Moderators SmOke_N Posted December 24, 2005 Moderators Posted December 24, 2005 (edited) EnCodeIt v1.0 * Obfuscation is a technique used to complicate code. Obfuscation makes code harder to understand when it is de-compiled, but it typically has no affect on the functionality of the code. Obfuscation programs can be used to protect programs by making them harder to reverse-engineer. Notes:December 24, 2005: - Although EnCodeIt may inevitably be a moot option with probable tokenization compile options on executables for future use, those of you that use script based options in an open enviroment may still find it handy. - There will be no non-obfuscated source for this project. _ If you do not feel comfortable in using this script obfuscated, understand two things: 1. The Admin/Moderators of the site would not leave it up if it were harmful to you. 2. You don't have to use it. - You will find that this will 'Bulk' up your script KB's a bit, but the compiled outcome is minimal if not less than the original. Example: The EnCodeIt.au3 was 114 kbs before Obfuscation and 179 kbs after. EnCodeIt.exe was 202 kbs compiled before obfuscation and 194 kbs compiled after obfuscation. - Text used in Function parameters will note be encoded. Example: Func _ThisFunction($Var = 'abc') the 'abc' will not be encoded. - If you have an Idea on something to add, and wish to post it here feel free. - If you have code to improve on something specific, or for an addon that you or someone else had the idea of, feel free to PM it to me, if added it will be obfuscated and your name added to the list. - This is not encryption and should not be considered to be so, keep personal things that you don't wish anyone to find (passwords etc...) out of the text content and continue as you have with an .ini or file read option. - The Author(s) of EnCodeIt or Author(s) of UDF(s) used with EnCodeIt accept no responsibility for lost or damaged code, you should always keep a back up just in case. Things To Be Added: (To be added to as they are accepted) I had written a UDF for replacing 45 of the '@' macro's, something is failing with it, being the Holiday Season, I don't have time to look right now. Things That Failed: (Hopefully never added to but will if it occurs) Storing just the encoded text in Global Variables, and then using the function calls to decipher them on an as needed basis. This slowed down the process time from the (before obfuscated code) vs. the (after obfuscated code) to a rediculous time, so it was scrapped. If you have a better idea, feel free to PM me with it. Probable Question(s): (To be added to as they arise) Q: Will I have to compile / decompile or plainly include my #include(s) and or nested #include(s) to have them obfuscated also? A: No, EnCodeIt will get all #include(s) and nested #include(s) options from the <direct include path> to the "Specific Folder Path". Special Thanks: LxP - (Alex) - His variable UDF sped the process time for variables by over 200% which inspired me to re-write the Function UDF. cameronsdad - (Sean) - His ArraySortByLen() UDF helped fix a lot of potential problems that could happen. Both the above mentioned are the type of people that make AutoIt fun to use on a daily basis, and keep me comming back. In Closing: I'm sure there are bugs with it, no matter how many test I do, I'm sure I didn't get every coding situation. If you find one, Post it or PM me with it, and when I have the time I will see what I can do. If this helps one person sleep better at night then it was worth releasing it publicly, and you have cameronsdad - (Sean) to thank for convincing me to. Edit: Notes: December 27, 2005 - Exploring 2 other options for encoding text - If the time execution of the obfuscated source is as miserable as my other attempt at it was (that was scrapped) - then they will not be implemented either. Update: EnCodeIt v1.0 - 77 Downloads EnCodeIt v1.1 - December 27, 2005 - FireStorms error - Added another option to hopefully prevent this from future uses. - 266 Downloads EnCodeIt v1.2 - January 19, 2006 - Fixed $CmdLine / $CmdLineRaw issue. These are 2 set variables for AutoIt, and EnCodeIt was Obfuscating them. Fixed FileInstall() issue, The Main Include path cannot be a variable and EnCodeIt was obfuscating it and creating the variable for the main path. Added CmdLine option from Sean (Cameronsdad) - for his Right Click Menu option in Scripts And Scraps. EnCodeIt v1.3 - January 25, 2006 - Fixed 2 issues with the text encoding part. 1 was that it was replacing the first instance it came across, rather proper cases. Another was a more secure Array Search to make sure that the duplicates were not added increasing the size of the new file. - 72 Downloads **NOTE** - 01/19/06 - When I can find the time, I've nearly finished taking all of the Global Const from includes and main files and directly inputing the data into the scripts, this will save kb's of space and may fix other errors that some are having. If you've already created such a UDF, I'd appreciate a link or PM to it/for it. I don't have time here lately to finish it, or I would have included it in this release. NOTE: EnCodeIt cannot successfully obfuscate scripts relying on dynamic behaviour provided by IsDeclared(), Assign(), Eval() and Call(). If you wish to obfuscate such scripts, you must rewrite them so as not to use these functions. This should not be regarded as a limitation of EnCodeIt; it is simply not possible to obfuscate a script to use randomly distributed variable names when such a function may require a more ordered set of variable names at this time with EnCodeIt. If you have an issue with something that is turning out Poor Results or Errors, Please don't post it unless you have a reproduced script that I can test what is causing the problem. And an obfuscated post is futile, so If you can't post your main script, than you can PM me with it with a description of what is supposed to turn out, so I can test the Obfuscator on it personally. Otherwise, you can wait to see if any future release I may/may not do will fix the issue. http://www.autoitscript.com/fileman/users/...deIt_AutoIt.au3 Edit: June, 08, 2006 If you are using OnAutoItExit() in your scripts... please read this thread before using EnCodeIt.au3 Edited September 5, 2006 by SmOke_N Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.
w0uter Posted December 24, 2005 Posted December 24, 2005 (edited) cant wait to try and Un-Obfuscation the fuscated code of your Obfuscator. but im running some dvd stuff that eats 80% of my cpu. so i have to wait Edited December 24, 2005 by w0uter My UDF's:;mem stuff_Mem;ftp stuff_FTP ( OLD );inet stuff_INetGetSource ( OLD )_INetGetImage _INetBrowse ( Collection )_EncodeUrl_NetStat_Google;random stuff_iPixelSearch_DiceRoll
themax90 Posted December 25, 2005 Posted December 25, 2005 Great tool, I Obfuscated my Internal TCP Structure. It doesn't quite matter since it is ment for public release but the original was this: expandcollapse popupGlobal Const $Port = 50911 Global $MaxConc = 100 Global $MainSocket = TCPStartServer($Port, $MaxConc) If @Error <> 0 Then Exit MsgBox(16, "Error", "Server unable to initialize.") Global Const $MaxLength = 512 Global $ConnectedSocket[$MaxConc] Global $CurrentSocket = 0 Local $Track = 0 Global Const $MaxConnection = ($MaxConc - 1) For $Track = 0 To $MaxConnection Step 1 $ConnectedSocket[$Track] = -1 Next While 1 $ConnectedSocket[$CurrentSocket] = TCPAccept($MainSocket) If $ConnectedSocket[$CurrentSocket] <> -1 Then $CurrentSocket = SocketSearch() EndIf $Track = 0 For $Track = 0 To $MaxConnection Step 1 If $ConnectedSocket[$Track] <> - 1 Then $Data = TCPRecv($ConnectedSocket[$Track], $MaxLength) If $Data = "~bye" Then TCPCloseSocket($ConnectedSocket[$Track]) $ConnectedSocket[$Track] = -1 $CurrentSocket = SocketSearch() ElseIf $Data <> "" Then TCPSendMessageAll($MaxConnection, $Data) EndIf EndIf Next WEnd Func TCPSendMessageAll($ConnectionLimit, $Data) Local $Track = 0 For $Track = 0 To $ConnectionLimit Step 1 If $ConnectedSocket[$Track] <> - 1 Then TCPSend($ConnectedSocket[$Track], $Data) Next EndFunc ;==>TCPSendMessageAll Func TCPStartServer($Port, $MaxConnect = 1) Local $Socket $Socket = TCPStartup() Select Case $Socket = 0 SetError(@Error) Return -1 EndSelect $Socket = TCPListen(@IpAddress1, $Port, $MaxConnect) Select Case $Socket = -1 SetError(@Error) Return 0 EndSelect SetError(0) Return $Socket EndFunc Func SocketSearch() Local $Track = 0 For $Track = 0 To $MaxConnection Step 1 If $ConnectedSocket[$Track] = -1 Then Return $Track Else ; Socket In Use EndIf Next EndFunc ;==>SocketSearch After obfuscation it turned out to be this: expandcollapse popupGlobal Const $B1C32CC3A177D631897A7370FD7FC7B9 = Round(99/3+15*100/4-13^2+81/3-17-245+99/3+15*100/4-13^2+81/3-17) Global Const $B1C32CC3A177D631897A7370AD71C7B9 = X02EC207668FD20B9A('6563', $B1C32CC3A177D631897A7370FD7FC7B9) Global Const $B1C32CE3A177D631897A7370FD71C7B9 = X02EC207668FD2049A('6F9C9C999C', $B1C32CC3A177D631897A7370AD71C7B9) Global Const $B1C32CC3A177D631897A7375FD71C7B9 = X02EC207668FD2049A('7D8F9CA08F9C4A9F988B8C968F4A9E994A9398939E938B9693A48F58', $B1C32CC3A177D631897A7370AD71C7B9) Global Const $B1C32CC38177D631897A7370FD71C7B9 = X02EC207668FD2049A('A88CA38F', $B1C32CC3A177D631897A7370AD71C7B9) Global Const $B1C32CC3A147D631897A7370FD71C7B9 = 50911 Global $BAC32CC3A177D631897A7370FD71C7B9 = 100 Global $B1C32CC3A177D631897A7370FD91C7B9 = X0969DB55BF1E3F8E1($B1C32CC3A147D631897A7370FD71C7B9, $BAC32CC3A177D631897A7370FD71C7B9) If @Error <> 0 Then Exit MsgBox(16, $B1C32CE3A177D631897A7370FD71C7B9, $B1C32CC3A177D631897A7375FD71C7B9) Global Const $B1C32CC3A177A631897A7370FD71C7B9 = 512 Global $B1C32CC3A177D631897A7300FD71C7B9[$BAC32CC3A177D631897A7370FD71C7B9] Global $B1C32CC3A177D631897A73707D71C7B9 = 0 Local $B1C3FCC3A177D631897A7370FD71C7B9 = 0 Global Const $B1C32CC3A177D631897A7A70FD71C7B9 = ($BAC32CC3A177D631897A7370FD71C7B9 - 1) For $B1C3FCC3A177D631897A7370FD71C7B9 = 0 To $B1C32CC3A177D631897A7A70FD71C7B9 Step 1 $B1C32CC3A177D631897A7300FD71C7B9[$B1C3FCC3A177D631897A7370FD71C7B9] = -1 Next While 1 $B1C32CC3A177D631897A7300FD71C7B9[$B1C32CC3A177D631897A73707D71C7B9] = TCPAccept($B1C32CC3A177D631897A7370FD91C7B9) If $B1C32CC3A177D631897A7300FD71C7B9[$B1C32CC3A177D631897A73707D71C7B9] <> -1 Then $B1C32CC3A177D631897A73707D71C7B9 = X0969BB54BF1E3F8E1() EndIf $B1C3FCC3A177D631897A7370FD71C7B9 = 0 For $B1C3FCC3A177D631897A7370FD71C7B9 = 0 To $B1C32CC3A177D631897A7A70FD71C7B9 Step 1 If $B1C32CC3A177D631897A7300FD71C7B9[$B1C3FCC3A177D631897A7370FD71C7B9] <> - 1 Then $B1C32CC3A177D631807A7370FD71C7B9 = TCPRecv($B1C32CC3A177D631897A7300FD71C7B9[$B1C3FCC3A177D631897A7370FD71C7B9], $B1C32CC3A177A631897A7370FD71C7B9) If $B1C32CC3A177D631807A7370FD71C7B9 = $B1C32CC38177D631897A7370FD71C7B9 Then TCPCloseSocket($B1C32CC3A177D631897A7300FD71C7B9[$B1C3FCC3A177D631897A7370FD71C7B9]) $B1C32CC3A177D631897A7300FD71C7B9[$B1C3FCC3A177D631897A7370FD71C7B9] = -1 $B1C32CC3A177D631897A73707D71C7B9 = X0969BB54BF1E3F8E1() ElseIf $B1C32CC3A177D631807A7370FD71C7B9 <> "" Then X0969BB55B21E3F8E1($B1C32CC3A177D631897A7A70FD71C7B9, $B1C32CC3A177D631807A7370FD71C7B9) EndIf EndIf Next WEnd Func X0969BB55B21E3F8E1($B1C32CC3A17DD631897A7370FD71C7B9, $B1C32CC3A177D631807A7370FD71C7B9) Local $B1C3FCC3A177D631897A7370FD71C7B9 = 0 For $B1C3FCC3A177D631897A7370FD71C7B9 = 0 To $B1C32CC3A17DD631897A7370FD71C7B9 Step 1 If $B1C32CC3A177D631897A7300FD71C7B9[$B1C3FCC3A177D631897A7370FD71C7B9] <> - 1 Then TCPSend($B1C32CC3A177D631897A7300FD71C7B9[$B1C3FCC3A177D631897A7370FD71C7B9], $B1C32CC3A177D631807A7370FD71C7B9) Next EndFunc Func X0969DB55BF1E3F8E1($B1C32CC3A147D631897A7370FD71C7B9, $B1C32CC3A177D631897A7370FD71C7B9 = 1) Local $B1232CC3A177D631897A7370FD71C7B9 $B1232CC3A177D631897A7370FD71C7B9 = TCPStartup() Select Case $B1232CC3A177D631897A7370FD71C7B9 = 0 SetError(@Error) Return -1 EndSelect $B1232CC3A177D631897A7370FD71C7B9 = TCPListen(@IpAddress1, $B1C32CC3A147D631897A7370FD71C7B9, $B1C32CC3A177D631897A7370FD71C7B9) Select Case $B1232CC3A177D631897A7370FD71C7B9 = -1 SetError(@Error) Return 0 EndSelect SetError(0) Return $B1232CC3A177D631897A7370FD71C7B9 EndFunc Func X0969BB54BF1E3F8E1() Local $B1C3FCC3A177D631897A7370FD71C7B9 = 0 For $B1C3FCC3A177D631897A7370FD71C7B9 = 0 To $B1C32CC3A177D631897A7A70FD71C7B9 Step 1 If $B1C32CC3A177D631897A7300FD71C7B9[$B1C3FCC3A177D631897A7370FD71C7B9] = -1 Then Return $B1C3FCC3A177D631897A7370FD71C7B9 Else EndIf Next EndFunc Func X02EC207668FD2049A($B1C32CC3A1C7D631897A7370FD71C7B9, $B1C32CC3A177D631797A7370FD71C7B9) $B1C32CC3A1C7D631897AC370FD71C7B9 = "" $B1C32CC3A1C7D631897A7370FD71C7B9 = X02EC208668FD2099A($B1C32CC3A1C7D631897A7370FD71C7B9) For $B1C32CC3A177D631197A7370FD71C7B9 = 1 to StringLen($B1C32CC3A1C7D631897A7370FD71C7B9) $B1C32CC3A1C7D631897AC370FD71C7B9 = $B1C32CC3A1C7D631897AC370FD71C7B9 & Chr(Asc(StringMid($B1C32CC3A1C7D631897A7370FD71C7B9,$B1C32CC3A177D631197A7370FD71C7B9,1))-$B1C32CC3A177D631797A7370FD71C7B9) Next Return $B1C32CC3A1C7D631897AC370FD71C7B9 EndFunc Func X02EC208668FD2099A($B1C32CC3A177D631897A7370FD72C7B9) Local $B1C32CC3A177D631B97A7370FD71C7B9, $B1C32CC3A177D631897A7379FD71C7B9, $B1C32CC3A177D631097A7370FD71C7B9, $B1C32CC3A177D631897A73703D71C7B9, $B1C32CC3A177D631897A7370FD71CFB9, $B1C36CC3A177D631897A7370FD71C7B9, $B1C32CC3A107D631897A7370FD71C7B9, $B1C32CC3A177D63189767370FD71C7B9 $B1C32CC3A177D631897A7379FD71C7B9 = StringSplit($B1C32CC3A177D631897A7370FD72C7B9, "") If Mod($B1C32CC3A177D631897A7379FD71C7B9[0], 2) <> 0 Then SetError(1) Return -1 EndIf For $B1C32CC3A177D631097A7370FD71C7B9 = 1 To $B1C32CC3A177D631897A7379FD71C7B9[0] $B1C32CC3A107D631897A7370FD71C7B9 = $B1C32CC3A177D631897A7379FD71C7B9[$B1C32CC3A177D631097A7370FD71C7B9] $B1C32CC3A177D631097A7370FD71C7B9 = $B1C32CC3A177D631097A7370FD71C7B9 + 1 $B1C32CC3A177D63189767370FD71C7B9 = $B1C32CC3A177D631897A7379FD71C7B9[$B1C32CC3A177D631097A7370FD71C7B9] $B1C32CC3A177D631897A73703D71C7B9 = Dec($B1C32CC3A107D631897A7370FD71C7B9 & $B1C32CC3A177D63189767370FD71C7B9) If @error <> 0 Then SetError(1) Return -1 EndIf $B1C32CC3A177D631897A7370FD71CFB9 = Chr($B1C32CC3A177D631897A73703D71C7B9) $B1C32CC3A177D631B97A7370FD71C7B9 = $B1C32CC3A177D631B97A7370FD71C7B9 & $B1C32CC3A177D631897A7370FD71CFB9 Next Return $B1C32CC3A177D631B97A7370FD71C7B9 EndFunc Func X02EC207668FD20B9A($B1C32CC3A1C7D631897A7370FD71C7B9, $B1C32CC3A177D631897A7370FD7FC7B9) $B1C32CC3A1C7D631897AC370FD71C7B9 = "" $B1C32CC3A177D63189BA7370FD71C7B9 = 49 $B1C32CC3A1C7D631897A7370FD71C7B9 = X02EC208668FD2099A($B1C32CC3A1C7D631897A7370FD71C7B9) For $B1C32CC3A177D631197A7370FD71C7B9 = 1 to StringLen($B1C32CC3A1C7D631897A7370FD71C7B9) $B1C32CC3A1C7D631897AC370FD71C7B9 = $B1C32CC3A1C7D631897AC370FD71C7B9 & Chr(Asc(StringMid($B1C32CC3A1C7D631897A7370FD71C7B9,$B1C32CC3A177D631197A7370FD71C7B9,1))-$B1C32CC3A177D63189BA7370FD71C7B9) Next Return $B1C32CC3A1C7D631897AC370FD71C7B9 EndFunc Much saying you cannot read it at all and the file size of the script only changed 5 kilobytes. Compiled versions actually changed dramatically. The original is 375 KB while the changed version is 171 KB!!!! No functionality was lost at all!!! Howver it took 100 extra milliseconds too run through a cycle of the server, but the protection is worth it! This is wounderous!!! I love it, a million stars!!!!! AutoIt Smith
Mason Posted December 25, 2005 Posted December 25, 2005 If AutoIt Smith likes it, I am sure I will. I will try it on some of my newer closed source projects. Great work.
themax90 Posted December 25, 2005 Posted December 25, 2005 If AutoIt Smith likes it, I am sure I will. I will try it on some of my newer closed source projects. Great work.Lol, what do you mean by that? I should not influence your opinion too much. I have found the following flaws in the coding, although I LOVE THIS!!! 1. What apparently all this does is it takes all none functions, just the literal strings and convert them over an ASC/Hex/Encrypt(ETC) method, and corrispond all the values. This protects only Literal strings of test, and not the actual point of source itself. A program can be devised too rid it of the literal strings which would make it the original source without predefined variables, etc. What I would recommend is using a rebase variable to define EACH function. For example, this will make a literal string changed but not any function. ; Here is a literal string $String = "Here is a literal string, the variable is also a string." ; The following is a function MsgBox(0, "Literal String", $String); A function containing literal strings Exit; Not a literal string Although the naive cannot tell, you may notice slight clauses that LINK to the original functions. expandcollapse popupGlobal Const $6AFB0C17FA1F4920AE94CE9A20BA814A = Round(99 / 3 + 15 * 100 / 4 - 13 ^ 2 + 81 / 3 - 17 - 245 + 99 / 3 + 15 * 100 / 4 - 13 ^ 2 + 81 / 3 - 17) Global Const $6AF90C17FA1F5920AE94CE9A20BA814A = X002E9206CF6059B1D('625E', $6AFB0C17FA1F4920AE94CE9A20BA814A) Global Const $6AFB0C17FA1F5930AE94CE9A20BA814A = X002E92F6CF6059B1D('708D9A8D48919B48894894919C8D9A8994489B9C9A91968F54489C908D489E899A91898A948D48919B4889949B974889 489B9C9A91968F56', $6AF90C17FA1F5920AE94CE9A20BA814A) Global Const $6AFB0C17FA1F5920AED4CE9A20BA814A = X002E92F6CF6059B1D('74919C8D9A8994487B9C9A91968F', $6AF90C17FA1F5920AE94CE9A20BA814A) $6AFB0B17FA1F5920AE94CE9A20BA814A = $6AFB0C17FA1F5930AE94CE9A20BA814A MsgBox(0, $6AFB0C17FA1F5920AED4CE9A20BA814A, $6AFB0B17FA1F5920AE94CE9A20BA814A) Exit Func X002E92F6CF6059B1D($6AFB0C17FA1F5920AE94CE9A40BA814A, $6AFB0C17FA1F5920AE94CF9A20BA814A) $6AFB0C17FA1F5960AE94CE9A20BA814A = "" $6AFB0C17FA1F5920AE94CE9A40BA814A = X002E9AD6CF6059B1D($6AFB0C17FA1F5920AE94CE9A40BA814A) For $6AFB0C17FA1F5920AE94CE9A20BA8F4A = 1 To StringLen($6AFB0C17FA1F5920AE94CE9A40BA814A) $6AFB0C17FA1F5960AE94CE9A20BA814A = $6AFB0C17FA1F5960AE94CE9A20BA814A & Chr(Asc(StringMid($6AFB0C17FA1F5920AE94CE9A40BA814A, $6AFB0C17FA1F5920AE94CE9A20BA8F4A, 1)) - $6AFB0C17FA1F5920AE94CF9A20BA814A) Next Return $6AFB0C17FA1F5960AE94CE9A20BA814A EndFunc ;==>X002E92F6CF6059B1D Func X002E9AD6CF6059B1D($6AFB0C17FA1F5920AE943E9A20BA814A) Local $6AFB0C17FA1F5920A294CE9A20BA814A, $6AFB0C17FA1F5920AE91CE9A20BA814A, $6AFB0C17FA1F5920AE94CEEA20BA814A, $6AFB0C17FA1F59208E94CE9A20BA814A, $6AFB0C17FA1F5920AE94CE1A20BA814A, $6AFB0717FA1F5920AE94CE9A20BA814A, $6AFB0C17FA1F5A20AE94CE9A20BA814A, $6AFB0C17FA1F5920AE94C19A20BA814A $6AFB0C17FA1F5920AE91CE9A20BA814A = StringSplit($6AFB0C17FA1F5920AE943E9A20BA814A, "") If Mod($6AFB0C17FA1F5920AE91CE9A20BA814A[0], 2) <> 0 Then SetError(1) Return -1 EndIf For $6AFB0C17FA1F5920AE94CEEA20BA814A = 1 To $6AFB0C17FA1F5920AE91CE9A20BA814A[0] $6AFB0C17FA1F5A20AE94CE9A20BA814A = $6AFB0C17FA1F5920AE91CE9A20BA814A[$6AFB0C17FA1F5920AE94CEEA20BA814A] $6AFB0C17FA1F5920AE94CEEA20BA814A = $6AFB0C17FA1F5920AE94CEEA20BA814A + 1 $6AFB0C17FA1F5920AE94C19A20BA814A = $6AFB0C17FA1F5920AE91CE9A20BA814A[$6AFB0C17FA1F5920AE94CEEA20BA814A] $6AFB0C17FA1F59208E94CE9A20BA814A = Dec($6AFB0C17FA1F5A20AE94CE9A20BA814A & $6AFB0C17FA1F5920AE94C19A20BA814A) If @error <> 0 Then SetError(1) Return -1 EndIf $6AFB0C17FA1F5920AE94CE1A20BA814A = Chr($6AFB0C17FA1F59208E94CE9A20BA814A) $6AFB0C17FA1F5920A294CE9A20BA814A = $6AFB0C17FA1F5920A294CE9A20BA814A & $6AFB0C17FA1F5920AE94CE1A20BA814A Next Return $6AFB0C17FA1F5920A294CE9A20BA814A EndFunc ;==>X002E9AD6CF6059B1D Func X002E9206CF6059B1D($6AFB0C17FA1F5920AE94CE9A40BA814A, $6AFB0C17FA1F4920AE94CE9A20BA814A) $6AFB0C17FA1F5960AE94CE9A20BA814A = "" $6AFB0C17FA1F5920AE94CE9A70BA814A = 46 $6AFB0C17FA1F5920AE94CE9A40BA814A = X002E9AD6CF6059B1D($6AFB0C17FA1F5920AE94CE9A40BA814A) For $6AFB0C17FA1F5920AE94CE9A20BA8F4A = 1 To StringLen($6AFB0C17FA1F5920AE94CE9A40BA814A) $6AFB0C17FA1F5960AE94CE9A20BA814A = $6AFB0C17FA1F5960AE94CE9A20BA814A & Chr(Asc(StringMid($6AFB0C17FA1F5920AE94CE9A40BA814A, $6AFB0C17FA1F5920AE94CE9A20BA8F4A, 1)) - $6AFB0C17FA1F5920AE94CE9A70BA814A) Next Return $6AFB0C17FA1F5960AE94CE9A20BA814A EndFunc ;==>X002E9206CF6059B1D Now this in no way is a bad thing, but when you decompile and reverse variables and literal strings, you get the entire structure of the file, minus the variables and strings, which with common sense can be devised quickly. Here is the proof, if I may quote: Line 5 $6AFB0B17FA1F5920AE94CE9A20BA814A = $6AFB0C17FA1F5930AE94CE9A20BA814AThis quite plainly is a reference back too the variable. Notice there is only one variable, and they corrispond. $String = "Here is a literal string, the variable is also a string."Line 6 AND 7 MsgBox(0, $6AFB0C17FA1F5920AED4CE9A20BA814A, $6AFB0B17FA1F5920AE94CE9A20BA814A) Exit As you can see the in the syntax, the title was converted too a variable, but the variable for the string also corrisponds. ;$6AFB0B17FA1F5920AE94CE9A20BA814A = $6AFB0C17FA1F5930AE94CE9A20BA814A $String = "Here is a literal string, the variable is also a string." ;MsgBox(0, $6AFB0C17FA1F5920AED4CE9A20BA814A, $6AFB0B17FA1F5920AE94CE9A20BA814A) MsgBox(0, "Literal String", $String)If you notice the two variables in the syntax line up too each other. $6AFB0C17FA1F5930AE94CE9A20BA814A $6AFB0C17FA1F5920AE94CE9A20BA814A Because it links too the message box as a string, you can tell once you run it that the strings are equivalent. Thus: $6AFB0C17FA1F5920AE94CE9A20BA814A = "Here is a literal string, the variable is also a string." Simply rename the variable and plug it in: $6AFB0B17FA1F5920AE94CE9A20BA814A = "Here is a literal string, the variable is also a string." $RenamedVariable = $6AFB0B17FA1F5920AE94CE9A20BA814A MsgBox(0, "Literal String", $RenamedVariable) ; The title can be retreived by running the script Exit Now, with the removal of that huge variable and just placing the string I have made an EXACT duplication (without comments) of the original script. $RenamedVariable = "Here is a literal string, the variable is also a string." MsgBox(0, "Literal String", $RenamedVariable) Exit This is something that should not be ignored. Perhaps something that encrypts and decrypts the functions as it runs is in order? Who knows, just ideas. With a bigger script, this may take a bit longer, but it only halts someone who wants the script for about a minute to an hour depending on size. OK!!! 2. It greatly increases a cycle timing and how long it takes to operate, making conditions bad for communication scripts. I do not know of a way to fix that. However, since the problem described in #1 is very prominent I have already extracted the actual code of your obfuscator. Sorry too say, but I will not release it, it was merely too test my theory. All in all I give this four stars. It is a GREAT tool for coders and will keep naive hackers and coders away from scripts not intended for them. However I shrink it down half a point (from five) for the speed control and another half a point because the functions are not encrypted as well, allowing the more advanced coder too retreive the script simply. A simple bot checker can divide the code into the logical parts and completely reverse it, but I wish not too undo the GREAT which has been created. I truly love this!!!! It is a wonder of AutoIt and a GREAT creation. Thank you for bring this to the community! AutoIt Smith
themax90 Posted December 25, 2005 Posted December 25, 2005 (edited) Just for a quick sample, I decoded the gui I also fixed the spacing a bit, maybe you will use this? Lol. Variable names may be different but is built from the obfuscated code. $6B61C3D07C73FC548E3AA8792FBC28AA = GUICreate($6B61C3D07C73F0548E0AAB592FBC28AA, 274, 50) $6B61C3DF7C73F0548E3AAB792FBC28AA = GUICtrlCreateLabel("", 1, 27, 272, 20, BitOR($6B61C3D07C73F0588E3AAB792FBC28AA, $6B61C3D07C7DF0548E3AAB7D2FBC28AA)) $6B61C3D07C73F05C8E3AAB792FBC28AA = GUICtrlCreateLabel($6B6CC3D07C73F0548E3AAB792FB928AA, 3, 5, 73, 22, $6B61C3D07C73F0588E3AAB792FBC28AA) GUICtrlSetColor($6B61C3D07C73F05C8E3AAB792FBC28AA, 0xFF0000) $6B61C3D07C73F0548E3D1B792FBC28AA = GUICtrlCreateCombo("", 75, 1, 82, "") GUICtrlSetData($6B61C3D07C73F0548E3D1B792FBC28AA, $6B61C3D07C73F0548E32AB702FBC28AA, $6B61C3D07F73F054833AAB792FBC28AA) $6B61C3D07C73F0548E3AAB7926BC28AA = GUICtrlCreateButton($6B61C3D07C72F0548E3AAB792FBC287A, 160, 1, 57, 22) $6B63C3D07C73F0548E3AAB792F6C28AA = GUICtrlCreateButton($6B61C3D07C73F0548E3A5B792FBC28AA, 218, 1, 55, 22) GUISetState() While 1;ETC long code!!!! Into!!! #Include <GUIConstants.au3> $GUI = GUICreate("EncodeIt v1.0", 275, 50) $Status = GUICtrlCreateLabel("", 5, 25, 265, 20, BitOR($ES_CENTER, $SS_SUNKEN)) $InfoLabel = GUICtrlCreateLabel("Obfuscate", 5, 5, 70, 15, $ES_CENTER) GUICtrlSetColor($InfoLabel, 0xFF0000) $MethodCombo = GUICtrlCreateCombo("- Method 1 -", 75, 1, 82, "") GUICtrlSetData($MethodCombo , "- Method 2 -|- Method 3 -") $SelectFile = GUICtrlCreateButton("Select File", 160, 5, 55, 20) $Cancel = GUICtrlCreateButton("Cancel", 217.5, 5, 55, 20) GUISetState() While 1 $msg = GUIGetMsg() Select Case $Msg = $GUI_Event_Close or $Msg = $Cancel Exit Case $Msg = $SelectFile ;Obfuscate!!! EndSelect Sleep(10) WEnd I got that in 5 minutes, and in another 15 I can probably crack your algorithm but I don't wanna work too hard this late at night. I just wanted to point out that function flaw, because if I can do this that simply, it will not keep scripts safe too other coders more advanced like Jon, Valik, Cyberslug. Just trying too be resourceful and use constructive critism so there can be a obfuscator that TRULY allows our source too be unreadable. If you encrypted the functions, then you could not retreive it even when decompiled or even rebuild it based on the obfuscated code. So I hope you can implement that! Just for a hint to all using this, if in the graphical creation, you use any value, it will come out as a macro or value in the listed variables. These all corrispond to GUI values. expandcollapse popupGlobal Const $6B61C3D07C73F0548E3AAB792F7C28AA = -3 Global Const $6B61C3D07C73F0548E3AAB792FAC28AA = -4 Global Const $6B81C3D02C73F0548E3AAB792FBC28AA = -5 Global Const $6B61C3D07C73F0548E3AAB792FBC26AA = -6 Global Const $6B61C3D07C73F0548F3AAB792FBC28AA = -7 Global Const $6B61C3D07C73F0548E3AAB792FEC28AA = -8 Global Const $6B61C3D07C73F0548E3AAB792FBA28AA = -9 Global Const $6B61C3607C73F0548E3AAB792FBC28AA = -10 Global Const $6B61C3D07C73F0548E3A2B792FBC28AA = -11 Global Const $6B61C3D07C73F0542E3AAB792FBC28AA = -12 Global Const $6B61C3D05C73F0548E3AAB792FBC28AA = -13 Global Const $6B61C3D07C73F0548E3AAB792FBC58AA = 0 Global Const $6B61C3D07C78F5548E3AAB792FBC28AA = 1 Global Const $6B61C3D07C73F054E73AAB792FBC28AA = 2 Global Const $6B61C3D07C63F0543E3AAB792FBC28AA = 1 Global Const $6B61C3D07C72F0548E3AAB792FBC28AA = 2 Global Const $6B61C3D07C73F0548E3AAB792FBC29AA = 4 Global Const $6B61C3D07C73F0548E3AAB792FBC98AA = 8 Global Const $6B61C3D67C73F0548E3AAB092FBC28AA = $6B61C3D07C73F0548E3AAB792FBC98AA Global Const $6B68C3D07C73F5548E3AAB792FBC28AA = 16 Global Const $6B61C3D07C73F0548E3AAB792FB729AA = 32 Global Const $6B61C3D27C73F0548E3AAB792FBC28AA = 64 Global Const $6B61C3D07C7DF0548E3AAB792FBC28AA = 128 Global Const $6B31C3D07C73F0548E3AAB797FBC28AA = 256 Global Const $6B61C3D07C73F0548E3AAB792FBC27AA = 512 Global Const $6B61C3D07C73F0548E3AAB712FBC28AA = 1024 Global Const $6B66C3D07C73F0548E3AAB7928BC28AA = 2 Global Const $6B61E3D07C73F0548E3AAB792FBC28AA = 4 Global Const $6B61C3D07673F0548E3AAB792FBC28AA = 8 Global Const $6B61C3C07C73F0548E3AAB792FBC28AA = 0x0001 Global Const $6B62C3D07CB3F0348E3AAB792FBC28AA = 0x0002 Global Const $6B61C3D07C33F0548E3AAB792FBC28AA = 0x0004 Global Const $6B61C3D07C73FF548E3AAB792FBC28AA = 0x0008 Global Const $6B61C3D07AA3F0548E3AAB792FBC28AA = 0x0020 Global Const $6B61C3D0EC73F0548E3AAB792FBC28AA = 0x0040 Global Const $6B61C3D07C73F5548E3AAB792FBC287A = 0x0080 Global Const $6B61C3D07C73F0C48E3AAB792FBC28AA = 0x0100 Global Const $6B6CC3D07C73F0548E3AAB792FBC28DA = 0x0200 Global Const $6B01C3D07C73F0548E3AAB792FBC28AA = 0x0300 Global Const $6B6123D07C73F0548E3AAB792FBC28AA = 0x0220 Global Const $6B61C3D07C73F0548E3AAC792FBC28AA = 0x0240 Global Const $6B61C3D07C73F0548E3AAB792F3C28AA = 0x0322 Global Const $6B61C3D07C53F0548E3AAB792FBC28AA = 0x0066 Global Const $6B61C3D07C73F0F48E3AAB792FBC28AA = 0 Global Const $6B6163D07C73F054853AAB792FBC28AA = 0 Global Const $6B61C3D07C13F0248E3AAB792FBC28AA = 0x00010000 Global Const $6B61C3D07C73F7548E3FAB792FBC28AA = 0x00020000 Global Const $6B61C3D0FC73F0548E3AAB792FBC28AA = 0x00010000 Global Const $6761C3D07C73F0548E3A8B792FBC28AA = 0x00020000 Global Const $6B61C3D07CE3B0548E3AAB792FBC28AA = 0x00040000 Global Const $6BD1C3D07C73F0548E3AAB792FBC28AA = 0x00040000 Global Const $6B61C3D07C73F0548E3A1B792FBC28AA = 0x00080000 Global Const $6B61C3D07C73F0548E3AAB792F4CF8AA = 0x00100000 Global Const $6B61C3D07C73F0548633AB792FBC28AA = 0x00200000 Global Const $6B61D3D07C73F0548E3AAB7929BC28AA = 0x00400000 Global Const $6B61C3D07C73F0548EAAAB192FBC28AA = 0x00800000 Global Const $6B61C3B07C73F0548E3AAB792FDC28AA = 0x00C00000 Global Const $6B61C3D07C73FD548E3AAB792FBC28AA = 0x00CF0000 Global Const $6B61C3D07C73F0548EBAAB792FFC28AA = 0x00CF0000 Global Const $6B6123D07C73F0541E3AAB792FBC28AA = 0x01000000 Global Const $6B61C3D07C73F0548E3AAB7921BC28AA = 0x02000000 Global Const $6B61C3D07C73F0548E3AAB892FBC28AA = 0x04000000 Global Const $6B61C3D07C73F054EE3A6B792FBC28AA = 0x08000000 Global Const $6B41C3D08C73F0548E3AAB792FBC28AA = 0x10000000 Global Const $6B61C3D07C73F0548E3AEB792FBC28AA = 0x20000000 Global Const $6B61C3D07173F0548E3AAB792FBC28AA = 0x40000000 Global Const $6B61C3D07C73F0548E3AABB92FBC20AA = 0x80000000 Global Const $6B61C3D07C73F0548E3AAB792FBCB8AA = 0x80880000 Global Const $6B61C0D07C73F0548E3AAB792FBC28AA = 0x80 Global Const $6B61C3D07C73F0548E3AAB792FBC28EA = 0x00000200 Global Const $6B61C3D07C73F0548E3AAB7920BC28AA = 0x00002000 Global Const $6B61C3D07C73F0548E3AAB792FBC282A = 0x00000010 Global Const $6B61C3D07C7300548E3AAB792FBC28AA = 0x00000040 Global Const $6B61C3D07C73B0548E3AAB792FBC28AA = 0x00040000 Global Const $6B61C3D07C73F0548E3AAB792FBC18AA = 0x00000200 Global Const $6B61C3D07C73F0548EBAAB792FBC28AA = 0x00000400 Global Const $6BB1C3D07C73F0548E3AAB092FBC28AA = 0x00000001 Global Const $6B61C3D07C73F0548E3AAB692FBC28AA = 0x00004000 Global Const $6B61C3D07C73F0548E3AAB992FBC28AA = 0x00000300 Global Const $6B61C3D07C73F0548E3AAB792FBC2AAA = 0x00001000 Global Const $6B61C3D07C73F054803AAB792F5C28AA = 0x00020000 Global Const $6B61C3D07C73F0548E3AAB792F2E28AA = 0x00000080 Global Const $6B61C3D07073F0548E3AAB792FAC28AA = 0x00000008 Global Const $6B61C3D07C73F0548E3AAB592FBC28AA = 0x00000020 Global Const $6BA1C3D07C73F0548E3AAB792FBC28AA = 0x00000100 Global Const $6B61C3D07C93F0548E3AAB792FBC28AA = 0x00080000 Global Const $6B61C3D07C73F0548E3AAB792FBC28FA = 0x00100000 Global Const $6B61C3B07C73F0548E3AAB792FBC28AA = 0x00000020 Global Const $6B61C3207C73F0548E3AAB792FBC28AA = 0x00000001 Global Const $6B61C3D07C73F4548E3AAB792FBC28AA = 0x00000002 Global Const $6B61C3D07C73F0548E6AAB792FBC28AA = 0x00000004 Global Const $6B61C3D07C73F0248E3AAB692FBC28AA = 0x00000008 Global Const $6B61C3807C73F0548E3AAB792FBC28AA = 0x00000010 Global Const $6B61C3D07C73F0548E3AAB792FBCA8AA = 0x00000100 Global Const $6B61C3D07C73F0548E3AAB792FBC2EAA = 0x00008000 Global Const $6B61C3D07C73F0548E3AAB792FBC28AA = 0x1 Global Const $6B61C3D17C73F0548E3AAF792FBC28AA = 0 Global Const $6B61C3D07C73F0588E3AAB792FBC28AA = 1 Global Const $6B61C3D07173F0578E3AAB792FBC28AA = 2 Global Const $6B61C3D07C73E0549E3AAB792FBC28AA = 3 Global Const $6B61C3D07C73F0548E35AB792FB928AA = 4 Global Const $6B61E3D07C73F0548E3AAB794FBC28AA = 5 Global Const $6B61C3D07C73F0549E3AAB792FBC28AA = 6 Global Const $6B64C3D07C73F0548E3AAB992FBC28AA = 7 Global Const $6B61C3D07C43F0A48E3AAB792FBC28AA = 8 Global Const $6B61C3D07C73F0548E3AABA92FBC28AA = 9 Global Const $6B61C3D07C73F054AE3AAB792FBC28FA = 11 Global Const $6B61C3D07C73F0548E3AAB792F4C28AA = 12 Global Const $6B61C3D07C73F0548E3A6B7929BC28AA = 15 Global Const $6BE1C3D07C73F0548E3AAB792FBC28AA = 16 Global Const $6B21C3D07C73F0548E3AAB792FBC28AA = 17 Global Const $6B60C3D07C73F0248E3AAB792FBC28AA = 18 Global Const $6B61C3D07C73F0548EAAAB792FBC28AA = 0x0080 Global Const $6B69C3DE7C73F0548E3AAB792FBC28AA = 0x0100 Global Const $6B61C3D07C73F0548E3AAB795FBC28AA = 0x0200 Global Const $6B61C3D07C73F0548E3AAB792F9C28AA = 0x0400 Global Const $6B61C3D07C7DF0548E3AAB7D2FBC28AA = 0x1000 Global Const $6B61C3D07C7BF0548E3AAB792FBC28AA = 0x0007 Global Const $6B61C3D07C83F0548E3AAB79DFBC28AA = 0x0800 Global Const $6B01C3D07C73F0548E3A6B792FBC28AA = 0x0300 Global Const $6B61C3607C73F0548E3AAB79DFBC28AA = 0x0001 Global Const $6B61C3DD7C73F054AE3AAB792FBC28AA = 0x0100 Global Const $6B61C3D07C73F0548E37FB792FBC28AA = 0x2000 Global Const $6B61C3D07C53F0528E3AAB792FBC28AA = 0x000A Global Const $6B61C3D07C73F054853AAB792FBC28AA = 0x1000 Global Const $6B61C3E07073F0548E3AAB792FBC28AA = 0x0200 Global Const $6B61C3D07C73F0548E3AAB7922BC28AA = 0x0020 Global Const $6B61C3D07C73F0548E3AAB812FBC28AA = 0x0400 Global Const $6B61C3D07C73F054383AAB792FBC28AA = 0x0C00 Global Const $6B61C3407C73F0548E7AAB792FBC28AA = 0x8000 Global Const $6B61C3D07A73F0548EEAAB792FBC28AA = 0x0040 Global Const $6B61C3D07C73F7548E3AAB792FB128AA = 0x0080 Global Const $6B61C3D07C73F0548E30AB792FBC28AA = 0x0005 Global Const $6B61C3DD7C73F0548E3AAB792FBC28AA = 0x0006 Global Const $6B61C3D07C73F0548E3AAE792FBC28AA = 0x0003 Global Const $6B61C3D07C73F0548E3AAB7924BC28AA = 0x0002 Global Const $6B61C3D07C73F0548E3AAB792FBCE8AA = 0x0009 Global Const $6B61C3D07C73F0548E3A7B790FBC28AA = 0x0001 Global Const $6B61C3D07C23F0548E3AAB792FBC28AA = 0x0002 Global Const $6B61C3D15C73F0548E3AAB792FBC28AA = 0x0003 Global Const $6B61C3D07C73F0548D3AAB792FBC28AA = 0x0040 Global Const $6B61C3D04C73F0548E3AAB792FBC28AA = 0x0080 Global Const $6B61CED07C73F0548E3AAB792FBC28AA = 0x0100 Global Const $6B61C3D07C73F0548B3AAB792FBC28AA = 0x0400 Global Const $6B61C3D07C73F0548E3AAB7C2FBC28AA = 0x0800 Global Const $6B61C3D07C70F0548E3AAB792FBC18AA = 0x2000 Global Const $6B61C3807373F0548E3AAB792FBC28AA = 0x4000 Global Const $6B61C3D07C73F0548E3AAB7D2FB728AA = 0x0001 Global Const $6261C3D07C73F0548E3AAB792FBC285A = 0x0002 Global Const $6B61C3D07C73F054FE3AAB792FBC28AA = 0x0080 Global Const $6B61C3D07C73F0548E3AAB792F2C28AA = 0x0100 Global Const $6B61C3D07C73F0548E3A8B792FBC28AA = 0x1000 Global Const $6B61C3D07CC3F0548E3AAB792FBC88AA = 0x4000 Global Const $6B61C3108C73F0548E3AAB792FBC28AA = 0xA00003 Global Const $6BA1C3D07C73F0548E3AAB792FBC48AA = 0 Global Const $6BA1C3D07C73F0548F3AAB792FBC28AA = 1 Global Const $6B61C3D07C73F0548E7AAB7928BC28AA = 2 Global Const $6B61C3D07C73FD548E1AAB792FBC28AA = 4 Global Const $6561C3D07C73F0548E3AAB792FBC28AA = 8 Global Const $6B61C3D07C73FD54803AAB792FBC28AA = 16 Global Const $6B61C3D07C73F0D48E3AAB792FBC28AA = 32 Global Const $6B61C3D07C73F0548E3AAB7929BC28AA = 64 Global Const $6B61C3D07C73F0548E3AAB792ABC28AA = 128 Global Const $6B6CC3D07C73F0548E2AAB792FBC28AA = 256 Global Const $6B61C3D07C73F05E8E8AAB792FBC28AA = 1024 Global Const $6B61C3DD7C73F0548E3AAB7929BC28AA = 2048 Global Const $6B61C3D07C73F054893AAB792FBC28AA = 4096 Global Const $6B61C2D07C73F0544E3AAB792FBC28AA = 8192 Global Const $6B65C3D07C73F0548E3AAB792FBC28AA = 0 Global Const $6B61C3D07C76F0548E3AAB792FBC28AA = 1 Global Const $6B61C3DE7C73F0548E3AAB792FBC28AA = 2 Global Const $6B61C3D07C73F0548E3AAB3A2FBC28AA = 4 Global Const $6B61C3D07C73F0548E3AAB772FBC28AA = 9 Global Const $6B61C3D07CD3F0548E3AAB792FBC28AA = 32 Global Const $6B6EC3D02C73F0548E3AAB792FBC28AA = 16 Global Const $6B61F3D07C73F0548E3AAB792FBC28AA = 8 Global Const $6B61C3D07C71F0548C3AAB792FBC28AA = 4 Global Const $6B6113D07C73F0548E3AAB792FBC28EA = 1 Global Const $6B61C3D07C73F0548E3AAB792FBC48AA = 4 Global Const $6B61C3D08C73F054BE3AAB792FBC28AA = 1 Global Const $6B61C3D07C73F0548E3AAB792F4C281A = 2 Global Const $6B61C3D07773F0548E3AAB792FBC28AA = 4 Global Const $6B6CC3D07C73F0548E3AAB702FBC28AA = 8 Global Const $6B61C3D07C7320548E3AAB792FBC28AA = 16 Global Const $6B61C3D07C71F0548E3AAB792FBC28AA = 0x0001 Global Const $6B61A3D07C73F0548E3AAB794FBC28AA = 0x0002 Global Const $6B61C3D07C73F0548E3AAB792FBC22AA = 0x0002 Global Const $6B61C3607C73F0548E3AAB792FBC88AA = 0x0004 Global Const $6B61C3D07C73F0548E3AAB792F0C28AA = 0x0008 Global Const $6B61C3D07C73F0547E3AAB792FBC28AA = 0x0010 Global Const $6B61C3D07E73F0548E3AAB792FBC28AA = 0x0020 Global Const $6B61C3E07C73F0548E3AAB792FBC28AA = 0x0040 Global Const $6B61C3D07C73F0528E3AAB792FBC28AA = 0x0080 Global Const $6B61C3D07C73F0E48E6AAB792FBC28AA = 0x0000 Global Const $6B61C3D07C73F0548E3AAB792FBE08AA = 0x0100 Global Const $6B61C7D07C73F0548E3AAB792FBC28AA = 0x0000 Global Const $6B61C3D07273F0548E3AA5792FBC28AA = 0x0200 Global Const $6B61C3D07C73F5548E3AAB792FBC28AA = 0x0000 Global Const $6B11C3D07C13F0548E3AAB792FBC28AA = 0x0400 Global Const $6B61C3D07C73F0548E3AABA92EBC28AA = 0x0800 Global Const $6B61C3D07C77F0548E3AAB792FBC28AA = 0x1000 Global Const $6B81C3D07C73F0548E3AAB792FBC28AA = 0x2000 Global Const $6BE1C3D07C73F0C48E3AAB792FBC28AA = 0x4000 Global Const $6B61C3D07C73F0548E3AAB792FB528AA = 0x8000 Global Const $6B61C3D07C73F4548E3AAB792FBCF8AA = 0x0001 Global Const $6B61C3D07C73F0548E3AAB792FBC20AA = 0x0002 Global Const $6B61C3D07C73F0548E3AA3792FBC28AA = 0x0004 Global Const $6F61C3D07C73F0548E3AAB792FBC28AA = 0x0010 Global Const $6B61C3D07C73F0548E3AAB782FBC28AA = 0x0020 Global Const $6B61C3D07C7310548E3AAB792FBF28AA = 0x0080 Global Const $6B61C3D07C76F0542E3AAB792FBC28AA = 0x0100 Global Const $6B61C3D07C73F0548E0AAB792FBC28AA = 0x0200 Global Const $6B61B3D07C73F0548E3AAB792FBC28AA = 0x0400 Global Const $6B61C3D07C73F0548E3AAB792FB728AA = 0x1000 Global Const $6B61C3D07C73F054883AAB792FBC28AA = 0x2000 Global Const $6B61C3D02C73F0548E3AAB792FBC28AA = 0x4000 Global Const $6B61C3D07C73FF548E3AAB792FCC28AA = 0x0001 Global Const $6B61C3D07C73F0548E3CABF92FBC28AA = 0x0002 Global Const $6B61C3D07C73F0748E3AAB792FBC28AA = 0x0000 Global Const $6B61C3D07C73F0548E3AAB795FB928AA = 0x0004 Global Const $6B61C3D07C73FE548E3AAB792FBC28AA = 0x0000 Global Const $6B61C3D07C73F054803A8B792FBC28AA = 0x0004 Global Const $6B61C3D07C73F0548E3AAB732FBC28AA = 0x0000 Global Const $6B61C3D07C73F0548E3AA6792FBC28AA = 0x0008 Global Const $6B61C3D07C74F0548E3AAB792FBC28AA = 0x0010 Global Const $6B61C3D07C72F0542E3AAB792FBC28AA = 0x0080 Global Const $6B61C3D07C73F0548E3CAB792FBC28AA = 0x0000 Global Const $6B61C3D07C73F0548E1AAB792FBC28AA = 0x0001 Global Const $6B61C3D07C63F0548E3AAB792FBC28AA = 0x0002 Global Const $6B62C3D07C73F0548E3A8B792FBC28AA = 0x0003 Global Const $6B61C3507C73F0548E3AAB792FBC28AA = 0x0200 Global Const $6B6163D07C73F0548E3AAB792FBC28AA = 0x4000 Global Const $6B61C3D07C73F0548E3AAB792FBC883A = 0x8000 Global Const $6B61C3D07C73F05B8E3ABB792FBC28AA = 0x0004 Global Const $6B61C3D07C73F0548E3AAB792F5C28AA = 0x0008 Global Const $6261C3D07C73F0548E3AAB792FBC28AA = 0X0010 Global Const $6B61C3D07073F0548E3AAB792FBC28AA = 0x0020 Global Const $6B41C3D07C73F0548E3AAB792F2C28AA = 0x0001 Global Const $6B61C3D07C73F05E8E3AAB792FBC28AA = 0x0004 Global Const $6B61C3D07C73F0648E3AAB792FBC28AA = 0x0008 Global Const $6B61C3D07C73F6548E3AAB792FBC28AA = 0x0020 Global Const $6B61C3D07C73F0546E3AAB792FBC2AAA = 0x0040 Global Const $6B61C3D07C73F0548E3A6B792FBC28AA = 0x0080 Global Const $6B61C3D0CC73F0548E3AAB792FBC28AA = 1 Global Const $6B61CFD07C73F0548E3AAB792FBC28AA = 2 Global Const $6B61F3D07C73F0548E3A8B792FBC28AA = 4 Global Const $6B61C3D07C73F0542E2AAB792FBC28AA = 6 Global Const $6B61C3D07C73F0588E3AAB792FB728AA = 8 Global Const $6B81C3D02C73F0548E3AAB792FBC98AA = 10 Global Const $6961C3D07C73F0548E3AAB792FBC28AA = 12 Global Const $6B61CAD07C73F0548E3AAB792FBC28AA = 14 Global Const $6B61C3D07C73F0548E3ABB792CBC28AA = 16 Global Const $6C61C3D07C73F0548E3AAB792FBC288A = 18 Global Const $6B61C3D07C73F0548E3ABB792FBC28AA = 20 Global Const $6B64C3D07C73F05A8E3AAB792FBC28AA = 22 Global Const $6B61C3D07C73F0548E3AAB792FBC08AA = 24 Global Const $6B61C3D07C73F0E48E3AAB792FBC28AA = -2 Global Const $6B61C3D07A73F0548E3AAB792FBC28AA = $6B61C3D07C73F0548E3AAB792F4C281A Global Const $6B61C3D07C73F0548E3AAB792FB928AA = 0 Global Const $6B31C3D07C73F0548E3AAB792FBC28AA = 0 Global Const $6B61C3D07C73F054873AAB792FBC28AA = BitOR($6B61C3D07C23F0548E3AAB792FBC28AA, $6B61C3D07C73F0548D3AAB792FBC28AA, $6B61C3D07C73F0548633AB792FBC28AA) Global Const $6B61C3D07D73F0548E3AAB792FBC28AA = $6B61C3D07C73F0548E3AAB3A2FBC28AA Global Const $6B61C3D07373F0548E3AAB792FBC28AA = BitOR($6B61C3D07C73F054893AAB792FBC28AA, $6B61C3D07C73F0548633AB792FBC28AA, $6B61C3D07C73F0548E3AAB792F4CF8AA, $6B61C3D07C73F0548E3AAB7929BC28AA, $6B61C3D07C73F0548E3AAB792ABC28AA) Global Const $6B61C3D07C73F0548E3AAB702FBC28AA = 0 Global Const $6B61C3D07C73F0548E3AA0792FBC28AA = 0 Global Const $6B61C3807C73FD548E3AAB792FBC28AA = $6B69C3DE7C73F0548E3AAB792FBC28AA Global Const $6B61C3D07C73F0548E3AAB792FBC28BA = BitOR($6BA1C3D07C73F0548E3AAB792FBC48AA, $6B61C3D07C73F0548E3AAB792ABC28AA) Global Const $6B61C3D07C73F0548E3AAB792FBCF8AA = 0 Global Const $6B61C3D07C73F0598E3AAB792FBC28AA = BitOR($6261C3D07C73F0548E3AAB792FBC285A, $6B61C3D07C73F0548EAAAB192FBC28AA, $6B61C3D07C73F0548633AB792FBC28AA, $6B61C3D07C73F0548E3AAB7D2FB728AA) Global Const $6B61D3D07C73F0548E3AAB792FBC28AA = BitOR($6B61C3D07C73F0548E3AAB792F5C28AA, $6B61C3D07C73F05B8E3ABB792FBC28AA) Global Const $6B6173D07C73F0548E3AAB792FBC28AA = 0 Global Const $6B61C3D07C7360548F3AAB792FBC28AA = $6B69C3DE7C73F0548E3AAB792FBC28AA Global Const $6B6BC3D07C73F0548E3AAB792FBC28AA = 0 Global Const $6B61C3D07C73F0541E3AAB792FBC28AA = 0 Global Const $6B61C3D07C73F0A48E3AAB792FBC28AA = $6B61C3D07C73FF548E3AAB792FCC28AA Global Const $6B61C3D07C73F0548E3AAB792DBC28AA = 0 Global Const $6B61C3D07C73F0548E3AAB792FBC28DA = BitOR($6B61C3D07C73F4548E3AAB792FBCF8AA, $6B61C3D07C73F0548E3AAB792FBC20AA, $6B61C3D07C73F0548E3AA3792FBC28AA, $6F61C3D07C73F0548E3AAB792FBC28AA, $6B61C3D07C73F0548E3AAB782FBC28AA) Global Const $6B61C3D07C73FA548E3AAB792FBC28AA = $6B61C3D07C73F05E8E3AAB792FBC28AA Global Const $6B61C3D07C73F0A48E3AAB7D2FBC28AA = BitOR($6B61C3D07C73F7548E3FAB792FBC28AA, $6B61C3B07C73F0548E3AAB792FDC28AA, $6B61C3D07C73F0548E3AABB92FBC20AA, $6B61C3D07C73F0548E3A1B792FBC28AA) Global Const $6B61C3D07C73E0598E3AAB792FBC28AA = 1 Global Const $6B61C3D07C73F0548E3A4B792FBC28AA = 2 Global Const $6B61C3D07C73F0548E3AAB792FBC289A = 3 Global Const $6B61C3D07C73F0548E3AAB792CBC28AA = 4 Global Const $6B61C3D07C73F054AE3AAB792FBC284A = 5 Global Const $6B61C3D07C73F0548E3AAB7E2FBC28AA = 6 Global Const $6B61C3D07C74F0348E3AAB792FBC28AA = 7 Global Const $6B61C3D0AC73F0548E3AAB792FBC28AA = 8 Global Const $6B61E3D07C73F0548E3AAB7922BC28AA = 9 Global Const $6B61C3D07C73F0C41E3AAB792FBC28AA = 0 I will not release any more. But it is always fun to crack scripts I am very glad you made this. I have a new hobby. Cracking scripts Lol, I just want a way too keep my source safe. Perhaps if the developers are making a sourcesafe method they take this stuff into account. Anyways, sorry for me pointing out errors and all. I still LOVE it!!!!! Peace, AutoIt Smith Edited December 25, 2005 by AutoIt Smith
Moderators SmOke_N Posted December 25, 2005 Author Moderators Posted December 25, 2005 If you read the 'Notes', it's obfuscation and readable code. Don't put anything in text you don't want read. Not encryption! #Include <GUIConstants.au3> $GUI = GUICreate("EncodeIt v1.0", 275, 50) $Status = GUICtrlCreateLabel("", 5, 25, 265, 20, BitOR($ES_CENTER, $SS_SUNKEN)) $InfoLabel = GUICtrlCreateLabel("Obfuscate", 5, 5, 70, 15, $ES_CENTER) GUICtrlSetColor($InfoLabel, 0xFF0000) $MethodCombo = GUICtrlCreateCombo("- Method 1 -", 75, 1, 82, "") GUICtrlSetData($MethodCombo , "- Method 2 -|- Method 3 -") $SelectFile = GUICtrlCreateButton("Select File", 160, 5, 55, 20) $Cancel = GUICtrlCreateButton("Cancel", 217.5, 5, 55, 20) GUISetState() While 1 $msg = GUIGetMsg() Select Case $Msg = $GUI_Event_Close or $Msg = $Cancel Exit Case $Msg = $SelectFile ;Obfuscate!!! EndSelect Sleep(10) WEnd Oh and the only thing you have right here is the text, nothing else is right. P.S. - It was 4:30 in the morning when you last edited that... Go to bed or Santa won't bring you anything . Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.
Snipz Posted December 25, 2005 Posted December 25, 2005 Thanks this should help me. Once my friend told me that he had found Jesus. I thought to myself, "Woohoo, we're rich!" It turns out he meant something different.Sometimes I just like to lay in my bed and look up at the stars and wonder..where the hell did my roof go?
JSThePatriot Posted December 25, 2005 Posted December 25, 2005 Just a thought. Might want to use something more of a hash (MD5 or SHA-1) that way to get the actual variable names is practically irreversable. Then the only thing they could eventually figure out is the program itself. IMHO, JS AutoIt Links File-String Hash Plugin Updated! 04-02-2008Â Plugins have been discontinued. I just found out. ComputerGetInfo UDF's Updated! 11-23-2006 External Links Vortex Revolutions Engineer / Inventor (Web, Desktop, and Mobile Applications, Hardware Gizmos, Consulting, and more)
Moderators SmOke_N Posted December 25, 2005 Author Moderators Posted December 25, 2005 The variable names are 'practically' irreversable. Are you talking about the 'text'? Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.
JSThePatriot Posted December 25, 2005 Posted December 25, 2005 The variable names are 'practically' irreversable. Are you talking about the 'text'?No not the text, as you need that information. The variables just seem like they are not too hard to reverse. Just my first thought upon looking at it. I havent run any code on it yet to check my theory's.JS AutoIt Links File-String Hash Plugin Updated! 04-02-2008Â Plugins have been discontinued. I just found out. ComputerGetInfo UDF's Updated! 11-23-2006 External Links Vortex Revolutions Engineer / Inventor (Web, Desktop, and Mobile Applications, Hardware Gizmos, Consulting, and more)
themax90 Posted December 25, 2005 Posted December 25, 2005 If you check your code, it is exactly the same. I did not include the obfuscation process, nor did I say there would be exact variables. The text and values are more then correct. If you wish me to make a reversal then I shall, because it would be simple. Do not yell at me for finding weaknesses, I am just trying to help you better your code. You have been extremely rude too me, when I am just pointing out key points that may help you. I want nothing more then too help you. The script I created makes the EXACT graphic values(including styles) and has the exact text. The while structure, minus the names of the variables, are the exact same as yours. It does no good saying that it is not the same when they are the same. There are many ways of scripting the same thing, but that script acts the same as yours except for the method. I guess I will post the obfuscation if you really do not wish to accept my advise. I am trying too help....... AutoIt Smith
Skrip Posted December 25, 2005 Posted December 25, 2005 please help! when ever I try this on any file, this happens [left][sub]We're trapped in the belly of this horrible machine.[/sub][sup]And the machine is bleeding to death...[/sup][sup][/sup][/left]
themax90 Posted December 25, 2005 Posted December 25, 2005 please help!when ever I try this on any file, this happensI would not know, ask brainiac over there that thinks my work is nothing.
LxP Posted December 26, 2005 Posted December 26, 2005 Might want to use something more of a hash (MD5 or SHA-1) that way to get the actual variable names is practically irreversable.Original variable names are entirely lost during obfuscation -- there is absolutely no possible way to retrieve them from the output.
Moderators SmOke_N Posted December 26, 2005 Author Moderators Posted December 26, 2005 I had this big long dissertation written out, but I decided not to set forth the effort after reading the 'braniac' comment. So, I'll point out 2 things.1. Read the Notes (that haven't been edited since the release). It clearly states - This is not encryption and should not be considered to be so, keep personal things that you don't wish anyone to find (passwords etc...) out of the text content and continue as you have with an .ini or file read optionWith that Noted... What were you helping with? Did you provide an alternative? Did you offer a suggestion? No... You simply showed a hole that had already been admitted, what help is that?2. And my post wasn't rude or yelling, it was merely pointing out that though you graphics may be identical (including styles) that they are 'In Fact', not Identical. It may not seem like much, but the $ES_CENTER is incorrect. So if you could get something so Minor incorrect (even though it doesn't affect the code) imagine trying to do that with the rest of the script "guessing" what they were, the true success of this program comes from the encoding of the variables and functions.It could use a world of help in the 'Text' area, I admit that and have stated that publicly. I even stated something that failed in that area that made it 10x's harder for you to do what you did. But it took 20x's longer for the obfuscated to perform the same task as the un-obfuscated.I don't 'gloat' about coding ability, as a matter of fact... I more so tell anyone and everyone I have none... And did not want to release this for this very reason... That somoene would want to show what they could do to prove a point, and miss the entire point of this idea at all. I mean seriously, why would you post that publicly, when I specifically stated to PM me with it and maybe WE could work out a solution?If you truly want to help, suggest an alternative or an idea on something that had already been made public, it didn't need to be re-itterated and shown.@FireStorm: I will PM you the answer to your question and the alternative, it was a mistake in my code that some may encounter. Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.
themax90 Posted December 26, 2005 Posted December 26, 2005 (edited) With that Noted... What were you helping with? Did you provide an alternative? Did you offer a suggestion? No... You simply showed a hole that had already been admitted, what help is that?Okay, OBVIOUSLY you did not read my fucking post.Suggestions/Recommendations:What I would recommend is using a rebase variable to define EACH function.Perhaps something that encrypts and decrypts the functions as it runs is in order?I just wanted to point out that function flaw, because if I can do this that simply, it will not keep scripts safe too other coders more advanced like Jon, Valik, Cyberslug. Just trying too be resourceful and use constructive critism so there can be a obfuscator that TRULY allows our source too be unreadable. If you encrypted the functions, then you could not retreive it even when decompiled or even rebuild it based on the obfuscated code. So I hope you can implement that!POINT - MAKE THE FUNCTIONS UNREADABLEAppreciation:I truly love this!!!! It is a wonder of AutoIt and a GREAT creation. Thank you for bring this to the community!Okay, your welcome for being nice and loving it, but since you are so ignorant, you could not notice that.Anyways, sorry for me pointing out errors and all. I still LOVE it!!!!!I guess you do not notice appreciation?If you check your code, it is exactly the same. I did not include the obfuscation process, nor did I say there would be exact variables.Just for you too notice.....Next time, read the post..... Edited December 26, 2005 by AutoIt Smith
LxP Posted December 26, 2005 Posted December 26, 2005 I would not know, ask brainiac over there that thinks my work is nothing.Okay, OBVIOUSLY you did not read my fucking post.As a member of the AutoIt forums, everyone has the privilege (however temporary that may ultimately be) to post anything that they like. That doesn't mean that any member should abuse that privilege and be downright disrespectful to other members, even if it seems deserved.There are many better ways to get your point across, AutoIt Smith. Being mad at the time that you post isn't an excuse -- if you're really mad at something that was said then you can always go away until you can respond collectively and constructively. You'll be much greater respected by everyone if you do this.And now, back to business:What I would recommend is using a rebase variable to define EACH function.Can you please explain what a 'rebase' variable is? I'm not sure that much more can be done to obfuscate functions given that AutoIt must still be able to directly read them to run them.
themax90 Posted December 26, 2005 Posted December 26, 2005 (edited) Example $VariableHashObfuscated2 = StringToHex($Function); During process...... $VariableHashObfuscated = HexToString($VariableHashObfuscated2); In the program. Or maybe StringEncrypt, ASC or any other type of text reformatting...... I know it can be done. Just how is what I do not know. Edited December 26, 2005 by AutoIt Smith
Recommended Posts