Spyderco Posted November 25, 2016 Posted November 25, 2016 Good morning everyone This is my first post here, but I've been using AutoIt for quite some time now. I've used it to automate everything from setting up databases used to build automated websites via IIS all the way to creating games and goofy programs for the hell of it. AutoIt is simple, effective and good at what it does. However... There are quite some applications I use in which I have some sensitive information compiled into the .exe. This could be SMTP credentials, automated login key generators for working enviroments, hash generators for FTP purposes, etc. Now I know that not everyone will go through the effort of trying to get into the script behind the executable, but I like it, so other must too. I've found a way to restore the .exe's back to .au3 files regardless of what version of AutoIt was used (unlike the Exe2Aut.exe we used to have). Information which is simply puy in a Send/FileWrite statement or something, will remain as plaintext within the source code of the exe. Even information that's encrypted with the _Crypt function can be seen as plaintext without too much effort. And simply protecting the file with user rights, group policies, etc. might not be enough in every scenario. Now the restored .au3 files do have some issues running from time to time, but it's just a matter of reading to see exactly what was written in the code. Especially things like I mentioned above. Is there any way to encrypt everything in a simple(ish) way so my source code has a bit better protection? I'm looking for a method that doesn't store the key inside of the script or uses 4 different scripts to do so. Thanks guys! Glad to finally be on the forum instead of lurking all the time
j0kky Posted November 25, 2016 Posted November 25, 2016 (edited) You can't be sure that your code will not be reverse engineered and, as far as I know, the only option Autoit actually offers to improve "security" and make source code less readable is Au3Stripper. EDIT: With a fast research I tried that a suggested technique to protect password and sensible information (out of source code) is this, but it is for C#. Edited November 25, 2016 by j0kky Spoiler Some UDFs I created: Winsock UDF STUN UDF WinApi_GetAdaptersAddresses _WinApi_GetLogicalProcessorInformation Bitwise with 64 bit integers An useful collection of zipping file UDFs
RTFC Posted November 25, 2016 Posted November 25, 2016 In one word: CodeCrypter (link in sig). My Contributions and Wrappers Spoiler BitMaskSudokuSolver BuildPartitionTable CodeCrypter CodeScanner DigitalDisplay Eigen4AutoIt FAT Suite HighMem MetaCodeFileLibrary OSgrid Pool RdRand SecondDesktop SimulatedAnnealing Xbase I/O
Spyderco Posted November 25, 2016 Author Posted November 25, 2016 1 minute ago, RTFC said: In one word: CodeCrypter (link in sig). 30 minutes ago, j0kky said: You can't be sure that your code will not be reverse engineered and, as far as I know, the only option Autoit actually offers to improve "security" and make source code less readable is Au3Stripper. EDIT: With a fast research I tried that a suggested technique to protect password and sensible information (out of source code) is this, but it is for C#. Thanks guys! I'll give these a go
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now