Jump to content
Miliardsto

Secutity method - get code from server

Recommended Posts

Miliardsto

Hello. Im trying to make my scripts safe - unnable to decompile. I search for obfuscators and other security methods but the search has come to nothing.

Then one guy gave that idea below. If I rightly understood this idea lets we talk about example program with this secutiy method.

  • Program have two parts, first is only login gui and the second part is the main program
  • Second part (main program) is uploaded on ftp server lets say that on http://xxx/autoit/main_program.au3
  • So we have the first gui with login, we put correctly login and pass and this is the moment when code from http://xxx/autoit/main_program.au3 will be downloaded and executed
  • Finally main program will be appear

This is the similiar way like new games are protected by cracking.

I have few questions in this moment about this:

  • Is something like that even possible to do with the autoit?
  • First part of program (login gui) must have somewhere given that link to download the rest of code - http://xxx/autoit/main_program.au3 to make it execute. As we know this first part of program is easy able to hack and retrieve this web url http://xxx/autoit/main_program.au3 where located is main part of program. Is the way to encrypt or secure it? If only code will be stored in .php we know it cannot be previewed. So it could for example get code from .php file instead of .au3
  • I know that methods works in other languages (I dont know exactly how) thats becouse I only speculates, maybe something may looks different in these solution?
  • Other way would be compiling second part of code on web server (there are available web autoit servers) maybe this way is possible?

Tell me anything U know about this ideas and if its even possible to achieve.

Thanks for ur any response, advice or thoughts ^_^

 


 

Quote

You can also just use authentification.

  your examplecode:

Code:

Func __CalculateWorldFormula($bob)
	$a = DiscreteLogarithm(Mod($bob ^ 4, 3))
	return $a
EndFunc

becomes

Code:

$HardwareID = _getHWID()
Func __CalculateWorldFormula($bob)
	$sCode = __GetCodeFromServer($HardwareID, "Worldformula-line.au3")
	If @error > 0 And $sCode = "HWID not registered" Then
		MsgBox(16, "Nope", "You son of a nice Mother!" & @CRLF & "You are not allowed to use this!")
		Exit 1337
	EndIf
	$a = Execute($sCode)
	return $a
EndFunc

No If clauses that could be bypassed to grant access. So also no need to protect your code anymore.
If there is an error, the server just doesn't give you the code. And thus you can't find it out. The downsides are that you need to have an FTP-server that has to run 24/7 and you need to register every user that buys a license one by one. (Or you could also write a script for it)

100% safe (in case the attacker doesn't own a license (buying a license + getting your precious code + publishing it for free = no profit = still 100% safe))

 

Share this post


Link to post
Share on other sites
JohnOne

You cannot protect you autoit3 script from decompilation.

Really stop wasting your time.

Pick another language you feel is safer, or just get over the fact your super secret code can be seen.

Chances are, no-one cares about your code anyway.


AutoIt Absolute Beginners    Require a serial    Pause Script    Video Tutorials by Morthawt   ipify 

Monkey's are, like, natures humans.

Share this post


Link to post
Share on other sites
Miliardsto

blablabla xd I heard this many times. I know there is no perfect method. Im sure something could be done for more safety.

For what reasons there is stripper in SciTe? I saw some obfuscators and packers but unfortunately they dont work in new ver of autoit.

Its evidence - something could be done for safety.

Im giving here wonderful idea and You ruin whole thing by typing automated learned rule

Share this post


Link to post
Share on other sites
iamtheky

its not that "there is no perfect method".  its that there is NO method.  You can create as many hops as you want, but you are spending a significant number of manhours on something that will be undone in minutes.  Like, not even double digit minutes. 

  • Like 1

,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-.
|(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/
(_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_)
| | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) (
| | | | |)| | \ / | | | | | |)| | `--. | |) \ | |
`-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_|
'-' '-' (__) (__) (_) (__)

Share this post


Link to post
Share on other sites
JLogan3o13

This has been discussed ad nauseam, and the response is not going to change. Locking this thread before it descends into stupidity.

  • Like 1

√-1 2^3 ∑ π, and it was delicious!

Share this post


Link to post
Share on other sites
Jos
8 hours ago, Miliardsto said:

blablabla xd I heard this many times. I know there is no perfect method. Im sure something could be done for more safety.

Im giving here wonderful idea and You ruin whole thing by typing automated learned rule

Thought I made it clear not too long ago to you that this was not going to be further discussed in these forums?  Guess I wasn't clear enough or is it you being unwilling to comply as I simply read an attitude I don't particularly like?

8 hours ago, Miliardsto said:

For what reasons there is stripper in SciTe? I saw some obfuscators and packers but unfortunately they dont work in new ver of autoit.

I  wrote the Obfuscator and stopped support as some saw that as challenge to de-complie & de-obfuscate that code again, but have a]always stated that obfuscation doesn't make the code safe but merely hard to read. The obfuscator was changed into the au3stripper as I felt the main purpose should be to strip the included script at compilation time back to the bare code needed, which generally saves  90% save for the sourcecode.

So although it is always good to have an idea and pursue your goals, but in this case this topic has been hashed out so many time and always end the same way, we simply stop the discussion right at the beginning. You may not like this, but this is what it is and not open for debate.

Jos

Edited by Jos

Visit the SciTE4AutoIt3 Download page for the latest versions  - Beta files                                How to post scriptsource        Forum Rules
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Similar Content

    • RamDemon
      By RamDemon
      Hi,
      Did anyone tried to  use Redis  with AutoIT as store DB ?
       Redis <-- more about it
      Mladen
    • nooneclose
      By nooneclose
      Hey. I'm working on a new project and was wondering if there is a better way to "update" my Column E array. 
      Here is my code: 
      Local $nI  = 0                                                            ;Creates a name index of 0: nI = Name index Local $nII = 1                                                            ;Creates a name index of 1 for second loop: nII = Name Index 2 For    $iN = 0 To $IndexRows Step 1                                       ;Checks the roster for any names that appear twice      For $iN2 = 0 To $IndexRows Step 1          if $d_Names[$nI] == $d_Names[$nII] And $d_Names[$nII] <> "" Then              Local $timeSheetName = _ArraySearch($e_Names, $d_Names[$nI], 0, 0, 0, 0, 1)              ;MsgBox($MB_SYSTEMMODAL, "Found it", $d_Names[$nI] & " In column E on Row " & $timeSheetName)              Local $eI  = $timeSheetName + 1              ;ConsoleWrite($timeSheetName & @CRLF)              ;ConsoleWrite($eI & @CRLF)              ;ConsoleWrite(@CRLF)              _Excel_RangeInsert($OpenWorkbook.ActiveSheet, "E" & $eI & ":F" & $eI, $xlShiftDown)                                                                          ;Inserts a empty cell in columns E and F.              _Excel_RangeWrite($OpenWorkbook, $OpenWorkbook.ActiveSheet, $d_Names[$nII], "E" & $eI)                                                                         ;Fills the empty cell in columns E with the doubled name              $aArray_Index = 2                                           ;Array element counter              For $Index = 2 To $IndexRows Step 1                        ;Loops through every row in the Excel file unto no rows are found or a null row is found                  $Array_Value_E = _Excel_RangeRead($OpenWorkbook, Default, "E"&$Index)                  $e_names[$aArray_Index] = $Array_Value_E                ;While the code loops every value in column E is stored in the E array (updating the array)                  $aArray_Index += 1              Next              ExitLoop          EndIf      Next      $nI  += 1      $nII += 1 Next Basically, It checks a roster for people whose name appears twice then inserts a new "row" for that person because they work in two different departments.
      I have to find that name however in Column E if two appear in column D. My code works but I think it is not as efficient as it could be. 
      Any ideas on how to improve the "update" for my array?
      (once it finds the double names in Column D it then searches for that name by going name by name in the Column E array and once it finds it inserts a new row. However, the E array doesn't have that new row stored in it so I have to "update" the array to properly find the next name)
      Any and all tips would be greatly appreciated. 
       
      NOTE: Just assume I'm opening the excel file properly please do not add that code in, it only complicates your answer. 
    • Miliardsto
      By Miliardsto
      Hello Im wondering if using this https://ohtejera.github.io/ImperiusAutoIt/#started
      UDF can i make that I can control my windows application with phone?
      like for example click button Start on android phone and then something would be done in my windows app?
    • nooneclose
      By nooneclose
      How do I properly convert this to Autoit? This is a VBA macro that I recorded in Excel.
       ActiveSheet.Outline.ShowLevels RowLevels:=2 I need this to close my subtotal once it is finished. 
      any help will be greatly appreciated. 
    • iMacg3
      By iMacg3
      Hi,
      I was looking into a way to delete a registry key (not a specific value, an entire key) if it is present. I was considering using RegRead and RegDelete. However, RegRead appears to only read values, not just keys. Is there a way to delete an entire registry key if it is present? I have heard that the below function may help.
       
      #include-once ; #UDF# ======================================================================================================================= ; Title .........: Reads\Search the name of a Key\Subkey\Value ; AutoIt Version : 3.3.8.1 ; Language ......: English ; Description ...: Lists all Keys\Subkeys\Values in a specified registry key ; Author(s) .....: DXRW4E ; Notes .........: ; =============================================================================================================================== ; #CURRENT# ===================================================================================================================== ;~ _RegEnumKeyEx ;~ _RegEnumValEx ; =============================================================================================================================== #Region ;**** Global constants and vars **** Global Const $sValueTypes[12] = ["REG_NONE","REG_SZ","REG_EXPAND_SZ","REG_BINARY","REG_DWORD","REG_DWORD_BIG_ENDIAN","REG_LINK","REG_MULTI_SZ","REG_RESOURCE_LIST","REG_FULL_RESOURCE_DESCRIPTOR","REG_RESOURCE_REQUIREMENTS_LIST","REG_QWORD"] #EndRegion ;**** Global constants and vars **** ; #FUNCTION# ======================================================================================================================== ; Name...........: _RegEnumKeyEx ; Description ...: Lists all subkeys in a specified registry key ; Syntax.........: _RegEnumKeyEx($KeyName[, $iFlag = 0[, $sFilter = "*"]]) ; Parameters ....: $KeyName - The registry key to read. ; $iFlag - Optional specifies Recursion (add the flags together for multiple operations): ; |$iFlag = 0 (Default) All Key-SubKeys Recursive Mod ; |$iFlag = 1 All SubKeys Not Recursive Mod ; |$iFlag = 2 Include in ArrayList in the first element $KeyName ; |$iFlag = 16 $sFilter do Case-Sensitive matching (By Default $sFilter do Case-Insensitive matching) ; |$iFlag = 32 Disable the return the count in the first element - effectively makes the array 0-based (must use UBound() to get the size in this case). ; By Default the first element ($array[0]) contains the number of strings returned, the remaining elements ($array[1], $array[2], etc.) ; |$iFlag = 64 $sFilter is REGEXP Mod, See Pattern Parameters in StringRegExp ; |$iFlag = 128 Enum value's name (_RegEnumKeyEx Return a 2D array, maximum Array Size limit is 3999744 Key\Value) ; |$iFlag = 256 Reads a value data, this flag will be ignored if the $iFlag = 128 is not set ; $sFilter - Optional the filter to use, default is *. (Multiple filter groups such as "All "*.XXx|*.YYY|*.ZZZ") ; Search the Autoit3 helpfile for the word "WildCards" For details. ; $vFilter - Optional the filter to use for ValueName, $vFilter will be ignored if the $iFlag = 128 is not set ; default is *. (Multiple filter groups such as "All "*.XXx|*.YYY|*.ZZZ") Search the Autoit3 helpfile for the word "WildCards" For details. ; $iValueTypes - Optional, set Value Types to search (Default $iValueTypes = 0 Read All), $iValueTypes will be ignored if the $iFlag = 128 is not set ; (add the flags together for multiple operations): ; 1 = REG_SZ ; 2 = REG_EXPAND_SZ ; 3 = REG_BINARY ; 4 = REG_DWORD ; 5 = REG_DWORD_BIG_ENDIAN ; 6 = REG_LINK ; 7 = REG_MULTI_SZ ; 8 = REG_RESOURCE_LIST ; 9 = REG_FULL_RESOURCE_DESCRIPTOR ; 10 = REG_RESOURCE_REQUIREMENTS_LIST ; 11 = REG_QWORD ; Return values .: Success - Return Array List (See Remarks) ; Failure - @Error ; |1 = Invalid $sFilter ; |2 = No Key-SubKey(s) Found ; |3 = Invalid $vFilter ; |4 = No Value-Name(s) Found ; Author ........: DXRW4E ; Modified.......: ; Remarks .......: The array returned is one-dimensional and is made up as follows: ; $array[0] = Number of Key-SubKeys returned ; $array[1] = 1st Key\SubKeys ; $array[2] = 2nd Key\SubKeys ; $array[3] = 3rd Key\SubKeys ; $array[n] = nth Key\SubKeys ; ; If is set the $iFlag = 128 The array returned is 2D array and is made up as follows: ; $array[0][0] = Number of Key-SubKeys returned ; $array[1][0] = 1st Key\SubKeys ; $array[1][1] = 1st Value name ; $array[1][2] = 1st Value Type (REG_NONE or REG_SZ or REG_EXPAND_SZ ect ect) ; $array[1][3] = 1st Value Data (If is set $iFlag = 256 Else Value Data = "") ; $array[2][0] = 2nd Key\SubKeys ; $array[2][1] = 2nd Value name ; $array[2][2] = 2nd Value Type (REG_NONE or REG_SZ or REG_EXPAND_SZ ect ect) ; $array[2][3] = 2nd Value Data (If is set $iFlag = 256 Else Value Data = "") ; $array[n][0] = nth Key\SubKeys ; Related .......: _RegEnumValEx() ; Link ..........: ; Example .......: _RegEnumKeyEx("HKEY_CURRENT_USER\Software\AutoIt v3") ; Note ..........: ; =================================================================================================================================== Func _RegEnumKeyEx($KeyName, $iFlag = 0, $sFilter = "*", $vFilter = "*", $iValueTypes = 0) If StringRegExp($sFilter, StringReplace("^\s*$|\v|\\|^\||\|\||\|$", Chr(BitAND($iFlag, 64) + 28) & "\|^\||\|\||\|$", "\\\\")) Then Return SetError(1, 0, "") Local $IndexSubKey[101] = [100], $SubKeyName, $BS = "\", $sKeyList, $I = 1, $sKeyFlag = BitAND($iFlag, 1), $sKeyFilter = StringReplace($sFilter, "*", "") If BitAND($iFlag, 2) Then $sKeyList = @LF & $KeyName If Not BitAND($iFlag, 64) Then $sFilter = StringRegExpReplace(BitAND($iFlag, 16) & "(?i)(", "16\(\?\i\)|\d+", "") & StringRegExpReplace(StringRegExpReplace(StringRegExpReplace(StringRegExpReplace($sFilter, "[^*?|]+", "\\Q$0\\E"), "\\E(?=\||$)", "$0\$"), "(?<=^|\|)\\Q", "^$0"), "\*+", ".*") & ")" While $I $IndexSubKey[$I] += 1 $SubKeyName = RegEnumKey($KeyName, $IndexSubKey[$I]) If @error Then $IndexSubKey[$I] = 0 $I -= 1 $KeyName = StringLeft($KeyName, StringInStr($KeyName, "\", 1, -1) - 1) ContinueLoop EndIf If $sKeyFilter Then If StringRegExp($SubKeyName, $sFilter) Then $sKeyList &= @LF & $KeyName & $BS & $SubKeyName Else $sKeyList &= @LF & $KeyName & $BS & $SubKeyName EndIf If $sKeyFlag Then ContinueLoop $I += 1 If $I > $IndexSubKey[0] Then $IndexSubKey[0] += 100 ReDim $IndexSubKey[$IndexSubKey[0] + 1] EndIf $KeyName &= $BS & $SubKeyName WEnd If Not $sKeyList Then Return SetError(2, 0, "") If BitAND($iFlag, 128) <> 128 Then Return StringSplit(StringTrimLeft($sKeyList, 1), @LF, StringReplace(BitAND($iFlag, 32), "32", 2)) $sKeyList = _RegEnumValEx(StringSplit(StringTrimLeft($sKeyList, 1), @LF), $iFlag, $vFilter, $iValueTypes) Return SetError(@Error, 0, $sKeyList) EndFunc ; #FUNCTION# ======================================================================================================================== ; Name...........: _RegEnumValEx ; Description ...: Lists all values in a specified registry key ; Syntax.........: _RegEnumValEx($KeyName[, $iFlag = 0[, $sFilter = "*"]]) ; Parameters ....: $KeyName - The registry key to read Or one-dimensional array RegKeyList ; use _RegEnumKeyEx() to get $RegKeyList (example $RegKeyList = [3, 1st Key\SubKeys, 2st Key\SubKeys, nth Key\SubKeys]) ; |$iFlag = 16 $sFilter do Case-Sensitive matching (By Default $sFilter do Case-Insensitive matching) ; |$iFlag = 32 Disable the return the count in the first element - effectively makes the array 0-based (must use UBound() to get the size in this case). ; By Default the first element ($array[0]) contains the number of strings returned, the remaining elements ($array[1], $array[2], etc.) ; |$iFlag = 64 $sFilter is REGEXP Mod, See Pattern Parameters in StringRegExp ; |$iFlag = 256 Reads a value data ; $sFilter - Optional the filter to use, default is *. (Multiple filter groups such as "All "*.XXx|*.YYY|*.ZZZ") ; Search the Autoit3 helpfile for the word "WildCards" For details. ; $iValueTypes - Optional, set Value Types to search (Default $iValueTypes = 0 Read All) ; (add the flags together for multiple operations): ; 1 = REG_SZ ; 2 = REG_EXPAND_SZ ; 3 = REG_BINARY ; 4 = REG_DWORD ; 5 = REG_DWORD_BIG_ENDIAN ; 6 = REG_LINK ; 7 = REG_MULTI_SZ ; 8 = REG_RESOURCE_LIST ; 9 = REG_FULL_RESOURCE_DESCRIPTOR ; 10 = REG_RESOURCE_REQUIREMENTS_LIST ; 11 = REG_QWORD ; Return values .: Success - Return Array List (See Remarks) ; Failure - @Error ; |3 = Invalid $sFilter ; |4 = No Value-Name(s) Found ; Author ........: DXRW4E ; Modified.......: ; Remarks .......: The array returned is 2D array and is made up as follows: ; $array[0][0] = Number of Key-SubKeys returned ; $array[1][0] = 1st Key\SubKeys ; $array[1][1] = 1st Value name ; $array[1][2] = 1st Value Type (REG_NONE or REG_SZ or REG_EXPAND_SZ ect ect) ; $array[1][3] = 1st Value Data (If is set $iFlag = 256 Else Value Data = "") ; $array[2][0] = 2nd Key\SubKeys ; $array[2][1] = 2nd Value name ; $array[2][2] = 2nd Value Type (REG_NONE or REG_SZ or REG_EXPAND_SZ ect ect) ; $array[2][3] = 2nd Value Data (If is set $iFlag = 256 Else Value Data = "") ; $array[n][0] = nth Key\SubKeys ; Related .......: _RegEnumKeyEx() ; Link ..........: ; Example .......: _RegEnumValEx("HKEY_CURRENT_USER\Software\AutoIt v3") ; Note ..........: ; =================================================================================================================================== Func _RegEnumValEx($aKeyList, $iFlag = 0, $sFilter = "*", $iValueTypes = 0) If StringRegExp($sFilter, "\v") Then Return SetError(3, 0, "") If Not IsArray($aKeyList) Then $aKeyList = StringSplit($aKeyList, @LF) Local $aKeyValList[1954][4], $iKeyVal = Int(BitAND($iFlag, 32) = 0), $sKeyVal = 1953, $sRegEnumVal, $iRegEnumVal, $RegRead = BitAND($iFlag, 256), $vFilter = StringReplace($sFilter, "*", "") If Not BitAND($iFlag, 64) Then $sFilter = StringRegExpReplace(BitAND($iFlag, 16) & "(?i)(", "16\(\?\i\)|\d+", "") & StringRegExpReplace(StringRegExpReplace(StringRegExpReplace(StringRegExpReplace($sFilter, "[^*?|]+", "\\Q$0\\E"), "\\E(?=\||$)", "$0\$"), "(?<=^|\|)\\Q", "^$0"), "\*+", ".*") & ")" For $i = 1 To $aKeyList[0] $iRegEnumVal = 0 While 1 If $iKeyVal = $sKeyVal Then If $sKeyVal = 3999744 Then ExitLoop $sKeyVal *= 2 ReDim $aKeyValList[$sKeyVal + 1][4] EndIf $aKeyValList[$iKeyVal][0] = $aKeyList[$i] $iRegEnumVal += 1 $sRegEnumVal = RegEnumVal($aKeyList[$i], $iRegEnumVal) If @Error <> 0 Then If $iRegEnumVal = 1 And $vFilter = "" Then $iKeyVal += 1 ExitLoop EndIf $aKeyValList[$iKeyVal][2] = $sValueTypes[@Extended] If BitAND(@Extended, $iValueTypes) <> $iValueTypes Then ContinueLoop If $vFilter And Not StringRegExp($sRegEnumVal, $sFilter) Then ContinueLoop $aKeyValList[$iKeyVal][1] = $sRegEnumVal If $RegRead Then $aKeyValList[$iKeyVal][3] = RegRead($aKeyList[$i], $sRegEnumVal) $iKeyVal += 1 WEnd Next $sRegEnumVal = $iKeyVal - Int(BitAND($iFlag, 32) = 0) If Not $sRegEnumVal Or ($sRegEnumVal = 1 And $vFilter = "" And $aKeyValList[$iKeyVal - $sRegEnumVal][2] = "") Then Return SetError(4, 0, "") ReDim $aKeyValList[$iKeyVal][4] If Not BitAND($iFlag, 32) Then $aKeyValList[0][0] = $iKeyVal - 1 Return $aKeyValList EndFunc Thanks.
       
×