Sign in to follow this  
Followers 0
oleg

Critical Security Question

26 posts in this topic

Can some developers tell me if they are aware of utility that allows decrypting autoit exe files to source ?


There is a hex ( 31303030303030 ) reasons i love AutoIt !

Share this post


Link to post
Share on other sites



"Exe2Aut.exe"

in your <autoit dir>\extras\Exe2Aut

~cdkid


AutoIt Console written in C#. Write au3 code right at the console :D_FileWriteToLineWrite to a specific line in a file.My UDF Libraries: MySQL UDF Library version 1.6 MySQL Database UDF's for AutoItI have stopped updating the MySQL thread above, all future updates will be on my SVN. The svn location is:kan2.sytes.net/publicsvn/mysqlnote: This will still be available, but due to my new job, and school hours, am no longer developing this udf.My business: www.hirethebrain.com Hire The Brain HireTheBrain.com Computer Consulting, Design, Assembly and RepairOh no! I've commited Scriptocide!

Share this post


Link to post
Share on other sites

Can some developers tell me if they are aware of utility that allows decrypting autoit exe files to source ?

everyone is aware of it. check out Smoke_N's EncodeIt in scripts and scraps if you'd like to add another layer of protection for your scripts that you wish to distribute.

1100111 00001011101111 00011101101111 00010111100100 00001111110100 00110111110010 00101101111001 0011100i didn't make up this form of encryption, but i like it.credit to the lvl 6 challenge on arcanum.co.nz

Share this post


Link to post
Share on other sites

#4 ·  Posted (edited)

@cdkid

I mean a modified version of this executable

everyone is aware of it. check out Smoke_N's EncodeIt in scripts and scraps if you'd like to add another layer of protection for your scripts that you wish to distribute.

The funny thing that this utiilty dont work if exe compiled with latest version of autoit ? What chenged ?

Is there another way to protect the executable ?

Edited by oleg

There is a hex ( 31303030303030 ) reasons i love AutoIt !

Share this post


Link to post
Share on other sites

Yes, there are modified versions of Aut2Exe that doesn't require a valid password.

This has been brought up a couple of times, so it's obviously a problem..

Share this post


Link to post
Share on other sites

@cdkid

I mean a modified version of this executable

The funny thing that this utiilty dont work if exe compiled with latest version of autoit ? What chenged ?

Is there another way to protect the executable ?

use encodeit on the source, then compile. i've not had any issues with EncodeIt yet, but i know there are issues if you use Assign() or Eval() i think...

1100111 00001011101111 00011101101111 00010111100100 00001111110100 00110111110010 00101101111001 0011100i didn't make up this form of encryption, but i like it.credit to the lvl 6 challenge on arcanum.co.nz

Share this post


Link to post
Share on other sites

use encodeit on the source, then compile. i've not had any issues with EncodeIt yet, but i know there are issues if you use Assign() or Eval() i think...

The question is the EncodeIt is the only solution can anything else be done ? Devs ?

I knew about this security issiue from the first autoit script i wrote but i didnt realise that there was an executable that could actually do the job for somebody that dont know nothing about programming at all :)


There is a hex ( 31303030303030 ) reasons i love AutoIt !

Share this post


Link to post
Share on other sites

The question is the EncodeIt is the only solution can anything else be done ? Devs ?

I knew about this security issiue from the first autoit script i wrote but i didnt realise that there was an executable that could actually do the job for somebody that dont know nothing about programming at all :)

you could look back through the forum, and see the other old threads about this same thing. it really isn't the dev's responsibility to protect YOUR code. if you're unhappy with the current options available, you could always do as smoke did, and make another option. to me, the coolest part of being a programmer is that you are never limited in what you can do, except by your own motivation and imagination. which are you lacking in?

1100111 00001011101111 00011101101111 00010111100100 00001111110100 00110111110010 00101101111001 0011100i didn't make up this form of encryption, but i like it.credit to the lvl 6 challenge on arcanum.co.nz

Share this post


Link to post
Share on other sites

I guess i will have to use Smokes Encode it or create some of my own :) But really why did it stopped functioning with latest version something changed ?


There is a hex ( 31303030303030 ) reasons i love AutoIt !

Share this post


Link to post
Share on other sites

I guess i will have to use Smokes Encode it or create some of my own :) But really why did it stopped functioning with latest version something changed ?

i hadn't heard anythign about it. what exactly isn't working?

1100111 00001011101111 00011101101111 00010111100100 00001111110100 00110111110010 00101101111001 0011100i didn't make up this form of encryption, but i like it.credit to the lvl 6 challenge on arcanum.co.nz

Share this post


Link to post
Share on other sites

I guess i will have to use Smokes Encode it or create some of my own :) But really why did it stopped functioning with latest version something changed ?

It works fine with Beta v3.1.1.116 released 26 March 2006

Share this post


Link to post
Share on other sites

"Exe2Aut.exe"

in your <autoit dir>\extras\Exe2Aut

~cdkid

Hmm...

Can it decompile when you compile with Allow decompilation option unchecked in Aut2Exe program?

Share this post


Link to post
Share on other sites

Hmm...

Can it decompile when you compile with Allow decompilation option unchecked in Aut2Exe program?

First of all we talking about the Hacked Autoit decompiler and its not working with latest beta so the question was - is something changed or security improved ?


There is a hex ( 31303030303030 ) reasons i love AutoIt !

Share this post


Link to post
Share on other sites

lol, I just caught on... he's not worried about HIS code, he wants his hands on someone else's :)


[u]Helpful tips:[/u]If you want better answers to your questions, take the time to reproduce your issue in a small "stand alone" example script whenever possible. Also, make sure you tell us 1) what you tried, 2) what you expected to happen, and 3) what happened instead.[u]Useful links:[/u]BrettF's update to LxP's "How to AutoIt" pdfValuater's Autoit 1-2-3 Download page for the latest versions of Autoit and SciTE[quote]<glyph> For example - if you came in here asking "how do I use a jackhammer" we might ask "why do you need to use a jackhammer"<glyph> If the answer to the latter question is "to knock my grandmother's head off to let out the evil spirits that gave her cancer", then maybe the problem is actually unrelated to jackhammers[/quote]

Share this post


Link to post
Share on other sites

First of all we talking about the Hacked Autoit decompiler and its not working with latest beta so the question was - is something changed or security improved ?

I see...

Share this post


Link to post
Share on other sites

I see...

Look at my first post please before you state something like this.


There is a hex ( 31303030303030 ) reasons i love AutoIt !

Share this post


Link to post
Share on other sites

[center]Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.[/center]

Share this post


Link to post
Share on other sites

So this means that for now on there is no hacked decompiler for autoit and its safe to use it ? What is your personal vew Smoke should the source be encrypted ?

Thanks :)


There is a hex ( 31303030303030 ) reasons i love AutoIt !

Share this post


Link to post
Share on other sites

So this means that for now on there is no hacked decompiler for autoit and its safe to use it ? What is your personal vew Smoke should the source be encrypted ?

Thanks :)

Someone could always make another, so If you can encode your script without loss of speed or functionality, IMHO... it's always the safest bet... until the devs have the time to make a different type of compiler that has been discussed in some detail in the chat forum I believe at one time.

[center]Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.[/center]

Share this post


Link to post
Share on other sites

Someone could always make another

Guess you right .....Downloading Encode It :) Thanks

But really is it so hard to create a standard protection for autoit that wouldnt be cracked easily ?


There is a hex ( 31303030303030 ) reasons i love AutoIt !

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0