Jump to content
trancexx

CheckSumVerify - verify integrity of the compiled exe

Recommended Posts

Sends my computer up the wall ma'am.

Just sits there opening and closing instances of itself.

Difficult to close too.

All I put was 

MsgBox(0,0,0)

EDIT:

Only when compiled .

Edited by JohnOne

Share this post


Link to post
Share on other sites

I tried a couple of tests against compiled EXE's only. I compiled using your msgbox text and added the, #include "CheckSumVerify.au3", to one of my scripts. In both cases, I used a hex editor and made a one byte change to each EXE.

When running, both modified EXE's., I got the expected results, a message box, "Binary integrity can't be verified. Exiting...".

I like the fact, all you have to do is add, #include "CheckSumVerify.au3", to include it in your script and this could be done after all the testing and debugging is complete and right before distributing.

I like this better than doing a hash compare and the user knows to go get the file again.

However, I can see a possible issue. You had stated, do not use UPX. I would assume, a similar issue would occur if you then added code signing to the EXE.

Overall, I like it.

Thanks,

Edit: I am using the latest AutoIt and Beta and spelling edit.

Edited by Rich071

Share this post


Link to post
Share on other sites

Appears to perform normally with that line commented out.

At least the craziness stopped and msgbox appeared and exited normally.

Haven't tried changing binary yet.

Share this post


Link to post
Share on other sites

Just as a comment, I tried to use an app to record the screen to gif to post it, but while the compiled script was running or was started it crashed the app with some .net error.

That no longer occurs either.

Share this post


Link to post
Share on other sites

Nothing at all, well only that compiled scripts do not have includes, but I get what you mean. You have to remember though, this is not some sort of protection, we all know there is no real way to do that, but it is a nice thing for your bog standard script developer to have in his handbag. Don't forget, about 99.9999999 % of the population would not even know what decompile meant in terms of apps.

Share this post


Link to post
Share on other sites

True, but I believe it is possible to take this a step further and make sure you can't just remove the checks by making them an integral part of the program. In other words integrity checks actually become a real dependancy.

It's always nice to see new ideas that might assist, thanks trancexx.

Edited by czardas

Share this post


Link to post
Share on other sites

JohnOne, could you get back that line and comment-out line 30.

This line reruns the exe after the modifications are being done on first run. When commented out, first run doesn't actually start your script. On next runs only the check is done and original script is executed.

Share this post


Link to post
Share on other sites

That's true with any self-contained "protection", whatever goal it has. So this is a moot point IMVHO.


This wonderful site allows debugging and testing regular expressions (many flavors available). An absolute must have in your bookmarks.
Another excellent RegExp tutorial. Don't forget downloading your copy of up-to-date pcretest.exe and pcregrep.exe here
RegExp tutorial: enough to get started
PCRE v8.33 regexp documentation latest available release and currently implemented in AutoIt beta.

SQLitespeed is another feature-rich premier SQLite manager (includes import/export). Well worth a try.
SQLite Expert (freeware Personal Edition or payware Pro version) is a very useful SQLite database manager.
An excellent eBook covering almost every aspect of SQLite3: a must-read for anyone doing serious work.
SQL tutorial (covers "generic" SQL, but most of it applies to SQLite as well)
A work-in-progress SQLite3 tutorial. Don't miss other LxyzTHW pages!
SQLite official website with full documentation (may be newer than the SQLite library that comes standard with AutoIt)

Share this post


Link to post
Share on other sites

JohnOne, could you get back that line and comment-out line 30.

This line reruns the exe after the modifications are being done on first run. When commented out, first run doesn't actually start your script. On next runs only the check is done and original script is executed.

That seems to do the trick too.

Share this post


Link to post
Share on other sites

Recompiling alters the binary. This detail can be used to good effect by breaking so much of the functionality that rebuilding the script would require more effort than simply starting afresh. Once decompiled, the script never runs ever again - at least not without enormous effort to fix it. I believe this to be a valid concept.

Edited by czardas

Share this post


Link to post
Share on other sites

Dear trancexx,

Please clone yourself :); the world needs more people like you. :huggles:

A fan.:thumbsup:

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...