Sign in to follow this  
Followers 0
blitzer99

Security exposure in AutoIt3?

10 posts in this topic

Please don't get me wrong here. I think AutoIt is an excellent product and I am now using it a lot. But I have a problem with a security exposure I have found.

I want to distribute my AutoIt scripts for others to use. However the last thing I want others to do is pull all my scripts apart and try and figure out how they work. OK, with some of my scripts I don't really mind, but there are other scripts that I would just like to keep under wraps. Maybe others do this when they write mail too, they only want the intended recipient to see it, not the rest of the world.

I know I can put passwords on my AutoIt scripts (I hope this is secure enough, but that's another matter.) So I will be doing this before I distrubute my AutoIt executable files. But I note in my testing of scripts that a complete copy of the script source is present as an .au2 file in my Windows temporay folder, sometimes (under circumstances I cannot yet figure out) the source is there as an .au1 and .au0 file as well.

For example, if I create an AutoIt script and name it "myscript.au3", I can compile and run it. I am using Windows XP Pro. If after running this script I look in the folder "c:\documents and settings\<UserLogonID>\Local Settings\temp" I will find a complete copy of my myscript.au3 source stored there as myscript.au2! :ph34r:

What measures have others used to prevent this occurring?


Computers don't solve problems, they just rearrange them.New string TRIM() functions for AutoIt3

Share this post


Link to post
Share on other sites



Sounds like a text editor making incremental backups to me. What editor do you use?

AutoIt is not doing this. The script is never dumped out to a file when run, it's all done in-memory.

Share this post


Link to post
Share on other sites

I use Ultra Edit 10.20+. It's possible but I have never used it with a previous version of AutoIt prior to version 3 and I cannot see how it would know about au2, au1 and au0 files. Besides, the comments that I place at the start of my script containing version control stuff (author, date, record of changes by date etc.) have all been stripped off and this would lead me to suspect AutoIt and not my editor. I could be wrong but ...


Computers don't solve problems, they just rearrange them.New string TRIM() functions for AutoIt3

Share this post


Link to post
Share on other sites

I have just had a thought. Could it possibly be the AutoIt3 compiler placing these files in the temp folder?


Computers don't solve problems, they just rearrange them.New string TRIM() functions for AutoIt3

Share this post


Link to post
Share on other sites

I do not have any such files, nor have I ever noticed any existing before.

I doubt it's the compiler. I think Aut2Exe reads the script from the source file into memory, then does stripping there before encoding/compressing the final "compiled" executable. I don't think any temporaries are ever created. Jon would be the one with the definitive answer on this, though.

Share this post


Link to post
Share on other sites

I have spent some time running some more comprehensive tests, just to make sure. So far it does not look like there is anything at fault with AutoIt. There is a file with an "au0" extension in the temp folder, but this has come from UltraEdit [i wish it would tidy up after itself. Its choice of extension names is unfortunate.]

No sign of any other files so far and I have done a few more AutoIt compiles and runs.


Computers don't solve problems, they just rearrange them.New string TRIM() functions for AutoIt3

Share this post


Link to post
Share on other sites

When a compiled script runs the script is extracted in memory - a copy is never made on the disk.

When the compiler compiles a script a file called autxxx.tmp will be created in the temp directory and deleted when the compile finishes.

Hope that helps.

Share this post


Link to post
Share on other sites

Hi blitzer99

With SYSINTERNALS Filemon you can easily check out what Programm produces files on your harddrive.

Filemon v6.1

There are more great tools for monitoring (e.g. Regmon) and they are all free.

arctor

Share this post


Link to post
Share on other sites

Hi, thanks. Yes I did that. FileMon's pretty cool. I keep a lookout for anything untoward.


Computers don't solve problems, they just rearrange them.New string TRIM() functions for AutoIt3

Share this post


Link to post
Share on other sites

i know for a fact Ultra Edit creates temp files dealing with undos. also if you are using some sorta syntax checking that Ultra Edit uses it could be doing that also. try using something other than ultra edit to make a script and run. see if it leave temp then.


 

Spoiler

shoot_zpsfd329d66.png
dontbelieveeverythingyouthink_zps0e1e900

Madness is the first step to understanding...

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0