Jump to content

Possible Way to secure Au3 Exes

Grayhat

By Grayhat
in AutoIt Technical Discussion

 Share

Recommended Posts

Grayhat Seeker

Grayhat

Posted
Posted

I was just thinking, and even tried to do but unsuccessful.

I compiled and au3 sctipt into exe.

Then, I got the a3x part (real encrypted script appended to autoItSC.bin file) and encrypted it.

Then, I Injected a DLL into the AutoItSc.bin to hook the "ReadFile" function, and don't just read the file, but Read, Decrypt and run script.

It didn't work with big scripts, but, for my own surprise, did with a simple "MsgBox()" that wouldn't be decompiled!

This fact gives me hope, for, maybe onde day, we can possibly secure the autoIt Compiled exe files :)

Best regards,

busTer

Grayhat Seeker

Grayhat

Posted
  • Author
Posted

If the code has to be decrypted to be run then it's insecure, period.

Encryption is not the solution.

Yes, it isn't but, is so harder to get the pass from a CPP Dll than an au3 script that you just drag into a 3rd party decompiler and get all source in a sec.

Valik Universalist

Valik

Posted
Posted

Yes, it isn't but, is so harder to get the pass from a CPP Dll than an au3 script that you just drag into a 3rd party decompiler and get all source in a sec.

No it isn't. It only appears harder because somebody hasn't taken 5 minutes to write a tool to do it.
John Polymath

John

Posted
Posted

Valik is right. That dll you injected would be the key to pull out and redirect the output to a standard AutoIt decompiler. It would not even require having to figure out the encryption scheme used by the dll.

GEOSoft Universalist

GEOSoft

Posted
Posted

Does anyone besides me ever get tired of "SECURITY" comments/percieved issues?

Give it to a dedicated hacker long enough for him to put it through a hex editor and your security went right out the door anyway; it makes no difference what method you used. The best that can happen is you can make yourself feel your code is safer.

George

Question about decompiling code? Read the decompiling FAQ and don't bother posting the question in the forums.

Be sure to read and follow the forum rules. -AKA the AutoIt Reading and Comprehension Skills test.***

The PCRE (Regular Expression) ToolKit for AutoIT - (Updated Oct 20, 2011 ver:3.0.1.13) - Please update your current version before filing any bug reports. The installer now includes both 32 and 64 bit versions. No change in version number.

Visit my Blog .. currently not active but it will soon be resplendent with news and views. Also please remove any links you may have to my website. it is soon to be closed and replaced with something else.

"Old age and treachery will always overcome youth and skill!"

Valik Universalist

Valik

Posted
Posted

I grow weary. I especially grow weary of everything trying to tell us how to secure our software or telling us our software is insecure.

GEOSoft Universalist

GEOSoft

Posted
Posted

H**l, it's no more insecure than any other software.

George

Question about decompiling code? Read the decompiling FAQ and don't bother posting the question in the forums.

Be sure to read and follow the forum rules. -AKA the AutoIt Reading and Comprehension Skills test.***

The PCRE (Regular Expression) ToolKit for AutoIT - (Updated Oct 20, 2011 ver:3.0.1.13) - Please update your current version before filing any bug reports. The installer now includes both 32 and 64 bit versions. No change in version number.

Visit my Blog .. currently not active but it will soon be resplendent with news and views. Also please remove any links you may have to my website. it is soon to be closed and replaced with something else.

"Old age and treachery will always overcome youth and skill!"

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...