BubbleGumDancer Posted September 21, 2010 Share Posted September 21, 2010 How can I protect my code from decompilation? The fact of the matter is you can't fully protect your code. AutoIt is an interpreted language, so all scripts are interpreted, and that script has to get stored somewhere There is still hope though. You can take certain measures to prevent decompiled code from being usable to the person that decompiled. The first step is to obfuscate your code. This causes the code to become unreadable. Basically variables and functions are renamed, making it very hard to make head or tail of what is what. can anyone please post a script example of a method to obfuscate autoit source code to make the scripts unreadable? If you were twice as smart, you'd still be stupid. Link to comment Share on other sites More sharing options...
kaotkbliss Posted September 21, 2010 Share Posted September 21, 2010 The option is built in to AutoIt when you go to compile it. It's the last tab in the window that pops up with the compile options. 010101000110100001101001011100110010000001101001011100110010000 001101101011110010010000001110011011010010110011100100001 My Android cat and mouse gamehttps://play.google.com/store/apps/details?id=com.KaosVisions.WhiskersNSqueek We're gonna need another Timmy! Link to comment Share on other sites More sharing options...
Ascend4nt Posted September 21, 2010 Share Posted September 21, 2010 (edited) If you are using SciTE to edit your scripts, you can select the obfuscation options when you select 'Compile', and it will automatically add the necessary lines to your script. The most common options are listed in the box, but extra ones are available via F1. Typically after adjusting your compilation options, it will result in something like this at the VERY top of your main script: #Region ;**** Directives created by AutoIt3Wrapper_GUI **** #AutoIt3Wrapper_outfile=MyProgram.exe #AutoIt3Wrapper_UseUpx=y #AutoIt3Wrapper_Run_Obfuscator=y #Obfuscator_Parameters=/striponly #EndRegion ;**** Directives created by AutoIt3Wrapper_GUI **** My preference is actually the following though, which strips unnecessary functions, shrinks variable and function names sizes down, and avoids the string/number encryption (which would add more to the excution time): #Obfuscator_Parameters=/om /cn=0 /cs=0 /sf=1 /sv=1 Be aware that even with the latest version and string/number encryption, the code can still be decompiled (way too easily unfortunately). It will be confusing to read the decompiled script however if you allow it to rename function and variable names. *edit: Oops, meant *number* encryption Edited September 21, 2010 by Ascend4nt My contributions: Performance Counters in Windows - Measure CPU, Disk, Network etc Performance | Network Interface Info, Statistics, and Traffic | CPU Multi-Processor Usage w/o Performance Counters | Disk and Device Read/Write Statistics | Atom Table Functions | Process, Thread, & DLL Functions UDFs | Process CPU Usage Trackers | PE File Overlay Extraction | A3X Script Extract | File + Process Imports/Exports Information | Windows Desktop Dimmer Shade | Spotlight + Focus GUI - Highlight and Dim for Eyestrain Relief | CrossHairs (FullScreen) | Rubber-Band Boxes using GUI's (_GUIBox) | GUI Fun! | IE Embedded Control Versioning (use IE9+ and HTML5 in a GUI) | Magnifier (Vista+) Functions UDF | _DLLStructDisplay (Debug!) | _EnumChildWindows (controls etc) | _FileFindEx | _ClipGetHTML | _ClipPutHTML + ClipPutHyperlink | _FileGetShortcutEx | _FilePropertiesDialog | I/O Port Functions | File(s) Drag & Drop | _RunWithReducedPrivileges | _ShellExecuteWithReducedPrivileges | _WinAPI_GetSystemInfo | dotNETGetVersions | Drive(s) Power Status | _WinGetDesktopHandle | _StringParseParameters | Screensaver, Sleep, Desktop Lock Disable | Full-Screen Crash Recovery Wrappers/Modifications of others' contributions: _DOSWildcardsToPCRegEx (original code: RobSaunder's) | WinGetAltTabWinList (original: Authenticity) UDF's added support/programming to: _ExplorerWinGetSelectedItems | MIDIEx UDF (original code: eynstyne) (All personal code/wrappers centrally located at Ascend4nt's AutoIT Code) Link to comment Share on other sites More sharing options...
cembry90 Posted September 22, 2010 Share Posted September 22, 2010 (edited) Here's an example with some code I whipped up for another member last night. Note that I had to shorten the AutoIt code DRAMATICALLY in the obfuscated version, since the forum wouldn't let me post that much.. I kept getting the error You must enter a post. Un-obfuscated: 25 lines @ 802 bytes Obfuscated: 863 lines @ 65,704 bytes Not Obfuscated #Region ;**** Directives created by AutoIt3Wrapper_GUI **** #AutoIt3Wrapper_UseX64=n #AutoIt3Wrapper_Run_Obfuscator=y #EndRegion ;**** Directives created by AutoIt3Wrapper_GUI **** #include <Array.au3> Dim $Search[3][4] = [ ["hello", "hi", "hey"], _ ["brb", "afk", "bbl"], _ ["bye", "cya", "ttyl"] ] Dim $Respond[3] = ["Why hello there!", "See you soon.", "Goodbye!"] Global $Search, $Respond For $i = 1 To 5 $Me = InputBox("Prompt", "Input a message.") reply(StringLower($Me)) Next Func reply($Message) $Check = _ArraySearch($Search, StringLower($Message)) If Not @error Then MsgBox(262144, "Message", $Respond[$Check]) Else MsgBox(262144, "Message", "I don't know what to say to that.") EndIf EndFunc Obfuscated expandcollapse popupglobal $Os A5700002242_() global $A51C2802215=A5700002242($Os[0x223]),$A47C2901B22=A5700002242($Os[0x224]),$A0BC2A05F62=A5700002242($Os[0x225]),$A56C2B01754=A5700002242($Os[0x226]),$A27C2C06260=A5700002242($Os[0x227]),$A03C2D00619=A5700002242($Os[0x228]),$A28C2E05757=A5700002242($Os[0x229]),$A00C2F01212=A5700002242($Os[0x22A]),$A3DD2001556=A5700002242($Os[0x22B]),$A16D2100626=A5700002242($Os[0x22C]),$A5BD2201446=A5700002242($Os[0x22D]),$A2DD2402721=A5700002242($Os[0x22E]),$A61D2502F16=A5700002242($Os[0x22F]),$A07D260245C=A5700002242($Os[0x230]),$A2BD270220E=A5700002242($Os[0x231]),$A55D2805B4F=A5700002242($Os[0x232]),$A06D2905E33=A5700002242($Os[0x233]),$A16D2B0005B=A5700002242($Os[0x234]),$A04D2C03559=A5700002242($Os[0x235]) Func A5800103904(ByRef $A3310F03010, $A622000315B) If Not Isdeclared("SSA5800103904") Then Global $A0920103933=A5700002242($Os[0x1]),$A6220203F07=A5700002242($Os[0x2]),$A5F20304C0F=A5700002242($Os[0x3]),$A4320404253=A5700002242($Os[0x4]),$A2120504660=A5700002242($Os[0x5]),$A3620603C2F=A5700002242($Os[0x6]),$A2D2070392D=A5700002242($Os[0x7]),$A3520800119=A5700002242($Os[0x8]),$A0F20A05F03=A5700002242($Os[0x9]) Global $SSA5800103904=0x01 EndIF If Not IsArray($A3310F03010) Then Return SetError(Number($A0920103933), Number($A6220203F07), -Number($A5F20304C0F)) If UBound($A3310F03010, Number($A4320404253)) <> Number($A2120504660) Then Return SetError(Number($A3620603C2F), Number($A2D2070392D), -Number($A3520800119)) Local $A1B20904857 = UBound($A3310F03010) ReDim $A3310F03010[$A1B20904857 + Number($A0F20A05F03)] $A3310F03010[$A1B20904857] = $A622000315B Return $A1B20904857 EndFunc Func A4100205238(Const ByRef $A3310F03010, $A622000315B, $A3220B01807 = 0, $A0920C05C0A = 0) If Not Isdeclared("SSA4100205238") Then Global $A1920D0331A=A5700002242($Os[0xA]),$A0F20E00B28=A5700002242($Os[0xB]),$A4920F05101=A5700002242($Os[0xC]),$A4C30004316=A5700002242($Os[0xD]),$A4530104E20=A5700002242($Os[0xE]),$A0D30202451=A5700002242($Os[0xF]),$A3630304D4E=A5700002242($Os[0x10]),$A063040171E=A5700002242($Os[0x11]),$A4830500652=A5700002242($Os[0x12]),$A323060104C=A5700002242($Os[0x13]),$A0D30705E30=A5700002242($Os[0x14]),$A2530805154=A5700002242($Os[0x15]),$A5430901700=A5700002242($Os[0x16]),$A0530A0261D=A5700002242($Os[0x17]),$A2D30B05C51=A5700002242($Os[0x18]),$A1430D05160=A5700002242($Os[0x19]),$A4130E0372F=A5700002242($Os[0x1A]),$A4130F0490E=A5700002242($Os[0x1B]),$A534000565A=A5700002242($Os[0x1C]),$A3340104C07=A5700002242($Os[0x1D]),$A044020580C=A5700002242($Os[0x1E]),$A0740302A06=A5700002242($Os[0x1F]),$A5240400C01=A5700002242($Os[0x20]),$A2940503912=A5700002242($Os[0x21]),$A1D4060312C=A5700002242($Os[0x22]) Global $SSA4100205238=0x01 EndIF If Not IsArray($A3310F03010) Then Return SetError(Number($A1920D0331A), Number($A0F20E00B28), -Number($A4920F05101)) If UBound($A3310F03010, Number($A4C30004316)) <> Number($A4530104E20) Then Return SetError(Number($A0D30202451), Number($A3630304D4E), -Number($A063040171E)) Local $A1B20904857 = UBound($A3310F03010) - Number($A4830500652) If $A0920C05C0A < Number($A323060104C) Or $A0920C05C0A > $A1B20904857 Then $A0920C05C0A = $A1B20904857 If $A3220B01807 < Number($A0D30705E30) Then $A3220B01807 = Number($A2530805154) If $A3220B01807 > $A0920C05C0A Then Return SetError(Number($A5430901700), Number($A0530A0261D), -Number($A2D30B05C51)) Local $A5730C01309 = Int(($A0920C05C0A + $A3220B01807) / Number($A1430D05160)) If $A3310F03010[$A3220B01807] > $A622000315B Or $A3310F03010[$A0920C05C0A] < $A622000315B Then Return SetError(Number($A4130E0372F), Number($A4130F0490E), -Number($A534000565A)) While $A3220B01807 <= $A5730C01309 And $A622000315B <> $A3310F03010[$A5730C01309] If $A622000315B < $A3310F03010[$A5730C01309] Then $A0920C05C0A = $A5730C01309 - Number($A3340104C07) Else $A3220B01807 = $A5730C01309 + Number($A044020580C) EndIf $A5730C01309 = Int(($A0920C05C0A + $A3220B01807) / Number($A0740302A06)) WEnd If $A3220B01807 > $A0920C05C0A Then Return SetError(Number($A5240400C01), Number($A2940503912), -Number($A1D4060312C)) Return $A5730C01309 EndFunc Func A3F00306335(ByRef $A3310F03010, $A2940704E29, $A1A40804752 = "") If Not Isdeclared("SSA3F00306335") Then Global $A0940900C08=A5700002242($Os[0x23]),$A5640A05747=A5700002242($Os[0x24]),$A4940B0621C=A5700002242($Os[0x25]),$A5740C03201=A5700002242($Os[0x26]),$A5E40D0284E=A5700002242($Os[0x27]),$A5140E0103E=A5700002242($Os[0x28]),$A5A40F0500C=A5700002242($Os[0x29]),$A0D5000022E=A5700002242($Os[0x2A]),$A3750500B62=A5700002242($Os[0x2B]),$A0250603461=A5700002242($Os[0x2C]),$A1F50A02F36=A5700002242($Os[0x2D]),$A3E50B0005D=A5700002242($Os[0x2E]),$A2150D03353=A5700002242($Os[0x2F]),$A3350E0020F=A5700002242($Os[0x30]),$A3C50F02527=A5700002242($Os[0x31]),$A3260004134=A5700002242($Os[0x32]),$A2F60104D15=A5700002242($Os[0x33]),$A1A60203F49=A5700002242($Os[0x34]) Global $SSA3F00306335=0x01 EndIF If Not IsArray($A3310F03010) Then Return SetError(Number($A0940900C08), Number($A5640A05747), Number($A4940B0621C)) If UBound($A3310F03010, Number($A5740C03201)) <> Number($A5E40D0284E) Then Return SetError(Number($A5140E0103E), Number($A5A40F0500C), Number($A0D5000022E)) Local $A5450104D60 = UBound($A3310F03010) Local $A5D50200809 = $A2940704E29 Local $A5D50304544[$A5D50200809] For $A4A50403441 = Number($A3750500B62) To $A5D50200809 - Number($A0250603461) $A5D50304544[$A4A50403441] = $A4A50403441 Next Local $A5550700C18 = A4410C02E06($A5450104D60, $A5D50200809) Local $A4B50805C47 = $A5550700C18 Local $A6250906009[$A5550700C18 + Number($A1F50A02F36)] $A6250906009[Number($A3E50B0005D)] = $A5550700C18 Local $A3550C04B1B = Number($A2150D03353) While $A4B50805C47 > Number($A3350E0020F) A5B10D03A1F($A5450104D60, $A5D50200809, $A4B50805C47, $A5550700C18, $A5D50304544) For $A4A50403441 = Number($A3C50F02527) To $A2940704E29 - Number($A3260004134) $A6250906009[$A3550C04B1B] &= $A3310F03010[$A5D50304544[$A4A50403441]] & $A1A40804752 Next If $A1A40804752 <> "" Then $A6250906009[$A3550C04B1B] = StringTrimRight($A6250906009[$A3550C04B1B], Number($A2F60104D15)) $A3550C04B1B += Number($A1A60203F49) WEnd Return $A6250906009 EndFunc Func A3300404100(ByRef $A006030475D, Const ByRef $A3A60403D31, $A3220B01807 = 0) If Not Isdeclared("SSA3300404100") Then Global $A316050330C=A5700002242($Os[0x35]),$A4660601006=A5700002242($Os[0x36]),$A4C60706111=A5700002242($Os[0x37]),$A0B60801A21=A5700002242($Os[0x38]),$A0560901457=A5700002242($Os[0x39]),$A1660A06231=A5700002242($Os[0x3A]),$A2260B02138=A5700002242($Os[0x3B]),$A2F60C05753=A5700002242($Os[0x3C]),$A0D60D02C16=A5700002242($Os[0x3D]),$A2D60E03D10=A5700002242($Os[0x3E]),$A0460F02725=A5700002242($Os[0x3F]),$A0770001C48=A5700002242($Os[0x40]),$A0A7010573F=A5700002242($Os[0x41]),$A3770204B15=A5700002242($Os[0x42]),$A0770301B31=A5700002242($Os[0x43]),$A0470405B38=A5700002242($Os[0x44]),$A1670504551=A5700002242($Os[0x45]),$A5870602729=A5700002242($Os[0x46]),$A0F70705C1F=A5700002242($Os[0x47]),$A1970805663=A5700002242($Os[0x48]),$A2C70902C18=A5700002242($Os[0x49]),$A0D70C01302=A5700002242($Os[0x4A]) Global $SSA3300404100=0x01 EndIF Simply put : AutoIt is NOT secure. Ever. There is no *magical program* or obfuscator that will make your code 100% safe. Yes the obfuscator helps, but by no means is it safe from hackers. Themida won't do any good for a determined individual. I've got a friend that has a bachelor's degree in computer programming and he helps me with suggestions when I make AutoIt programs. So far, he has been able to retrieve source for all but one of my compiled executables, most of which I obfuscate and then pack with Themida. Long story short - if you want security, go learn C++ and use some professional tool such as Themida or PC Guard. Edited September 22, 2010 by cembry90 drkCDR 1 AutoIt Stuff: UDFs: {Grow} Link to comment Share on other sites More sharing options...
drkCDR Posted April 26, 2020 Share Posted April 26, 2020 Thanks a lot Link to comment Share on other sites More sharing options...
Recommended Posts