Sign in to follow this  
Followers 0
Spyderco

Encrypting your script?

4 posts in this topic

Good morning everyone :)

This is my first post here, but I've been using AutoIt for quite some time now.
I've used it to automate everything from setting up databases used to build automated websites via IIS all the way to creating games and goofy programs for the hell of it.
AutoIt is simple, effective and good at what it does.

However...
There are quite some applications I use in which I have some sensitive information compiled into the .exe.
This could be SMTP credentials, automated login key generators for working enviroments, hash generators for FTP purposes, etc.
Now I know that not everyone will go through the effort of trying to get into the script behind the executable, but I like it, so other must too.
I've found a way to restore the .exe's back to .au3 files regardless of what version of AutoIt was used (unlike the  Exe2Aut.exe we used to have).
Information which is simply puy in a Send/FileWrite statement or something, will remain as plaintext within the source code of the exe.
Even information that's encrypted with the _Crypt function can be seen as plaintext without too much effort.
And simply protecting the file with user rights, group policies, etc. might not be enough in every scenario.

Now the restored .au3 files do have some issues running from time to time, but it's just a matter of reading to see exactly what was written in the code.
Especially things like I mentioned above.
Is there any way to encrypt everything in a simple(ish) way so my source code has a bit better protection?
I'm looking for a method that doesn't store the key inside of the script or uses 4 different scripts to do so.

Thanks guys! Glad to finally be on the forum instead of lurking all the time :P

Share this post


Link to post
Share on other sites



#2 ·  Posted (edited)

You can't be sure that your code will not be reverse engineered and, as far as I know, the only option Autoit actually offers to improve "security" and make source code less readable is Au3Stripper.

EDIT:

With a fast research I tried that a suggested technique to protect password and sensible information (out of source code) is this, but it is for C#.

Edited by j0kky

Share this post


Link to post
Share on other sites

 

1 minute ago, RTFC said:

In one word: CodeCrypter (link in sig).

 

30 minutes ago, j0kky said:

You can't be sure that your code will not be reverse engineered and, as far as I know, the only option Autoit actually offers to improve "security" and make source code less readable is Au3Stripper.

EDIT:

With a fast research I tried that a suggested technique to protect password and sensible information (out of source code) is this, but it is for C#.


Thanks guys! I'll give these a go ;)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0