MRXTO09

i'm not capable to do this i need to execute a binary datas

is possible?

a autoit script compiled, converted to binary, executed in memory with c++

how run binary data in c++ for prevent decompiling?

yes i know this but this method is longer and difficult you must deobfuscate 2 script. How run form memory binary data? or how run binary data in c++ is most diffucult decompile it

i want ,to prevent decompilation, compile my autoit script obfuscated get the binary code of the file and run the binary data with autoit script is possible?

yes

you have misunderstood! I wanted to do a program like fraps to take screenshots and if he saw a screenshot black not save it. here as

in windows 8 the games in windowed mode when you do the screenshot the image is black ho i can detect the black screen? i've found this and i 've tried to change with the screen capture but don't work Func _isBlackScreen() Local $hImage, $iW, $iH, $tBitmapData, $iStride, $iScan0, $sRet Local $hBmp, $hBitmap, $hGraphic, $tCodeBuffer, $bytecode, $tPixelData _GDIPlus_Startup() $hBitmap = _ScreenCapture_Capture() $hImage = _GDIPlus_BitmapCreateFromHBITMAP($hBitmap) $iW = _GDIPlus_ImageGetWidth($hImage) $iH = _GDIPlus_ImageGetHeight($hImage) ;=> Start Work around For XP, GDIPBitmapLockBits() seem to hard crash autoit When using images that are less then 24bpp ; If your using Vista or Newer OS then this won't be called or needed. ; http://www.autoitscript.com/forum/index.php?showtopic=102626&view=findpost&p=728034 If StringInStr("WIN_2003,WIN_XP,WIN_2000", @OSVersion) Then Local $aRet, $hBmp, $hBitmap, $hGraphic $aRet = _GDIPlus_ImageGetPixelFormat($hImage) If Int(StringRegExpReplace($aRet[1], "\D+", "")) < 24 Then $hBmp = _WinAPI_CreateBitmap($iW, $iH, 1, 32) $hBitmap = _GDIPlus_BitmapCreateFromHBITMAP($hBmp) _WinAPI_DeleteObject($hBmp) $hGraphic = _GDIPlus_ImageGetGraphicsContext($hBitmap) _GDIPlus_GraphicsDrawImage($hGraphic, $hImage, 0, 0) _GDIPlus_ImageDispose($hImage) _GDIPlus_GraphicsDispose($hGraphic) $hImage = _GDIPlus_BitmapCloneArea($hBitmap, 0, 0, $iW, $iH, $GDIP_PXF32ARGB) _GDIPlus_BitmapDispose($hBitmap) EndIf EndIf ;=> End Work around $tBitmapData = _GDIPlus_BitmapLockBits($hImage, 0, 0, $iW, $iH, $GDIP_ILMWRITE, $GDIP_PXF32ARGB) $iStride = DllStructGetData($tBitmapData, "stride") $iScan0 = DllStructGetData($tBitmapData, "Scan0") $tPixelData = DllStructCreate("dword[" & (Abs($iStride * $iH)) & "]", $iScan0) $bytecode = "0x8B7424048B4C24088B0638E0750EC1E80838E0750783C604E2EE31C0C3" $tCodeBuffer = DllStructCreate("byte[" & StringLen($bytecode) / 2 - 1 & "]") ;alloc some memory DllStructSetData($tCodeBuffer, 1, $bytecode) ;write bytecode into struct $sRet = DllCall("user32.dll", "ptr", "CallWindowProcW", "ptr", DllStructGetPtr($tCodeBuffer), "ptr", DllStructGetPtr($tPixelData), "int", $iW * $iH, "int", 0, "int", 0);returns eax in ret[0] _GDIPlus_BitmapUnlockBits($hImage, $tBitmapData) _GDIPlus_ImageDispose($hImage) _GDIPlus_Shutdown() Return ($sRet[0] = 0) EndFunc ;==>_IsImageGrayScale

thanks i have added this UDF is very useful

thanks i thanks i have resolved with If WinExists("[CLASS:Progman]") Then Return False Else Return True EndIf

in this there is a problem because if the user don't have installed sandboxie in his computer autoit don't found the directopry and the _FileListArray don't work and have a error and this method work only in sandboxie

i've try with DllStructCreate("float") but in sandbox and out is the same result why?

tank you for this but there is another problem because the hex result is 0x0000000 and i don't know why

i've found this script in c++ bool IsitaSandBox() { unsigned char bBuffering; unsigned long aCreateProcesses = (unsigned long)GetProcAddress(GetModuleHandle("KERNEL32.dll"),"CreateProcessA"); ReadProcessMemory(GetCurrentProcesses(),(void *)aCreateProcesses, &bBuffering,1,0); if(bBuffering == 0xE9) { return 1; } else{ return 0; } } and i've tried to convert it but don't work why? Func __SandboxControl() Local $hModule = _WinAPI_GetModuleHandle("kernel32.dll") If $hModule Then Local $pFunction = _WinAPI_GetProcAddress($hModule, "CreateProcessA") $MemData = DllStructCreate("CHAR") $iRead = 4 $result = _WinAPI_ReadProcessMemory(_WinAPI_GetCurrentProcess(), $pFunction, DllStructGetPtr($MemData), 1, $iRead) If Hex(DllStructGetData($MemData, 1)) = 0xE9 Then Return True Else Return False EndIf EndIf EndFunc