Obfuscator (discontinued)

[SergUlvis]

>"C:\Program Files (x86)\AutoIt3\SciTE\AutoIt3Wrapper\AutoIt3Wrapper.exe" /ShowGui /in "D:\link.au3"
+>23:08:00 Starting AutoIt3Wrapper v.2.1.3.0 SciTE v.3.3.6.0 ;  Keyboard:00000409  OS:WIN_7/Service Pack 1  CPU:X64 OS:X64    Environment(Language:0409  Keyboard:00000409  OS:WIN_7/Service Pack 1  CPU:X64 OS:X64)
-> No changes made..
>Running Tidy (2.4.0.0)  from:C:\Program Files (x86)\AutoIt3\SciTE\tidy
+>23:08:03 Tidy ended.rc:0
>Running AU3Check (1.54.22.0)  from:C:\Program Files (x86)\AutoIt3
+>23:08:03 AU3Check ended.rc:0
>Running Obfuscator (1.0.31.0)  from:C:\Program Files (x86)\AutoIt3\SciTE\Obfuscator cmdline:
- Iteration 1 Strip Functions result: Output  1062 lines and stripped 1036 lines
- Iteration 2 Strip Variables result: Output  953 lines and stripped 109 lines
- Iteration 3 Strip Variables result: Output  952 lines and stripped 1 lines
- Iteration 4 Start the actual Obfuscation.
+> Source    3861 lines 133646 Characters.
+> Stripped  1146 Func/Var lines and  1756 comment lines, Total 72560 Characters.
+> Saved     75% lines 54% Characters.
+> Obfuscator v1.0.31.0 finished obfuscating 1103 lines, created:D:\link_Obfuscated.au3
>Running AU3Check for obfuscated file(1.54.22.0)  from:C:\Program Files (x86)\AutoIt3
+>23:08:04 AU3Check Obfuscated code ended.rc:0
>Running:(3.3.8.1):C:\Program Files (x86)\AutoIt3\aut2exe\aut2exe.exe  /in "D:\link_Obfuscated.au3" /out "C:\Users\Admin\~AU3utdhunq.exe" /nopack /comp 0
+>23:08:05 Aut2exe.exe ended.C:\Users\Admin\~AU3utdhunq.exe. rc:0
>23:08:05 Performing the Program Resource Update steps:
...>Setting Program Compatibility Manifest information to Vista.
...>Setting Program Compatibility Manifest information to Windows7
...>Updating Program Manifest information.
>23:08:05 Program Resource updating finished successfully.
+>23:08:05 Created program:D:\link.exe
>Running:(3.3.8.1):C:\Program Files (x86)\AutoIt3\aut2exe\aut2exe.exe  /in "D:\link_Obfuscated.au3" /out "C:\Users\Admin\~AU3utdhunq.exe" /nopack /comp 0 /x64
+>23:08:06 Aut2exe.exe ended.C:\Users\Admin\~AU3utdhunq.exe. rc:0
>23:08:06 Performing the Program Resource Update steps:
...>Setting Program ExecutionLevel Manifest information to asInvoker
...>Setting Program Compatibility Manifest information to Vista.
...>Setting Program Compatibility Manifest information to Windows7
...>Updating Program Manifest information.
>23:08:06 Program Resource updating finished successfully.
+>23:08:06 Created program:D:\link_x64.exe
>Exit code: 0    Time: 7.001

[Jos]

Are you getting the error on both the x86 and the x64 compiled scripts?

What happens when you do not Obfuscate the source but leave the rest of the setting the same?

Jos

[SergUlvis]

>>Are you getting the error on both the x86 and the x64 compiled scripts?

 

yes

 

>>What happens when you do not Obfuscate the source but leave the rest of the setting the same?

without obfuscating - run & nice work both

with obfuscating - run & nice work both when #Obfuscator_Parameters=/cs 0 /cn 0 /cv 1 /cf 1 /sf 1 /sv 1 - diff is: /cs 0 /cn 0

with obfuscating #Obfuscator_Parameters=/cs 1 or /cn 1 - no one works

[SergUlvis]

but i need /cs 1 /cn 1 ...

[Jos]

You have no idea where that error is coming from in your script?

Only way i can help is when you send me the original script, obfuscator.log and obfuscated source so i can have a look.

Jos

[SergUlvis]

>> You have no idea where that error is coming from in your script?

i don`t think there is error in script: obfuscated with /cs 1 /cn 1 code runs by F5 from SciTe normally, something happens in compilation moment

>>Only way i can help is when you send me the original script, obfuscator.log and obfuscated source so i can have a look.

may be obfuscated source and obfuscator.log will be enough for the first time? it can be compiled   

[Jos]

Nope, only other thing i can think of is that your antivirus is messing with the compiled script.

Jos

Edited November 25, 2013 by Jos

[SergUlvis]

In fact, it`s disabled because if not - then compiling isn`t succesfull. But it`s active (installed, loaded but disabled from within).

I`ll try to compile obfuscated on virtual machine without antivirus. Thanks for idea!

[Guest]

Hello,

I want to obfuscate a script with a specific settings.

Description of what i want

Let's say I have this code:

Global $SomeVariable = 1

If $SomeVariable = 1 Then
    SomeFunction($SomeVariable)
EndIf


Func SomeFunction($Variable)
    ConsoleWrite($Variable&@CRLF)
EndFunc

The Output that i want to get in this case is:

Global $CSFECWEEFSXF = Number("0xXDEFSDFEFSDFWEF................") ; Global $SomeVariable = 1

If $CSFECWEEFSXF = Number("0xXDEFSDFEFSDFWEF................") Then ; If $SomeVariable = 1 Then
    XS254WFEXDWF($CSFECWEEFSXF) ;     SomeFunction($SomeVariable)
EndIf ; EndIf


Func XS254WFEXDWF($24DXWFES458G) ; Func SomeFunction($Variable)
    ConsoleWrite($24DXWFES458G&@CRLF) ; ConsoleWrite($Variable&@CRLF)
EndFunc ; EndFunc

I want to obfuscate the script and get franslate for each line like in the example.

so i will able to edit obfuscated script..

i need it for a step that i will do before the encryption with title="CodeCrypter - Encrypt your Script - started 19 October 2013 - 10:02 PM">CodeCrypter

first i need to obfuscate the script and then i need to encrypt the script.

in the final stage i will have to edit the encrypted script(Replace few encrypted lines with unencrypted lines to reduce CPU use)

do this i need to know what im doing.. so i need to know what the original name of each function and variable.
This way I can redefine variables and change functions ..

doing encryption before obfuscate is not a good option because the obfuscate process will obfuscate  the encrypted lines without the need(Because they are not readable anyway) and and worse, this will give a way to see the original name of the variables...

 

Thanks for helpers!

Edited December 24, 2013 by Guest

[BrewManNH]

Why exactly do you want to obfuscate the variable names but leave the structure of the code in plaintext? That completely removes any need to obfuscate in the first place. No one cares what the variable names were, they'd be after the code structure, meaning they want to know how you did it, not what you named it.

[Jos]

All required info is in the Obfuscator.log so wish you luck in your quest, but don't look at me to change anything.

Jos 

[Guest]

Why exactly do you want to obfuscate the variable names but leave the structure of the code in plaintext? That completely removes any need to obfuscate in the first place. No one cares what the variable names were, they'd be after the code structure, meaning they want to know how you did it, not what you named it.

this translation will be removed in the final stage.. i need the translation only when i need to replace encrypted lines with un-encrypted lines (but still obfuscated and unreadable). and because the  un-encrypted lines are unreadable, i need to know what im doing.

and this is why i need the translation..

the translation will remove after i will finish the job.

i hope you understand now.

 

EDIT:

All required info is in the Obfuscator.log so wish you luck in your quest, but don't look at me to change anything.

Jos 

ok..

I thought there might be such an option.

Do not you think it a good idea?

I would love if you would consider adding that option ..

Meanwhile, I'll use your suggestion ..

Edited December 24, 2013 by Guest

[AZJIO]

As you look at the fact that local variables within each function to start with $a

[Guest]

I have a question,

i have a script with more then 7500 lines and i tryed to obfuscated the script with your tool.

then i looked into the obfuscated script and i sow that  it looks more complicated then assembler code and it is not readable and it is more then 30000 lines instead of about 7500 lines..

and It's not the end of the good news.

when i tried to decompile the script with E*****t ( i don't want to say the full name because it's illegal) then the decompile tool was crashed!

i tried it again and again with the new version of that tool and and the result is the same always.

so do i still have a good reasons to increase security?

This is a stupid question but I need an answer because I do not understand enough about security to answer the question myself ..

 

 

I hope by now it is clear that the last question is a clear NO unless you do not use the code that contains the Call or Execute statements.

Jos

 

Really?

i have a security technique in my head but This applies only if i can say to obfuscator to ignore from the function Execute and Each string and function is inside the Execute(*) .

 

can i do this? if so the please tell me how to do it.

 

the technique is

1) i will create a few security checks in number of regions in the script

 which check if the script is compiled and not modified(check if the exe was modified..)

2) I'll encrypt+obfuscate the script using CodeCrypter.

this way - E*****t and the haker will not able to identify the security checks that using the macro @Compiled.

Because this macro and all other part of the security checks will be written as something like this:

This is an ingenious way to hide the security checks parts!

 

3) i will test the script and fix bugs.

4) i will Obfuscate the script again but this time with the obfuscator tool and this is just to cause E*****t to crash.

but in this step i need to do this with the settings that i asked for:

say to obfuscator to ignore from the function Execute and Each string is inside the Execute(*) .

 

so if i can do this then it will be excellent!

Edited December 26, 2013 by Guest

[Melba23]

All,

See here for the split-off posts from "discussion" following gil900's open admission that he used a decompiler.

M23

[Jos]

@Gill900,

All I will say is the Obfuscator doesn't make your script source safe ... but you knew that already because it's only said already about a zillion time in this thread.

The rest I am not even going to try to understand or explain as it looks like you lack some basic understand of how things work.

Please do not pollute this thread any further.

Jos

[Jos]

Read: