Sign in to follow this  
Followers 0
BZU

Obfuscator doesn't make your source safe!

7 posts in this topic

hi,

http://www.autoitscript.com/autoit3/scite/...uscator_doc.htm

anyone please tell me how can i make my autoit script not able to be decomiled or detected as autoit script.

is autoit safe or not ?

autoit is not safe because i have a friend who can decompile autoit files to scripts (both included Obfuscated)

so........ can anyone tell me what to do now.


OS: Windows XP SP2, AutoIt version: 3.2.10.0Help The Great Forum Which is Used by You For Help.01 - Always Respect The Forum Members.02 - Use Search Before Posting or making any new Thread.03 - Help The Newbies.

Share this post


Link to post
Share on other sites



as far as i know , Obfuscator is the only solution to protect your script, there's no way to completely prevent someone decompile it ...

search on the forum, i've read 4 or 5 similar topic recently


[quote]Don't expect for a perfect life ... Expect a least troubles ones[/quote]Contact me : ass@kiss.toWhat I Have Done :Favorites Manager Mangage your favorite's folder, that's coolPC Waker For those who want to save stickersWebScipts Supporter For those who've just started with Web and WebScriptsTemporary Looker Simple but powerful to manage your Temporary folder, you know what you downloaded[UDF] _NumberFormat() Better performance on number display[UDF] _DirGet() What a folder contain [how many (hidden,normal,...) files], with one line of code[UDF] _IsPressEs() Just like _IsPress() but for a group of keys

Share this post


Link to post
Share on other sites

AutoIt doesn't come packed with a decompiler any more. This means someone would have to right a decompiler to decompile your scripts, and without knowing how AutoIt is compiled would make this an extremely difficult task.

Share this post


Link to post
Share on other sites

AutoIt doesn't come packed with a decompiler any more. This means someone would have to right a decompiler to decompile your scripts, and without knowing how AutoIt is compiled would make this an extremely difficult task.

Such decompilers still exist. AutoIt is not, and is not intended to be, a bit locker for your sooper seekrits. The obsfucator/packer in AutoIt is sufficient to deter casual viewing of the code, nothing more. If you must have better security than that, seek a different language to code in. Even if AutoIt could be completely secure in its packing, it would still be as vulnerable as any other app to direct access of its memory space on the computer. Simply don't put things (i.e. passwords) in your scripts and expect them to be secure.

:)


Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law

Share this post


Link to post
Share on other sites

Such decompilers still exist. AutoIt is not, and is not intended to be, a bit locker for your sooper seekrits. The obsfucator/packer in AutoIt is sufficient to deter casual viewing of the code, nothing more. If you must have better security than that, seek a different language to code in. Even if AutoIt could be completely secure in its packing, it would still be as vulnerable as any other app to direct access of its memory space on the computer. Simply don't put things (i.e. passwords) in your scripts and expect them to be secure.

:)

Speaking of passwords, what is the praxis on passwords and software, is it to save the password in a encrypted text file (still need to save the passkey in the code) or have the program generate the password with a lot of loops and maths?


Broken link? PM me and I'll send you the file!

Share this post


Link to post
Share on other sites

Speaking of passwords, what is the praxis on passwords and software, is it to save the password in a encrypted text file (still need to save the passkey in the code) or have the program generate the password with a lot of loops and maths?

Better to save a hash of the password, then when the user enters their password, conduct the hash on the entry and see if they match.

P.S. Praxis is now my new word of the day. Had to look it up.


Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0