Jump to content
RTFC

CodeCrypter - Encrypt your Script

Recommended Posts

Good morning souldjer7777,

I ran a batch of tests on the _ArraySearch Help file example script for you. Backtranslate/Obfuscate/Encrypt/Obfuscate+Encrypt all run without any issues on 3.3.14, I'm afraid, so we're no closer to a solution as of yet.

Share this post


Link to post
Share on other sites

Well, I reverted back to AutoIT version 3.3.12... still getting the same issue. You care to try obfuscate / encrypt these snippets?

The script fails in same area mentioned above. Not obfuscated '<00>  GROUP' IS found... Obfuscated '<00>  GROUP' IS NOT found.

You can replace ' & GUICtrlRead($I_G1_IPAddress01) & ' with an IP address and you're good to go.

UPDATE: I didn't try encrypting it since it would even display the gui coordinate input text box.

Obfuscate fails at Local $G1_element = _ArraySearch($aDomainArray01, '<00>  GROUP', 0, 0, 0, 1, 1, 0)

Func NBTSTAT01()
If GUICtrlRead($I_G1_IPAddress01) = "IP ADDRESS" Then
    MsgBox (262144, $ProgramTitle01, "NBTSTAT -A: Please enter an IP Address")
Else

SplashTextOn($ProgramTitle01, 'NBTSTAT -A: Please stand by... ', 400, 40, -1, -1, 2, "", 10)

Local $nbtstat = Run(@ComSpec & " /c " & '"C:\Windows\sysnative\nbtstat.exe -a ' & GUICtrlRead($I_G1_IPAddress01) & '"', "", @SW_HIDE, $STDERR_CHILD + $STDOUT_CHILD)
Local $out = ''
Local $line = ''

While 1
     $line = StdoutRead($nbtstat)
    If @error Then ExitLoop
    If $line <> '' Then $out &= $line
Wend

MsgBox (0, "", $out)

Local $iPosition = StringInStr($out, "NetBIOS Remote Machine Name Table")

If $iPosition > 0 Then

MsgBox (0, "", "IF is greater than 0")

Local $sStringi = StringTrimLeft ( $out, $iPosition -1 )

Local $ePosition = StringInStr($sStringi, "MAC Address =")

Local $sStringCount = StringLen ($sStringi)

Local $sStringe = StringTrimRight ( $sStringi, $sStringCount - ($ePosition+31) )

MsgBox (0, "", "Math complications 1")

Local $sStringj = $sStringi

Local $v_G1_MACAddressPOS01 = StringInStr($sStringj, "MAC Address = ")

$V_G1_MACAddress01 = StringTrimLeft ( $sStringj, $v_G1_MACAddressPOS01 + 13 )

MsgBox (0, "", "Math complications 2")

$V_G1_MACAddress01 = StringStripCR ( $V_G1_MACAddress01 )

MsgBox (0, "", "01")

Local $aDomainArray01 = StringSplit ($sStringj, @LF )

MsgBox (0, "", "02")

Local $G1_element = _ArraySearch($aDomainArray01, '<00>  GROUP', 0, 0, 0, 1, 1, 0)

If @error Then
    SplashOff()
    MsgBox("", "Not Found", '<00>  GROUP was not found in column 0')
Else

MsgBox (0, "", "03")

$V_G1_Domain01 = $aDomainArray01[$G1_element]

MsgBox (0, "", "04")

$V_G1_Domain01 = StringStripWS ($V_G1_Domain01, 8)

MsgBox (0, "", "05")

Local $vDomainLEN01 = StringLen ($V_G1_Domain01)

MsgBox (0, "", "06")

Local $vDomainPOS01 = StringInStr ($V_G1_Domain01, "<00>GROUP")

MsgBox (0, "", "07")

$V_G1_Domain01 = StringTrimRight($V_G1_Domain01, $vDomainLEN01 - $vDomainPOS01 + 1)

MsgBox (0, "", "Setting GUI data")

GUICtrlSetData($E_G1_NBTSTATResults01, $sStringe)
GuiCtrlSetData($L_G1_MACAddress01, $V_G1_MACAddress01)
GuiCtrlSetData($L_G1_Domain01, $V_G1_Domain01)

SplashOff()

EndIf

Else

GUICtrlSetData($E_G1_NBTSTATResults01, "Host not found. No data returned")

SplashOff()

EndIf

EndIf
EndFunc

Encryption fails almost first thing with my initial function... it never prompts for inputs...  
DOES NOT DISPLAY: 
$guileftcontrol = InputBox($ProgramTitle01, "Gui Pixel Distance from LEFT of screen:", "10", "", -1, -1, 10, 10)
and
$guitopcontrol = InputBox($ProgramTitle01, "Gui Pixel Distance from TOP of screen:", "10", "", -1, -1, 10, 10)

_StartGuiPOSFolderCheck ()

Func _StartGuiPOSFolderCheck()

Local $sFldr3 = @ScriptDir & "\Ticket_Types\"
Local $DirOK01 = DirCreate($sFldr3)

If $DirOK01 = 1 Then

    FileInstall("C:\Temp\Ticket_Types\_Quick_Ticket.txt", @ScriptDir & "\Ticket_Types\_Quick_Ticket.txt", 1)
    FileInstall("C:\Temp\Ticket_Types\FalsePositive.txt", @ScriptDir & "\Ticket_Types\FalsePositive.txt", 1)

Else
    MsgBox(262144, $ProgramTitle01, "Folder creation failure: " & @CR & $DirOK01)
Exit
EndIf

$guileftcontrol = InputBox($ProgramTitle01, "Gui Pixel Distance from LEFT of screen:", "10", "", -1, -1, 10, 10)

If @Error Then $guileftcontrol = -1

$guitopcontrol = InputBox($ProgramTitle01, "Gui Pixel Distance from TOP of screen:", "10", "", -1, -1, 10, 10)

If @Error Then $guitopcontrol = -1

TicketType_Check01()

EndFunc

Thanks for the help RTFC!!!

Edited by souldjer777

"Maybe I'm on a road that ain't been paved yet. And maybe I see a sign that ain't been made yet"
Song Title: I guess you could say
Artist: Middle Class Rut

Share this post


Link to post
Share on other sites

Thanks a lot for the snippet, I'll have an in-depth look tonight. Stay tuned...

EDIT: Okay, I found the problem. It's got nothing to do with encryption or obfuscation. The backtranslation itself has somehow replaced the double space between <00> and GROUP with a single space. I can confirm that this is an issue at my end. As soon as I've figured out what's causing this, I'll post a fix for it.

Please stand by while important maintenance is being carried out....

Edited by RTFC

Share this post


Link to post
Share on other sites


@souldjer777:

Here's an immediate fix for you (as I need to implement some additional edits before releasing the next version of the bundle):

Open CodeScanner, navigate to UDF _GetnextlineASCII. Near the bottom of that UDF replace:

$line=StringStripWS(StringReplace(StringLeft($newline,$pos-1),@TAB," "),1+2+4)

with

$line=StringStripWS(StringReplace(StringLeft($newline,$pos-1),@TAB," "),1+2)

Immediately below that UDF, you'll find UDF _GetnextlineUTF. Do the same there. Near the top, replace

$line=StringStripWS(StringReplace($line,@TAB," "),1+2+4)

with

$line=StringStripWS(StringReplace($line,@TAB," "),1+2)

 

We apologise for the incovenience this may have caused, and have given ourselves twenty lashes with the cat o' nine tails.:D

Bundle update forthcoming in the near future.

 

EDIT: Oh yeah, before I forget, 1) great work in narrowing down the issue to a single line; 2) in future, please always test first whether the backtranslation works before adding the complications that obfuscation and encryption entail.

Edited by RTFC

Share this post


Link to post
Share on other sites

Sorry, I jumped around - I usually do... when I get frustrated LOL. I appreciate the HELP!!! Seriously!!! I'll give the backtranslation a go and see if I can figure out the InputBox thing :guitar:

:sorcerer: Thank you! :sorcerer:

UPDATE: Backtranslate looking good :) Just like my original app :) No issues!

I'm sure you'll know why this never runs... I'm sure it's something unsupported like "FileInstall"

_StartGuiPOSFolderCheck ()

Func _StartGuiPOSFolderCheck()

Local $sFldr3 = @ScriptDir & "\Ticket_Types\"
Local $DirOK01 = DirCreate($sFldr3)

If $DirOK01 = 1 Then

    FileInstall("C:\Temp\Ticket_Types\_Quick_Ticket.txt", @ScriptDir & "\Ticket_Types\_Quick_Ticket.txt", 1)
    FileInstall("C:\Temp\Ticket_Types\FalsePositive.txt", @ScriptDir & "\Ticket_Types\FalsePositive.txt", 1)

Else
    MsgBox(262144, $ProgramTitle01, "Folder creation failure: " & @CR & $DirOK01)
Exit
EndIf

$guileftcontrol = InputBox($ProgramTitle01, "Gui Pixel Distance from LEFT of screen:", "10", "", -1, -1, 10, 10)

If @Error Then $guileftcontrol = -1

$guitopcontrol = InputBox($ProgramTitle01, "Gui Pixel Distance from TOP of screen:", "10", "", -1, -1, 10, 10)

If @Error Then $guitopcontrol = -1

TicketType_Check01()

EndFunc

Can you tell if there are any unsupported operations going on in there? Obfuscate works fine with the above code -- just not encryption.

Thank you again for all your help!

Edited by souldjer777

"Maybe I'm on a road that ain't been paved yet. And maybe I see a sign that ain't been made yet"
Song Title: I guess you could say
Artist: Middle Class Rut

Share this post


Link to post
Share on other sites

Hang on, the inputbox, that rings a bell...:think:

Did you add the compiler directive:

#pragma compile(inputboxres, true)  ; otherwise InputBox parameters are lost, generating @error=3

to your final source?

The new bundle's MCF.au3 will do this automatically, but I don't think the currently posted version does this yet. This came up either in this thread, or in the MCF thread. Thanks go to BrewManNH for suggesting this fix.

Oh, and you're very welcome! Thanks to you one more oversight on my part will be fixed in the next release.

Edited by RTFC

Share this post


Link to post
Share on other sites

Cool! I'll get the latest MCF.au3 just to be safe - I know it's darn near impossible to control versions. Almost have to have the source code loaded from the cloud to have everyone on the same page all of the time. :graduated:


"Maybe I'm on a road that ain't been paved yet. And maybe I see a sign that ain't been made yet"
Song Title: I guess you could say
Artist: Middle Class Rut

Share this post


Link to post
Share on other sites

If you can contain your enthusiasm for just a few hours, I'll probably be able to upload the new bundle later today. Just need to run a few tests...

Edited by RTFC

Share this post


Link to post
Share on other sites

@everyone: new bundle version 1.4 is released (should run under AutoIt version 3.3.14), with numerous bug fixes and feature requests that had accumulated over several months of indolence on my part.:whistle:

@souldjer777: regarding your earlier question concerning FileInstall, let me quote you some dispiriting prose from the Help file page on this topic:

"The source file must be specified using a string literal and can not be a variable, a macro, a calculation nor function call.":no:

So this is an AutoIt limitation I cannot circumvent. You could however store the file directly as (compressed) binary data in a variable (presuming it has fixed content) and dump that to file at startup; there are several solutions to be found in the Example Scripts forum.

Edited by RTFC

Share this post


Link to post
Share on other sites

Hey, all good! Thank you again! I like your idea for a work around :sorcerer: 

:ninja: You're an AutoIT Ninja!!!


"Maybe I'm on a road that ain't been paved yet. And maybe I see a sign that ain't been made yet"
Song Title: I guess you could say
Artist: Middle Class Rut

Share this post


Link to post
Share on other sites

:guitar:Appreciated, souldjer777, glad I could help.

Re. compressed storage, I can recommend UEZ's excellent file to base64 string utility. Anyway, best of luck.-_-

Share this post


Link to post
Share on other sites

Dang!!! So I can change the file itself to base64 and on top of that - encrypt it?! :cheer:
That's freakin sweet LOL Thanks again! Just getting my head around it...:frantics:
Attempting scan / crypt / execute now...

Only issue I can tell is with doing a Base64 csv file... getting "error: syntax error (illegal character)" after codecrypter is run.
I'm pretty sure it's due to the "," separated values.Could be because UEZ had it wrap after a certain character count horizontally, something to do with either a " , " or  " ' " or " " " or " & "
On second hand... it looks as though UEZ saves the csv as
IP_Rangescsv &= '
and codecrypter saves it out as
_IP_Rangescsv&=_MCFCC("

Something lost in translation probably... still digging... could quite possibly be length or missing symbol... and downloading testing new bundle :)
LOL, love it "No problemo"


Dang - still same error / issue - Suggestions? Thank you again!

Edited by souldjer777

"Maybe I'm on a road that ain't been paved yet. And maybe I see a sign that ain't been made yet"
Song Title: I guess you could say
Artist: Middle Class Rut

Share this post


Link to post
Share on other sites

Yes, there's obviously an ampersand missing between: each " _

Should be trivial to fix. Sorry for the oversight. I'll look into it later today.

 

EDIT: played with UEZ's base64 testscripts for about an hour, but I'm completely unable to reproduce your issue. Can you please provide a reproducer script using some OS file (or some other publicly available data file)? Can't fix it if I can't see it break in my own environment...

Edited by RTFC

Share this post


Link to post
Share on other sites

Good Morning RTFC, Thanks for the reply back! :graduated:

I have a file called...
IP_Ranges.csv
I basically open it with notepad and have 1900 rows in there from top to bottom with two columns - separated by comma.
Row 1 would read...
10.0.0.0/24, NWEST(Used)
10.0.1.0/24, NWEST2(Used)
...

(row 1900)

The data there is a fictitious example as it's a private document but formatting like "10.0.0.0/24, NWEST(Used)" is all correct.
I appreciate everything you've done to help! I got it compiled and everything because like you said it's just an & sign and some clean up :idea:
Thank you again! Pardon my french ;) but your program is freakin sweet!

 :dance:

Edited by souldjer777

"Maybe I'm on a road that ain't been paved yet. And maybe I see a sign that ain't been made yet"
Song Title: I guess you could say
Artist: Middle Class Rut

Share this post


Link to post
Share on other sites

Thanks for responding, souldjer777. I'll see if I can re-create the issue using that latest string dump of yours. I'll keep you posted...

 

EDIT: so I just tried this test script based upon your string and this is re-encoded (and runs encrypted) without any problem.

I realise you need to protect your own data, that's why I suggested you instead create a reproducer script that incorporates a base64 string of some generic (base64 compressed) OS file (notepad.exe or something) that's large enough (presuming it's a size-related issue) to trigger the problem you're experiencing when you encrypt it.

You're absolutely right that your initial re-encoded output looks wrong, and MCF's _EncodeMCF is probably not handling these exceptionally long strings properly for some reason, but whenever I try to trip it up, it fails to fail. So what I need is a small full script that runs unencrypted and contains the syntax errors you describe after you've encrypted it. This does not have to be your real script, and it should not contain your real data; any dummy data will do. And the smaller it is, the better.

Edited by RTFC
example code removed upon request

Share this post


Link to post
Share on other sites

Thank you Forum Moderator or RTFC! My mistake totally! I appreciate it! 

Yes, I will get you something soon RTFC! Thanks for all your help!

I believe in the meantime, I'm going to just grind out the & and ' and " replacements.

Edited by souldjer777

"Maybe I'm on a road that ain't been paved yet. And maybe I see a sign that ain't been made yet"
Song Title: I guess you could say
Artist: Middle Class Rut

Share this post


Link to post
Share on other sites

Just to give you peace of mind, I've also deleted my test examples with your data (without attempting to decode it), but of course nothing posted online is ever truly gone...:shhh:

@everyone: if you've sent me scripts and/or data for testing/bugfixing Codecrypter/Scanner (or any other of my own scripts),  or contemplate doing so in future, know that I will not disclose your work to any third party, and will usually delete it as soon as the issue is resolved.

Share this post


Link to post
Share on other sites

Thank you RTFC, I appreciate it :) 


"Maybe I'm on a road that ain't been paved yet. And maybe I see a sign that ain't been made yet"
Song Title: I guess you could say
Artist: Middle Class Rut

Share this post


Link to post
Share on other sites

After severely mangling one of UEZ's base64 example scripts, I am now able to reproduce your bug (which is really my bug), so don't bother cooking up a reproducer script anymore. I'll try and fix it some time this weekend, as soon as I'm done with another bug hunt (ants in my back garden are attempting to invade my house).

Share this post


Link to post
Share on other sites

So far, the ants are winning,:mad: so to vent my frustration I fixed the veryveryverylongstring-issue that still plagued MCF.au3, as identified by souldjer777 (many thanks for identifying it; I'm kinda surprised no-one stumbled on this before). It was indeed a trivial mistake, and trivial to fix.

I've updated the CodeScannerCrypter bundle (still version 1.4), so please download it again if you did earlier.

Now back to this manual I'm reading: Tactical nuclear warfare against household pests For Dummies, chapter 23...

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By RTFC
      The CodeScannerCrypterBundle (ca. 2.5 MB unzipped) contains the following UDFs and utilities:
      CodeScanner: analyse AutoIt script structure and content, identify potential issues, generate MCF data files CodeCrypter: front-end GUI for the MCF library, for script encryption (without storing the decryption key(s) in the script!) MetaCodeFile UDF (MCF library): for analysis and user-defined alterations of AutoIt script structure and content MCFinclude.au3: #include this UDF in any AutoIt script that you wish CodeCrypter to process AES.au3, by Ward; machine code UDF for AES encryption (32-bit, patched version) CryptoNG, by TheXman; encryption UDF using Bcrypt dll calls (32/64-bit; various algorithms) StoreCCprofile.au3/readCSdatadump.au3/helloworld.au3: auxiliary utilities and example script HowToCodeCrypt.pdf: a simple guide in five steps CodeCrypterFAQ.pdf: questions and answers, partly based upon exchanges in the CodeCrypter thread. Please follow the links for additional information.
    • By TheXman
      Encryption / Decryption / Hashing
      Purpose
      Cryptography API: Next Generation (CNG) is Microsoft's long-term replacement for their CryptoAPI.  CNG is designed to be extensible at many levels and cryptography agnostic in behavior.  Although the Crypt.au3 UDF that is installed with AutoIt3 still works perfectly, the advapi32.dll functions that it uses have been deprecated.  This UDF was created to offer a replacement for the deprecated functions.  According to Microsoft, deprecated functions may be removed in future release.  Therefore, this UDF will be available when/if that happens.
      Description
      This UDF implements some of Microsoft's Cryptography API: Next Generation (CNG) Win32 API functions.  In its initial release, it implements functions to encrypt text & files, decrypt text and files, generate hashes, and the Password-Based Key Derivation Function 2 (PBKDF2) function.  The UDF can implement any of the encryption/decryption algorithms or hashing algorithms that are installed on the PC in which it is running.  Most, if not all, of the values that you would commonly use to specify that desired algorithms, key bit lengths, and other magic number type values, are already defined as constants or enums in the UDF file.
      To flatten the learning curve, there is an example file that shows examples of all of the major functionality.  This example file is not created to be an exhaustive set of how to implement each feature and parameter.  It is designed to give you a template or guide to help you hit the ground running in terms of using the functions.  I have tried to fully document the headers of all of the functions as well as the code within the functions themselves.    As of v1.4.0, there is also a Help file that includes all of the functions, with examples.
      Current UDF Functions
      _CryptoNG_3DES_CBC_DecryptData _CryptoNG_3DES_CBC_DecryptFile _CryptoNG_3DES_CBC_EncryptData _CryptoNG_3DES_CBC_EncryptFile _CryptoNG_AES_CBC_DecryptData _CryptoNG_AES_CBC_DecryptFile _CryptoNG_AES_CBC_EncryptData _CryptoNG_AES_CBC_EncryptFile _CryptoNG_CreateRSAKeyPair _CryptoNG_DecryptData _CryptoNG_DecryptFile _CryptoNG_EncryptData _CryptoNG_EncryptFile _CryptoNG_EnumAlgorithms _CryptoNG_EnumRegisteredProviders _CryptoNG_GenerateRandom _CryptoNG_HashData _CryptoNG_HashFile _CryptoNG_LastErrorMessage _CryptoNG_PBKDF2 _CryptoNG_Version  
      Related Links
      Cryptography API: Next Generation - Main Page
      Cryptography API: Next Generation - Reference
      Cryptography API: Next Generation - Primitives
      Cryptography API: Next Generation - Cryptographic Algorithm Providers
    • By RTFC
      MetaCode offers a way to:
      separate a script's structure from its content remove all redundant definitions (globals and UDFs) change any content (and some structure) combine (new) structure and (new) content into a new script The most useful applications implemented so far are:
      Fast language translation (not just text strings, also variable names and UDF names) Obfuscation (vars and/or UDFs) Script Encryption (conditionals, calls, and macros) Encryption is powerful because the key is not stored anywhere; you can define it to be a user password, macro, environment spec/variable, server response, something you define yourself, or a combination thereof; anything goes, as long as it's not a fixed string or fixed value. More info in the CodeCrypter thread: ?do=embed' frameborder='0' data-embedContent>'?do=embed' frameborder='0' data-embedContent>>
      ?do=embed' frameborder='0' data-embedContent>
      But MetaCode has more potential than that; it allows you to tinker with any type of content separately, then rebuild a new version. So for example, you can have a single script structure and numerous different language modules you just plug in to create a new version in a different language.
      A brief Tutorial is here: MetaCode Tutorial.pdf
      The MCF library itself can be found in the CodeScannerCrypter bundle.
      And a little example how to use it for translating your GUI into a different language:
       UI_Translator.7z (new version that should work with the new version of Google Translate, see post #13 below)
       
       
      MCF.au3 is just the library plus the MCFinclude.au3 file you need to include in any script you wish to encrypt.
      There is no GUI here. However, I did write a separate front-end for it called CodeCrypter, which you can find here:
      ?do=embed' frameborder='0' data-embedContent>'?do=embed' frameborder='0' data-embedContent>>
      ?do=embed' frameborder='0' data-embedContent>
      MCF uses output generated by my CodeScanner version 2.8+, which you can find here:
      '?do=embed' frameborder='0' data-embedContent>>
      CodeScanner also depends on MCF.au3 now, as it can now call a few of its functions.
      I should also mention Ward's excellent AES.au3 UDFs used for the encryption and decryption calls,  which is now included in the CodeScannerCrypter bundle (thanks to Ward for allowing to include it). You can find the original (unpatched) version here:
      '?do=embed' frameborder='0' data-embedContent>>
      Note: you can replace the encryption/decryption calls with whatever algorithm you like (hint: the native <Crypt.au3> library is too slow for most purposes, better stick to machine code routines)
      So just to be clear:
      CodeScanner (v2.8+) needs MCF (earlier versions won't work!) CodeCrypter needs MCF (plus anything that MCF needs) MCF itself needs MCFinclude (part of MCF zip) MCF also needs readCSdatadump (part of the CodeScanner package, you need the latest version packaged with CodeScanner v2.8; earlier versions won't work!) both MCF and MCFinclude currently rely on AES.au3 by Ward So you basically need to download the whole bundle for any of it to work.
       
      If you have any questions, please start by reading the MCF Tutorial and the CodeCrypter FAQ (you can download the latter separately from the CodeCrypter thread).
      Next, read the extensive Remarks sections in MCF.au3, MCFinclude.au3, and CodeCrypter.au3
      If still no joy, then please post. However, I'm not online that often, and logged in to the forum even less, so response may take a while).
      RT
×
×
  • Create New...