CodeCrypter - Encrypt your Script

[marko001]

Hi @RTFC, just a quick question, to clarify the whole thing: is it possible to RUN a code-crypter protected (with let's say my own HD serial) executable on a 3rd part system?

So, I developed a Crypto manager, I want to protect it to hide the code and give it to my colleagues. Can they use it at home?

In order to use it but not to decode it.

Thanks,

Marco

 

[bbugret]

Hi @RTFC

can you help me with this error thanks.No error in codescanner but when i try codecrypter after finishing when i try to test the the newly created it give me an error on the following line
    

Global $IV_PID2 = WinGetProcess ($HANDLE2[$ID])         ; {file:1}{line:644}{ref644}

>Running:(3.3.16.0):C:\Program Files (x86)\AutoIt3\autoit3_x64.exe "C:\Users\ADMIN\Desktop\CodeScannerCrypter.bundle\MCF0test.au3"    
+>Setting Hotkeys...--> Press Ctrl+Alt+Break to Restart or Ctrl+BREAK to Stop.
"C:\Users\ADMIN\Desktop\CodeScannerCrypter.bundle\MCF0test.au3" (4302) : ==> Variable subscript badly formatted.:
Global $IV_PID2 = WinGetProcess ($HANDLE2[$ID])
Global $IV_PID2 = WinGetProcess ($HANDLE2[^ ERROR
->09:58:55 AutoIt3.exe ended.rc:1
+>09:58:55 AutoIt3Wrapper Finished.
>Exit code: 1    Time: 2.195

 

[RTFC]

Welcome to the AutoIt forums.

As many before you, you overestimate my psychic powers. You'll need to produce the smallest-possible script (use <> code tags in your post) that reproduces the problem, plus your chosen CodeCrypter settings, if you wish me to have a look at your issue.

[Totally_Clueless]

Hello everybody, my name is Lefty, I am a newbie here but have been working with AutoIT for 10 years. Now I have written a very long script with over 12,000 lines, scanned it with codescanner without any problems but when I either encrypt or obfuscate or translate or the three of them together I always several undefined functions like _WinAPI_GetProcessFileName or _GUICtrlListView_GetItemText even though i added the corresponding includes and these functions are listed in varios Function*.txt files created by codescanner. Any Clues? 

[RTFC]

In CodeCrypter, navigate to Tab Create Single-Build, and untick both "Skip redundant UDf definitions" and "Remove Orphaned Globals and UDFs",  and retry. And welcome to the forums.

Edited September 9, 2022 by RTFC

[RTFC]

Celebrating one thousand downloads of the bundle.

[habsi]

Hii @RTFC i have problem with my scrip object not found

And other scrip some my funcion didnt work after encryp but isee on codescanner log no error/issue found pls help if u have free time

[RTFC]

Hi @habsi; welcome to the forum. In the CodeCrypter FAQ pdf (part of the bundle) you'll find an extensive description how to identify and fix issues. For example, have you tested that a BackTranslated version of your script (instead of an encrypted one) does work? If obfuscation is enabled, does the issue persist when this is disabled? If your script is larger than, say, fifty lines, then you should first create the smallest-possible reproducer test script (throw out all code that has nothing to do with the error and/or the targeted object), and test that script instead. If you then still can't figure out what's going wrong, then you could post that tiny reproducer script (which has to run in Scite without external dependencies) in this thread (please use the "<>" code tags) for me to have a look at.

Be aware though of what the Codecrypter FAQ states regarding CodeCrypting objects:

Quote

The following lines have issues that CodeCrypter cannot handle: (...) object queries and direct object method assignments (but object methods are supported)

Edited September 27 by RTFC

[habsi]

6 hours ago, RTFC said:

Hi @habsi; welcome to the forum. In the CodeCrypter FAQ pdf (part of the bundle) you'll find an extensive description how to identify and fix issues. For example, have you tested that a BackTranslated version of your script (instead of an encrypted one) does work? If obfuscation is enabled, does the issue persist when this is disabled? If your script is larger than, say, fifty lines, then you should first create the smallest-possible reproducer test script (throw out all code that has nothing to do with the error and/or the targeted object), and test that script instead. If you then still can't figure out what's going wrong, then you could post that tiny reproducer script (which has to run in Scite without external dependencies) in this thread (please use the "<>" code tags) for me to have a look at.

Be aware though of what the Codecrypter FAQ states regarding CodeCrypting objects:

Ty @RTFC and yes idid tested backtranslate version of my script its work well just delete some part using object

But when i encryp and obfuscation my scrip also work but run slower already try encrpy only no nest also already try obfuscation only still make my scrip run slower 

And for my object 

"<Global $catton = objcreate("catton.aplication")>"

[RTFC]

Obviously a fully encrypted script runs more slowly than a plaincode one, as every line needs to be decrypted first! If you want to reduce slowdown, you can opt to encrypt only selected functions you wish to keep secret (see button "UDFs") or encrypt only a proportion, or every Nth line.

Regarding your object issue, one line is of course totally inadequate for any kind of test (and I have no idea what "catton" is). I would need from you the smallest possible test script that runs normally when unencrypted and fails when encrypted.

[habsi]

On 9/28/2024 at 3:02 PM, RTFC said:

Obviously a fully encrypted script runs more slowly than a plaincode one, as every line needs to be decrypted first! If you want to reduce slowdown, you can opt to encrypt only selected functions you wish to keep secret (see button "UDFs") or encrypt only a proportion, or every Nth line.

Regarding your object issue, one line is of course totally inadequate for any kind of test (and I have no idea what "catton" is). I would need from you the smallest possible test script that runs normally when unencrypted and fails when encrypted.

Thank its much better 

I just use encrypt with cckey 6 for my c drive then i need fix missing object and [] on my array 

Then it only run on my desktop since use c drive serial

Now how to change c drive serial wihout use code encrypt because if i use code encrpy and put other serial on cckey 6

I need refix the object and [] on my array again 

 

[RTFC]

Glad you got the basics to work. Regarding your question, first of all, I'm assuming you already read this part of the FAQ:

Spoiler

Q. I wish to use a macro as my keytype definition, but decryption has to work on the user's machine, not on my own machine where I encrypt the script. Is this possible?

A. Definitely. In CodeCrypter, navigate to Tab "Encrypt" and set your keytype ID number (the $CCkey array index where you stored your macro call, in MCFinclude.au3). Then press the "Decryptor" button. The macro will be executed and you'll see two blue text strings. The top one is what the macro just returned, the bottom one is what MCF will use to encrypt your script with. If you want this decryption key to be different from the top entry, just type the expected response twice (to ensure no typos) in the bottom two boxes (switch boxes by pressing Tab / Shift-Tab). Then press "Ok." You can check the result by pressing the "Decryptor" button again; now the second blue-text box should contain the string you just typed. Do not close CodeCrypter or your typed entry will be forgotten (CodeCrypter intentionally never stores decryption keys). Pressing <Run> will produce a script that won't function in your own environment; it will work only on whatever environment(s) your selected macro returns the expected response you provided. Note: be extra careful when typing case-sensitive responses.

The answer to your question thus relies on what your target machine(s) is/are. If you're using a hardware signature such as the C drive (or CPU) serial number, your decrypted code will only run if the target environment returns those serials when queried at your script's startup. In other words, the encrypted script is machine-specific and will only run there. But Codecrypter is far more flexible than that. For instance, suppose you only want a group of trusted friends to be able to run your code, then you could use the password option (keyID = 1) and give each of them the secret word or phrase. Or maybe you wish to limit the period of time your code is functional; then you could for example append the current Month and Year macros as your key and distribute as many copies as you like; as soon as the next month starts, all copies will stop working as the decryption no longer produces valid code (of course, if online you could query public internet clocks rather than relying on a machine's internal calendar).

On a more advanced level, if you look at the key definitions in function _MCFCC_Init() in MCFinclude.au3, you'll notice that key retrieval is just a function call, and you can just as easily call your own sophisticated functions as relying on the simple examples provided. So suppose you want to set up a licensing system without storing the key in the registry of each machine where you install your programme. Then you could write a little function that instead tries to go online to connect to your own little server (see elsewhere on the forum how to set one up), and queries your database of all your customers that legally bought your software, and if matching the ID sent by your code, the server returns the decryption key(s); if no connection is made, it just produces a message that online connectivity is required for it to work and exits gracefully. Of course this setup does require your server to be online all the time, otherwise your users will get annoyed.

Earlier in this thread a user requested a way to get a single, encrypted, portable executable, and they didn't care if the  decryption key was discoverable, just to make it difficult enough that the average user would find it too hard to do. In that case, you could consider using the macro @AutoItExe, which returns the full path and filename of the executable of your compiled script (note that the uncompiled encrypted version then won't work(!), as the macro then returns the AutoIt interpreter's full path and name instead, so it would fail when run uncompiled from Scite). I personally wouldn't recommend this, but it's a quick and dirty fix to get some protection. Also note that the decryptor includes the path (unless you remove that part), so if the user decides to move your exeecutable to a different path, it won't work either anymore.

These are just examples; your own skill and imagination (and AutoIt's own capabilities) are the only limits on what you can achieve and how to set it up. Simply put: Trusted users? Use a password; trusted/controlled environment? use system specs, hardware IDs, etc. Any other situation? Get creative.

Edited September 30 by RTFC

[habsi]

19 hours ago, RTFC said:

Glad you got the basics to work. Regarding your question, first of all, I'm assuming you already read this part of the FAQ:

  Reveal hidden contents

Q. I wish to use a macro as my keytype definition, but decryption has to work on the user's machine, not on my own machine where I encrypt the script. Is this possible?

A. Definitely. In CodeCrypter, navigate to Tab "Encrypt" and set your keytype ID number (the $CCkey array index where you stored your macro call, in MCFinclude.au3). Then press the "Decryptor" button. The macro will be executed and you'll see two blue text strings. The top one is what the macro just returned, the bottom one is what MCF will use to encrypt your script with. If you want this decryption key to be different from the top entry, just type the expected response twice (to ensure no typos) in the bottom two boxes (switch boxes by pressing Tab / Shift-Tab). Then press "Ok." You can check the result by pressing the "Decryptor" button again; now the second blue-text box should contain the string you just typed. Do not close CodeCrypter or your typed entry will be forgotten (CodeCrypter intentionally never stores decryption keys). Pressing <Run> will produce a script that won't function in your own environment; it will work only on whatever environment(s) your selected macro returns the expected response you provided. Note: be extra careful when typing case-sensitive responses.

The answer to your question thus relies on what your target machine(s) is/are. If you're using a hardware signature such as the C drive (or CPU) serial number, your decrypted code will only run if the target environment returns those serials when queried at your script's startup. In other words, the encrypted script is machine-specific and will only run there. But Codecrypter is far more flexible than that. For instance, suppose you only want a group of trusted friends to be able to run your code, then you could use the password option (keyID = 1) and give each of them the secret word or phrase. Or maybe you wish to limit the period of time your code is functional; then you could for example append the current Month and Year macros as your key and distribute as many copies as you like; as soon as the next month starts, all copies will stop working as the decryption no longer produces valid code (of course, if online you could query public internet clocks rather than relying on a machine's internal calendar).

On a more advanced level, if you look at the key definitions in function _MCFCC_Init() in MCFinclude.au3, you'll notice that key retrieval is just a function call, and you can just as easily call your own sophisticated functions as relying on the simple examples provided. So suppose you want to set up a licensing system without storing the key in the registry of each machine where you install your programme. Then you could write a little function that instead tries to go online to connect to your own little server (see elsewhere on the forum how to set one up), and queries your database of all your customers that legally bought your software, and if matching the ID sent by your code, the server returns the decryption key(s); if no connection is made, it just produces a message that online connectivity is required for it to work and exits gracefully. Of course this setup does require your server to be online all the time, otherwise your users will get annoyed.

Earlier in this thread a user requested a way to get a single, encrypted, portable executable, and they didn't care if the  decryption key was discoverable, just to make it difficult enough that the average user would find it too hard to do. In that case, you could consider using the macro @AutoItExe, which returns the full path and filename of the executable of your compiled script (note that the uncompiled encrypted version then won't work(!), as the macro then returns the AutoIt interpreter's full path and name instead, so it would fail when run uncompiled from Scite). I personally wouldn't recommend this, but it's a quick and dirty fix to get some protection. Also note that the decryptor includes the path (unless you remove that part), so if the user decides to move your exeecutable to a different path, it won't work either anymore.

These are just examples; your own skill and imagination (and AutoIt's own capabilities) are the only limits on what you can achieve and how to set it up. Simply put: Trusted users? Use a password; trusted/controlled environment? use system specs, hardware IDs, etc. Any other situation? Get creative.

Ty for answer and nice scrip free to use help me aloot  @RTFC