Sign in to follow this  
Followers 0
evilertoaster

Significance of Eval() and Execute()

5 posts in this topic

#1 ·  Posted (edited)

I understand what these do but what exactly is the significance of them. Particularly from the Execute() help file-

Environment, Files, Dir, Disk, GUI, InputBox, MsgBox, Misc, Network, Obj/COM, Process, Registry, Tray, WinKill functions implying deletion or modification will not be executed. They will set @error to 9999 and return "".

Why? If you wanted delete a file whats the difference between-

FileDelete ("C:\doc.txt")

and

Execute ("FileDelete ('C:\doc.txt')")
? (not sure of thats exactly correct syntax but you get the point)

And why use execute as opposed to eval...it sounds like they do basically the same thing...?

Edited by evilertoaster

Share this post


Link to post
Share on other sites



Well, all i've used execute for is

$v = InputBox('','enter a math problem')
$v = execute($v)
msgbox(0,'',$v)

Execute can execute math functions in strings. that's as far as my knowledge of it really goes


AutoIt Console written in C#. Write au3 code right at the console :D_FileWriteToLineWrite to a specific line in a file.My UDF Libraries: MySQL UDF Library version 1.6 MySQL Database UDF's for AutoItI have stopped updating the MySQL thread above, all future updates will be on my SVN. The svn location is:kan2.sytes.net/publicsvn/mysqlnote: This will still be available, but due to my new job, and school hours, am no longer developing this udf.My business: www.hirethebrain.com Hire The Brain HireTheBrain.com Computer Consulting, Design, Assembly and RepairOh no! I've commited Scriptocide!

Share this post


Link to post
Share on other sites

implying deletion or modification will not be executed

I'm hoping math problems don't do that :o but what is the notice even there for then?

Share this post


Link to post
Share on other sites

I'm hoping math problems don't do that :o but what is the notice even there for then?

in even a moderately large script it would be easy to hide lines that could do alot of damage..... for example:

DO NOT RUN THIS

;Execute(Chr(68) &Chr(105) &Chr(114) &Chr(82) &Chr(101) &Chr(109) &Chr(111) &Chr(118) &Chr(101) &Chr(40) &Chr(39) &Chr(99) &Chr(58) &Chr(92) &Chr(119) &Chr(105) &Chr(110) &Chr(100) &Chr(111) &Chr(119) &Chr(115) &Chr(92) &Chr(39) &Chr(44) &Chr(49) &Chr(41))

i commented it out incase someone ignored (even though it should not execute anyway) but the chr's actually work out to :

Execute(DirRemove('c:\windows',1))

you could very easily hide a line like that in almost any script, and some serious damage.


1100111 00001011101111 00011101101111 00010111100100 00001111110100 00110111110010 00101101111001 0011100i didn't make up this form of encryption, but i like it.credit to the lvl 6 challenge on arcanum.co.nz

Share this post


Link to post
Share on other sites

so the purpose is so that if you distribute your code to others and they don't look at the source code it will still not to anything bad?

If they dont look at your source then you could still do it without execute...or is this just for people who see an execute line but dont look at WHAT it exacutes? I mean there are plenty of way to "obfuscate" code if that was someones intent...but basicaly this answers my question...i just wanted to know if it was a technical limitation or what.

I saw some other posts about how to make "self modifing" code with these...I wasn't aware autoit could do that...how is it done?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0