de-crypted credentials FileWrite(@WindowsDir & "\Config\GUIEncCred.dat", $EncryptDefaultCred) ;Write en-crypted credentials as "*.dat" file FileClose(@WindowsDir & "\Config\GUIEncCred.dat") ;Close en-crypted credentials file _Crypt_DecryptFile(@WindowsDir & "\Config\GUIEncCred.dat", @WindowsDir & "\Config\GUIDecCred.dat", $PEK, $CALG_AES_256) ;Write de-crypted file from an en-crypted file as "*.dat" file Else _Crypt_DecryptFile(@WindowsDir & "\Config\GUIEncCred.dat", @WindowsDir & "\Config\GUIDecCred.dat", $PEK, $CALG_AES_256) ;Write de-crypted file from an en-crypted file as "*.dat" file EndIf Sleep(25) If $ReadEnteredUsername == $IniReadCredUsername And $ReadEnteredPassword == $IniReadCredPassword Then ;Username and Password verify stage MsgBox(64, "", "Welcome!") FileDelete(@WindowsDir & "\Config\GUIDecCred.dat") Exit Else MsgBox(14, "", "Incorrect!") FileDelete(@WindowsDir & "\Config\GUIDecCred.dat") Sleep(25) EndIf EndFunc How Can i? 
×
×
  • Create New...