Jump to content

.exe packers [like UPX]

Armand
 Share

Recommended Posts

  • Moderators
SmOke_N Universalist

SmOke_N

Posted
  • Moderators
Posted (edited)

thats a shame...

Soo there's no way to make a script so the decomlie will not to work...

Well, sure there are.

- You could write your own compression algorithm.

- You could write a wrapper in a lower level language that compiles to machine code and launches your scripts/exe's.

- You could use themida as suggested (I've only been told it works, haven't tested it for myself).

All is not lost, but it's going to be up to you the users to find a way that works best for you until something built in comes along.

Edited by SmOke_N

Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.

Link to comment
Share on other sites
Mobius Universalist

Mobius

Posted
Posted

I would like to request permission in advance to anyone in the AutoIt3 Team

If I may suggest a clean and simple method that tripped up the current version

of the hacked Decompiler I am testing. 2.3build(8.1)

I know you guy's are probably sick of the sight of this & related topics, and who

could blame you given what I have read on some downright bloody ungrateful

threads! :P . I completely understand.

Or can I ask fellow members what version of the HD they are testing so I can test

this method against those as well?

This information is probably no use to anyone anyway as the Dev team are planning

something for the future. But this method is quite quirky, not complicated and uses

3 tools/components common to and respected by AutoIt users.

Don't get me wrong, This is as simple to counter as it is to implement, just saying it

stopped the version I was testing.

:P

wtfpl-badge-1.png

Link to comment
Share on other sites
  • Moderators
SmOke_N Universalist

SmOke_N

Posted
  • Moderators
Posted

I would like to request permission in advance to anyone in the AutoIt3 Team

If I may suggest a clean and simple method that tripped up the current version

of the hacked Decompiler I am testing. 2.3build(8.1)

I know you guy's are probably sick of the sight of this & related topics, and who

could blame you given what I have read on some downright bloody ungrateful

threads! :P . I completely understand.

Or can I ask fellow members what version of the HD they are testing so I can test

this method against those as well?

This information is probably no use to anyone anyway as the Dev team are planning

something for the future. But this method is quite quirky, not complicated and uses

3 tools/components common to and respected by AutoIt users.

Don't get me wrong, This is as simple to counter as it is to implement, just saying it

stopped the version I was testing.

:P

Unfortunately, anything you publicly post is probably going to get picked up by them. And you have no idea who is really PMing you for the information as well (is it someone that wants the decompiler to keep working, or is it really someone that is looking for a method to stop it).

I would suggest, if it's an internal method, to PM the Devs yourself really with the information.

Just FYI, Jon did in fact try to implement something a while back that stopped the last decompiler, but alas... it was a not too sweet a victory.

I'd be interested of course to see what you came up with, but again, I'd suggest not posting it in an open forum.

Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.

Link to comment
Share on other sites
Mobius Universalist

Mobius

Posted
Posted (edited)

I agree & Thank's SmOke_N.

Sorry no it's not implemented internally through AutoIt, Just something applied to the Stub?

Its just a mad experiment that worked somehow!?! Stub :: Yay - HD :: Nay, If you take my meaning.

Need to think on this, do more tests, see if other user's have different builds or Hybrids.

Unfortunately Still quite easy to retrieve With little knowledge just not directly with the Decompiler.

Tried Full settings of the decompiler before posting just to make sure.

Ed :: dodgy typing.

Edited by Mobius

wtfpl-badge-1.png

Link to comment
Share on other sites
Oldschool Universalist

Oldschool

Posted
Posted

Well, sure there are.

- You could write your own compression algorithm.

- You could write a wrapper in a lower level language that compiles to machine code and launches your scripts/exe's.

- You could use themida as suggested (I've only been told it works, haven't tested it for myself).

All is not lost, but it's going to be up to you the users to find a way that works best for you until something built in comes along.

Armadillo is an option, although expensive...not to mention ExeCryptor that has a 30 day free trial.

Link to comment
Share on other sites
Armand Universalist

Armand

Posted
  • Author
Posted

Bah... so it seems like my 13 months of coding are all sh!t-worthy and i might as well just publish it with the source code included ????

[u]My Au3 Scripts:[/u]____________(E)Lephant, A Share download manager (RS/MU etc)Http1.1 Console, The Ez Way!Internet Reconnection Automation Suite & A Macro Recording Tool.SK's Alarm Clock, Playing '.MP3 & .Wav' Files._________________Is GOD a mistake of the Humanity Or the Humanity is a mistake of GOD ?!

Link to comment
Share on other sites
jokke Universalist

jokke

Posted
Posted (edited)

Bah... so it seems like my 13 months of coding are all sh!t-worthy and i might as well just publish it with the source code included ????

Suggestion, would it be possible to move some of you'r code to a server witch then does some of the "client" work, thus making a decompiled client worthless.

Ops: wrong quote :P

Edited by jokke
UDF:Crypter a file encrypt / decrypt tool with no need to remember a password again. Based on Caesar cipher using entire ASCII Table.Script's: PixelSearch Helper, quick and simple way to create a PixelSeach.Chatserver - simplified, not so complicated multi-socket server.AutoIT - Firewall, simple example on howto create a firewall with AutoIt.
Link to comment
Share on other sites
Mobius Universalist

Mobius

Posted
Posted (edited)

Software Passport (Armadillo) Led the Decompiler on a song and dance.

[Downside]

VASTLY inflated binary on straight out of the box settings.

Vastly inflated price tag.

Armadillo is entertaining, but not easy.

Ed:: Forget packers, I was able to overload the Decompiler with just 6 (Count Em) bytes of data appended to to either an a3x or exe. :P

This AutoIt3 is a fine piece of software.

Edited by Mobius

wtfpl-badge-1.png

Link to comment
Share on other sites
MyDream Wayfarer

MyDream

Posted
Posted

Software Passport (Armadillo) Led the Decompiler on a song and dance.

[Downside]

VASTLY inflated binary on straight out of the box settings.

Vastly inflated price tag.

Armadillo is entertaining, but not easy.

Ed:: Forget packers, I was able to overload the Decompiler with just 6 (Count Em) bytes of data appended to to either an a3x or exe. :P

This AutoIt3 is a fine piece of software.

Could you tell me the place/hex to scramble the autoitscript compiled exe file so that its not easy to decompile? :P

Which 6 bytes of data of the exe file that need to change?

Thank you

Link to comment
Share on other sites
Mobius Universalist

Mobius

Posted
Posted (edited)

Could you tell me the place/hex to scramble the autoitscript compiled exe file so that its not easy to decompile? :P

Which 6 bytes of data of the exe file that need to change?

Thank you

Not changed dude, 4 bytes of data needs to be either added or inserted to an AutoIt3 binary. PM me with a bit of info

if you are interested, There are also quite a few other methods discussed on this forum which are also extremly valid.

Edited by Mobius

wtfpl-badge-1.png

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...