Jump to content
trancexx

CheckSumVerify - verify integrity of the compiled exe

Recommended Posts

JohnOne

Sends my computer up the wall ma'am.

Just sits there opening and closing instances of itself.

Difficult to close too.

All I put was 

MsgBox(0,0,0)

EDIT:

Only when compiled .

Edited by JohnOne

AutoIt Absolute Beginners    Require a serial    Pause Script    Video Tutorials by Morthawt   ipify 

Monkey's are, like, natures humans.

Share this post


Link to post
Share on other sites
czardas

I believe the thread you are refering to was moved to chat. I was playing with ideas like this myself yesterday. I'll have to try this later - on another machine. I'll get back! :)

Share this post


Link to post
Share on other sites
trancexx

I forgot to say that you need to run/compile it with some newer version of AutoIt interpreter. Newer stable, the better.

Edited by trancexx

♡♡♡

.

eMyvnE

Share this post


Link to post
Share on other sites
trancexx

Nope.

Hm.


♡♡♡

.

eMyvnE

Share this post


Link to post
Share on other sites
trancexx

Could you comment out line 48 and give it another try?

...If something hasn't blown up by now.

Edited by trancexx

♡♡♡

.

eMyvnE

Share this post


Link to post
Share on other sites
Rich071

I tried a couple of tests against compiled EXE's only. I compiled using your msgbox text and added the, #include "CheckSumVerify.au3", to one of my scripts. In both cases, I used a hex editor and made a one byte change to each EXE.

When running, both modified EXE's., I got the expected results, a message box, "Binary integrity can't be verified. Exiting...".

I like the fact, all you have to do is add, #include "CheckSumVerify.au3", to include it in your script and this could be done after all the testing and debugging is complete and right before distributing.

I like this better than doing a hash compare and the user knows to go get the file again.

However, I can see a possible issue. You had stated, do not use UPX. I would assume, a similar issue would occur if you then added code signing to the EXE.

Overall, I like it.

Thanks,

Edit: I am using the latest AutoIt and Beta and spelling edit.

Edited by Rich071
  • Like 1

Share this post


Link to post
Share on other sites
JohnOne

Just as a comment, I tried to use an app to record the screen to gif to post it, but while the compiled script was running or was started it crashed the app with some .net error.

That no longer occurs either.


AutoIt Absolute Beginners    Require a serial    Pause Script    Video Tutorials by Morthawt   ipify 

Monkey's are, like, natures humans.

Share this post


Link to post
Share on other sites
czardas

I'm just wondering one thing: what is to stop someone from simply removing the line #include "CheckSumVerify.au3" ?

Edited by czardas

Share this post


Link to post
Share on other sites
JohnOne

Nothing at all, well only that compiled scripts do not have includes, but I get what you mean. You have to remember though, this is not some sort of protection, we all know there is no real way to do that, but it is a nice thing for your bog standard script developer to have in his handbag. Don't forget, about 99.9999999 % of the population would not even know what decompile meant in terms of apps.


AutoIt Absolute Beginners    Require a serial    Pause Script    Video Tutorials by Morthawt   ipify 

Monkey's are, like, natures humans.

Share this post


Link to post
Share on other sites
czardas

True, but I believe it is possible to take this a step further and make sure you can't just remove the checks by making them an integral part of the program. In other words integrity checks actually become a real dependancy.

It's always nice to see new ideas that might assist, thanks trancexx.

Edited by czardas

Share this post


Link to post
Share on other sites
trancexx

JohnOne, could you get back that line and comment-out line 30.

This line reruns the exe after the modifications are being done on first run. When commented out, first run doesn't actually start your script. On next runs only the check is done and original script is executed.


♡♡♡

.

eMyvnE

Share this post


Link to post
Share on other sites
FaridAgl

What will happen if someone decompile the source and compile it again? I guess nothing, am I right?

Share this post


Link to post
Share on other sites
jchd

That's true with any self-contained "protection", whatever goal it has. So this is a moot point IMVHO.


This wonderful site allows debugging and testing regular expressions (many flavors available). An absolute must have in your bookmarks.
Another excellent RegExp tutorial. Don't forget downloading your copy of up-to-date pcretest.exe and pcregrep.exe here
RegExp tutorial: enough to get started
PCRE v8.33 regexp documentation latest available release and currently implemented in AutoIt beta.

SQLitespeed is another feature-rich premier SQLite manager (includes import/export). Well worth a try.
SQLite Expert (freeware Personal Edition or payware Pro version) is a very useful SQLite database manager.
An excellent eBook covering almost every aspect of SQLite3: a must-read for anyone doing serious work.
SQL tutorial (covers "generic" SQL, but most of it applies to SQLite as well)
A work-in-progress SQLite3 tutorial. Don't miss other LxyzTHW pages!
SQLite official website with full documentation (may be newer than the SQLite library that comes standard with AutoIt)

Share this post


Link to post
Share on other sites
JohnOne

JohnOne, could you get back that line and comment-out line 30.

This line reruns the exe after the modifications are being done on first run. When commented out, first run doesn't actually start your script. On next runs only the check is done and original script is executed.

That seems to do the trick too.


AutoIt Absolute Beginners    Require a serial    Pause Script    Video Tutorials by Morthawt   ipify 

Monkey's are, like, natures humans.

Share this post


Link to post
Share on other sites
czardas

Recompiling alters the binary. This detail can be used to good effect by breaking so much of the functionality that rebuilding the script would require more effort than simply starting afresh. Once decompiled, the script never runs ever again - at least not without enormous effort to fix it. I believe this to be a valid concept.

Edited by czardas

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×