Sign in to follow this  
Followers 0
RaukGorth

Script code security

7 posts in this topic

Hi all.

How can I make my scripts more resistant to decompiling.

I noticed that script show source code on error. That means that whole source must be included in .exe in text form making it very easy to crack my security / password check.

Also some people are telling me that they already cracked my autoit scripts, but they don't want to release it in public.

Share this post


Link to post
Share on other sites



check out EnCodeIt in my signature if (If it's not a big file at the moment... It seems to be a tad out of shape for huge files).


[center]Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.[/center]

Share this post


Link to post
Share on other sites

Is 1600 lines of code too big already? I belive it will grow to ~3000 lines of code or even more.

Share this post


Link to post
Share on other sites

I'm working on fixing some of the issues. I'm pretty sure with tonedeafs explinations of what was happening to him that I have narrowed down alot of specific issues. But, there is no set time I'll finish it, as this was for helping people like you that have concerns, not putting food on the table :lmao:.

All I can say, is try it, run it, test it... see if it's sound. If you have IsDeclared()/Eval() in your script, I'm pretty sure it will fail.


[center]Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.[/center]

Share this post


Link to post
Share on other sites

Are there are other options to improve security of my .exe scripts?

Share this post


Link to post
Share on other sites

I am not sure this would help, but it may be what you are looking for to make you scripts just a whee bit more secure.

AxCrypt

So long as it doesnt give you direct access to the file then you are good to go. I am pretty certain you can create it where there is no direct access to a file.

JS


AutoIt Links

File-String Hash Plugin Updated! 04-02-2008 Plugins have been discontinued. I just found out.

ComputerGetInfo UDF's Updated! 11-23-2006

External Links

Vortex Revolutions Engineer / Inventor (Web, Desktop, and Mobile Applications, Hardware Gizmos, Consulting, and more)

Share this post


Link to post
Share on other sites

Are there are other options to improve security of my .exe scripts?

EncodeIt, that smoke made and mentioned, is an awesome tool you should look into. it is for cluttering up your code before compiling, and it does a very good job of obscuring your code from most. Just make sure you don't have any functions being used that refer to variable names as strings, ie Assign(), Eval(), IsDeclared(), and you can be sure ahead of time that you won't experience the issues he's working on right now. It really is impossible to completely secure your code from determined outsiders if they know what they're doing. While there are some on this forum that could reverse the encoded script, luckily we have a great group here, and most of the ones that could, wouldn't. That can be said about programs written in any language though. If someone has an executable program on their system, where they can freely control the memory, your program can be made to do their bidding, even if the source is not openly viewable. I would say to try smoke's script and see if you're happy with the protection that it offers. you should still of course compile the obfuscated code with a password, and possibly consider using another packager that isn't freeware (not complaining about UPX, but anyone can download it and just UPX -d Yourscript.exe), but those are just more layers of protection, and really only offer superficial protection at best from the people you'd really want to hide your stuff from.

1100111 00001011101111 00011101101111 00010111100100 00001111110100 00110111110010 00101101111001 0011100i didn't make up this form of encryption, but i like it.credit to the lvl 6 challenge on arcanum.co.nz

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0