Jump to content

Is there another way to make an.au3 into an exe?

Chimaera

By Chimaera,
in AutoIt General Help and Support

 Share

Recommended Posts

Chimaera Universalist

Chimaera

Posted
Posted

As the title says really, im getting loads of grief at work with AV's killing off scripts as soon as the usb is shoved in (techs forget to turn it off temporarily)

So is there a way to compile it to .exe without using Autoit to compile?

The reason for this is i hope using a different way will stop or reduce the detections.

PS i've already had dozens of tries with AV manufacturers but they seem to operate on AutoIt is bad so they don't care.

I don't want to stop using AutoIt just make the exe differently.

 

Bear in mind im looking at this at a simple level a small program that i can compile with if possible

Admittedly it may not be that simple

 

If Ive just helped you ... miracles do happen. Chimaera

CopyRobo() * Hidden Admin Account Enabler * Software Location From Registry * Find Display Resolution * _ChangeServices()

Link to comment
Share on other sites
guinness Universalist

guinness

Posted
Posted

Just to re-iterate the point Jos is making, you don't need to re-distribute the whole AutoIt package e.g. includes, help file, examples etc... just AutoIt3.exe OR AutoIt3_x64.exe. The a3x compiled script is passed as a commandline argument to the executable.

UDF List:

 
_AdapterConnections()_AlwaysRun()_AppMon()_AppMonEx()_ArrayFilter/_ArrayReduce_BinaryBin()_CheckMsgBox()_CmdLineRaw()_ContextMenu()_ConvertLHWebColor()/_ConvertSHWebColor()_DesktopDimensions()_DisplayPassword()_DotNet_Load()/_DotNet_Unload()_Fibonacci()_FileCompare()_FileCompareContents()_FileNameByHandle()_FilePrefix/SRE()_FindInFile()_GetBackgroundColor()/_SetBackgroundColor()_GetConrolID()_GetCtrlClass()_GetDirectoryFormat()_GetDriveMediaType()_GetFilename()/_GetFilenameExt()_GetHardwareID()_GetIP()_GetIP_Country()_GetOSLanguage()_GetSavedSource()_GetStringSize()_GetSystemPaths()_GetURLImage()_GIFImage()_GoogleWeather()_GUICtrlCreateGroup()_GUICtrlListBox_CreateArray()_GUICtrlListView_CreateArray()_GUICtrlListView_SaveCSV()_GUICtrlListView_SaveHTML()_GUICtrlListView_SaveTxt()_GUICtrlListView_SaveXML()_GUICtrlMenu_Recent()_GUICtrlMenu_SetItemImage()_GUICtrlTreeView_CreateArray()_GUIDisable()_GUIImageList_SetIconFromHandle()_GUIRegisterMsg()_GUISetIcon()_Icon_Clear()/_Icon_Set()_IdleTime()_InetGet()_InetGetGUI()_InetGetProgress()_IPDetails()_IsFileOlder()_IsGUID()_IsHex()_IsPalindrome()_IsRegKey()_IsStringRegExp()_IsSystemDrive()_IsUPX()_IsValidType()_IsWebColor()_Language()_Log()_MicrosoftInternetConnectivity()_MSDNDataType()_PathFull/GetRelative/Split()_PathSplitEx()_PrintFromArray()_ProgressSetMarquee()_ReDim()_RockPaperScissors()/_RockPaperScissorsLizardSpock()_ScrollingCredits_SelfDelete()_SelfRename()_SelfUpdate()_SendTo()_ShellAll()_ShellFile()_ShellFolder()_SingletonHWID()_SingletonPID()_Startup()_StringCompact()_StringIsValid()_StringRegExpMetaCharacters()_StringReplaceWholeWord()_StringStripChars()_Temperature()_TrialPeriod()_UKToUSDate()/_USToUKDate()_WinAPI_Create_CTL_CODE()_WinAPI_CreateGUID()_WMIDateStringToDate()/_DateToWMIDateString()Au3 script parsingAutoIt SearchAutoIt3 PortableAutoIt3WrapperToPragmaAutoItWinGetTitle()/AutoItWinSetTitle()CodingDirToHTML5FileInstallrFileReadLastChars()GeoIP databaseGUI - Only Close ButtonGUI ExamplesGUICtrlDeleteImage()GUICtrlGetBkColor()GUICtrlGetStyle()GUIEventsGUIGetBkColor()Int_Parse() & Int_TryParse()IsISBN()LockFile()Mapping CtrlIDsOOP in AutoItParseHeadersToSciTE()PasswordValidPasteBinPosts Per DayPreExpandProtect GlobalsQueue()Resource UpdateResourcesExSciTE JumpSettings INISHELLHOOKShunting-YardSignature CreatorStack()Stopwatch()StringAddLF()/StringStripLF()StringEOLToCRLF()VSCROLLWM_COPYDATAMore Examples...

Updated: 22/04/2018

Link to comment
Share on other sites
Chimaera Universalist

Chimaera

Posted
  • Author
Posted (edited)

Ok so im clear about this

I compile every problem script in the pack i use as .a3x

then paste Autoit3.exe into the main folder and call the script like this

AutoIt3exe /AutoIt3ExecuteScript mymainscript.a3x - (Copied from another answer by Jos) and that will open the script i want.

Wont the AutoIt3exe get stamped by the AV as well?

would i be as easy to add that to a cmd file and start it that way?

2nd question

In my GUI where i have things like this

ShellExecute(@ScriptDir & "\Toolz\backup_transfer\backup_transfer.exe")

I change all the links to

ShellExecute(@ScriptDir & "\Toolz\backup_transfer\backup_transfer.a3x")

and they will still work because i started the main script with the main AutoIt3exe ?

 

Edited by Chimaera

If Ive just helped you ... miracles do happen. Chimaera

CopyRobo() * Hidden Admin Account Enabler * Software Location From Registry * Find Display Resolution * _ChangeServices()

Link to comment
Share on other sites
rcmaehl Universalist

rcmaehl

Posted
Posted (edited)

I use RESHack to delete all the AutoIt related stuff from my compiled programs. I reduces AV detections from ~5/42 to ~1/42 and sometimes 0/42. I have had to do this a lot lately while messing around with IRC functions creation since IRC + AutoIt had been used for malicious purposes in the past

Edited by rcmaehl

My UDFs are generally for me. If they aren't updated for a while, it means I'm not using them myself. As soon as I start using them again, they'll get updated.

My Projects

WhyNotWin11
Cisco FinesseGithubIRC UDFWindowEx UDF

 

Link to comment
Share on other sites
iamtheky Universalist

iamtheky

Posted
Posted (edited)

can you post a small compiled program with all the 'autoiit related stuff' deleted.  I'm interested in what you elected to remove.

Edited by boththose 

,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-.
|(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/
(_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_)
| | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) (
| | | | |)| | \ / | | | | | |)| | `--. | |) \ | |
`-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_|
'-' '-' (__) (__) (_) (__)

Link to comment
Share on other sites
rcmaehl Universalist

rcmaehl

Posted
Posted (edited)

can you post a small compiled program with all the 'autoiit related stuff' deleted.  I'm interested in what you elected to remove.

Not on a Windows computer ATM. Mainly, any debug strings, additional icons other than the application icon I use, and the default tray menu to pause the script. Will post an example in around an hour and a half.

Items below in BOLD are things I've only done once or twice and haven't thoroughly tested.

 

  • In "Icon" delete 1, 2, 3, and anything else that doesn't match your app icon
  • If "Menu" only has 166 delete "Menu" entirely, else just remove 166
  • Delete "String Table"
  • In "Icon Group" delete 162, 164, and 169
  • In "Version Info" learn the additional fields and add them in yourself
  • OPTIONALLY, Change 'BLOCK "080904B0"' to 'BLOCK "040904B0"' and 'VALUE "Translation", 0x0809 0x04B0' to 'VALUE "Translation", 0x0409 0x04B0' in "Version Info" then Delete 2057 to change your language from English UK to English US
  • OPTIONALLY, Change the language of all other Resources in your file to "English_US" or 1033
  • OPTIONALLY, In "Manifest", change which versions of Windows your program says it's supported on by adding/removing supportedOS IDs
Edited by rcmaehl
SupportedOS IDs

My UDFs are generally for me. If they aren't updated for a while, it means I'm not using them myself. As soon as I start using them again, they'll get updated.

My Projects

WhyNotWin11
Cisco FinesseGithubIRC UDFWindowEx UDF

 

Link to comment
Share on other sites
Chimaera Universalist

Chimaera

Posted
  • Author
Posted (edited)

I have had to do this a lot lately while messing around with IRC functions creation since IRC + AutoIt had been used for malicious purposes in the past

I have a similar problem as all my stuff deals with areas the AV's protect, services, registry, special windows folders etc and that's why i always have this problem because of the work i do.

Edited by Chimaera

If Ive just helped you ... miracles do happen. Chimaera

CopyRobo() * Hidden Admin Account Enabler * Software Location From Registry * Find Display Resolution * _ChangeServices()

Link to comment
Share on other sites
Chimaera Universalist

Chimaera

Posted
  • Author
Posted (edited)

Ok ive managed to sort this now and this is how i did it

I created a small autoit script like this

#Region ;**** Directives created by AutoIt3Wrapper_GUI ****
#AutoIt3Wrapper_Icon=compile\chimaera_black.ico
#AutoIt3Wrapper_Outfile=autoit_stub.exe
#AutoIt3Wrapper_Res_requestedExecutionLevel=requireAdministrator
#EndRegion ;**** Directives created by AutoIt3Wrapper_GUI ****

and compiled the file then

downloaded Resource Hacker http://www.angusj.com/resourcehacker/  (i grabbed the portable edition)

put the stub into the resource hacker folder and opened resource hacker

resource1.thumb.PNG.5de0d606b88e0d89d632

Then i opened the stub and double clicked the RCData section the select SCRIPT:0

once its highlighted then right click and choose Replace Resource

resource2.thumb.PNG.2172b551e26d683644b3

Then select your previously prepared .a3x which you made from the script you want to add

resource3.thumb.PNG.1b4ee3faf77c622f393d

Then click Replace

Then just save the exe and rename to what the file would have normally been called.

And so far i have not had a single detection :)

 

This may not be for everyone but if you are plagued with AV problems like i am mainly because i work with customer machines all day this may help

Many thanks to Trong for pointing me in the right direction

Edited by Chimaera

If Ive just helped you ... miracles do happen. Chimaera

CopyRobo() * Hidden Admin Account Enabler * Software Location From Registry * Find Display Resolution * _ChangeServices()

Link to comment
Share on other sites
  • Developers
Jos Universalist

Jos

Posted
  • Developers
Posted

mmm... trying to understand how the end result differs from a normal compile as I would guess that should be more or less the same result?

Jos

SciTE4AutoIt3 Full installer Download page   - Beta files       Read before posting     How to post scriptsource   Forum etiquette  Forum Rules 
 
Live for the present,
Dream of the future,
Learn from the past.  :)

Link to comment
Share on other sites
Chimaera Universalist

Chimaera

Posted
  • Author
Posted (edited)

No idea ive just followed the suggestions, i dont understand why the AV kick off normally yet if i replace like above AV doesnt even stir when you add the pendrive or run the file?

Normally the second the usb drive is inserted it starts and if i run one file that starts a sequence of others its forever jumping in and trying to stop it as the files that trigger it start.

I have noticed over periods of AutoIt updates it does differ as to which AV is more aggressive to the exes but i dont know what the AV looks at. which may change as AutoIt is made.

With this method ive not seen a single AV event yet... it may happen time will tell

Edited by Chimaera

If Ive just helped you ... miracles do happen. Chimaera

CopyRobo() * Hidden Admin Account Enabler * Software Location From Registry * Find Display Resolution * _ChangeServices()

Link to comment
Share on other sites
rcmaehl Universalist

rcmaehl

Posted
Posted

Ok ive managed to sort this now and this is how i did it

I created a small autoit script like this

#Region ;**** Directives created by AutoIt3Wrapper_GUI ****
#AutoIt3Wrapper_Icon=compile\chimaera_black.ico
#AutoIt3Wrapper_Outfile=autoit_stub.exe
#AutoIt3Wrapper_Res_requestedExecutionLevel=requireAdministrator
#EndRegion ;**** Directives created by AutoIt3Wrapper_GUI ****

and compiled the file then

downloaded Resource Hacker http://www.angusj.com/resourcehacker/  (i grabbed the portable edition)

put the stub into the resource hacker folder and opened resource hacker

resource1.thumb.PNG.5de0d606b88e0d89d632

Then i opened the stub and double clicked the RCData section the select SCRIPT:0

once its highlighted then right click and choose Replace Resource

resource2.thumb.PNG.2172b551e26d683644b3

Then select your previously prepared .a3x which you made from the script you want to add

resource3.thumb.PNG.1b4ee3faf77c622f393d

Then click Replace

Then just save the exe and rename to what the file would have normally been called.

And so far i have not had a single detection :)

 

This may not be for everyone but if you are plagued with AV problems like i am mainly because i work with customer machines all day this may help

Many thanks to Trong for pointing me in the right direction

Interesting... and you've had no problems? Secondly, do you think that compiling a script with Reshack something similar to ResHack since its license prohibits unapproved distribution, and then switching out the script file in resources during/before run (FILES WITHIN FILES, how deep does this rabbit hole go!?) could be used to make de-compiling harder? Finally, included updated what I do in my old post.

My UDFs are generally for me. If they aren't updated for a while, it means I'm not using them myself. As soon as I start using them again, they'll get updated.

My Projects

WhyNotWin11
Cisco FinesseGithubIRC UDFWindowEx UDF

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...