Jump to content

Recommended Posts

Posted

Impressive to say the least, RTFC :D but one question, please.

I can see that Codecrypter will make my script virtually unbreakable but I cannot see (yet) how to be able to install remotely, i.e., in the past I would write C code and compile it so, (yes it can be decompiled but not easily), then installed on the end machine. Installation would produce a unique machine key from which I would provide an unlock PIN so the program would run correctly.

Your link :thumbsup: to _WinAPI_UniqueHardwareID() would allow me to do this but can I combine with Codecrypter and my script 'compiled' in my office?

The most powerful number in the Universe.  Zero.

Posted (edited)

Thanks.^_^

Serendipitous question.:D The next Codecrypter version (to be released within a few weeks from now) will come with a new utility that you can run from a USB stick to obtain the full CCkey array as returned by a target machine, saved in an encrypted profile on the stick. Once transferred to your CodeCrypter environment, the Decryptor submenu then allows you to press a new button that will upload that profile for the encryption. This will allow multiple keys (key cycling) to be used on remote machines. Still testing this at the moment.

In the meantime, the existing "Decryptor" option under the Encrypt Tab should already be able to serve your needs if you're using a single hardware ID (which itself can be a composite of multiple hardware specs, as you know). Just open MCFinclude and replace one of the key definitions in CCkey by a call to _WinAPI_UniqueHardwareID, e.g.:

$CCkey[2]=@ComputerName ; some simple examples...
    $CCkey[3]=@UserName     ; case-sensitive!
    $CCkey[4]=_WinAPI_UniqueHardwareID($UHID_MB)    ; motherboard specs
    $CCkey[5]=_WinAPI_UniqueHardwareID($UHID_CPU)   ; CPU specs
    $CCkey[6]=DriveGetSerial("C:")
    $CCkey[7]=@IPaddress1   ; ensure your IP is fixed (no DHCP) on the machine that will run your target!

Of course, at the top of MCFinclude you'll also need to add:

#include <APIDiagConstants.au3>
#include <WinAPIDiag.au3>

Then (in the absence of my USB stick utility to be released later) you'll just have to obtain whatever those hardwaredID calls return on your target machine(s), and paste that in manually after pressing the Decryptor button and defining key 4 or 5 as your (single) decryptor. Of course, nothing prevents you from calling your own function instead that produces some compound string involving numerous IDs or other specs. Just be aware that you'll be unable to test the encrypted script on your own machine, so you'd do well to run a BackTranslated version first to ensure the MCF encoding works as expected.;)

Edited by RTFC
Posted

:) I'll wait and use the _WinAPI with CipherTot for a couple of weeks.  This code HAS to be with me in Shanghai in less than two weeks :'(

I'll follow with severe interest.

 

 

The most powerful number in the Universe.  Zero.

Posted (edited)

@fopetesl I'm going to be offline for a bit. Given your timeframe, this might help, but using it is entirely at your own risk.o:) First update MCFinclude.au3, then compile profiler. Running at target machine stores file profile.mcf on stick; transfer this to you CodeCrypter directory on your own machine. Prior to encryption, press Decryptor button, then press "Profile" button. No guarantees, no warranties, as usual. Hope it helps.:)

<snip>

EDIT: see first post in this thread for the updated bundle (v2.2).

 

Edited by RTFC
Posted (edited)

Bundle version 2.2 released, with @Deye's highly useful UDF filtering mod incorporated (many thanks once again for that, Deye! :)), plus the (still somewhat experimental) storeCCprofile utility, with which one can extract all key definition responses on a target machine (encrypted) on a USB stick, to be uploaded on your own machine for CodeCrypter to generate an encrypted script that'll run only on that target machine (provided you're using hardware-specific keys, of course). Still with me?:wacko:

Not only does this facilitate the process for single keys (which you no longer have to type in twice in the dialog under the Decryptor Button), but also enables multi-key cycling for machines other than the one Codecrypter is running on, as the entire CCkey array from the target machine is now available after pressing the new "Profile" button, which uploads the (decrypted) contents of the profile.mcf file on your USB stick. Note that if you change the key definitions in MCFinclude.au3, you'll need to re-compile storeCCkey.au3 (which #includes MCFinclude.au3) as well.

Edited by RTFC
  • 2 months later...
Posted
51 minutes ago, Miliardsto said:

better to use stripper or obfuscator or crypt?

If you have to choose, CodeCrypter's encryption provides much stronger protection than obfuscation, because only encryption prevents running or analysing an encrypted script outside of its targeted environment.

  • Developers
Posted (edited)
59 minutes ago, Miliardsto said:

If I use crypt evrything is ok but crypt + obfuscate = errors

better to use stripper or obfuscator or crypt? xd

For the record: Obfuscator & Au3Stripper do  not give you ANY protection and merely makes the script much harder to read as stated in the Helpfile!
As to the Errors: Guess my last answer didn't solve your issues.

Jos

Edited by Jos

SciTE4AutoIt3 Full installer Download page   - Beta files       Read before posting     How to post scriptsource   Forum etiquette  Forum Rules 
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Posted

I see with my code options "translate" and "obfuscate" used with crypt provide so much errors. I read it may be normal thats getting lost when code is too confusing or it does not support some functions etc, im right? I dont want to change so much things so skip this and use encrypt only.

So we have here so much options in crypter, even the description does not sound familiar to me.

Encrypt content 3 things, more secure if 3 checked?

There are options single key, multiple keys, subset def. What values would give more security? or keep it default.

Change structure - enable indirection, enable phrasing; which check better?

 

----

As to errors: security matter is so immense and additionally little known by me. Stay hungry stay foolish

Posted

CodeCrypter is a front-end for my MCF library. It can perform a variety of functions, which is why it supports many different options. But a number of "presets" is provided that enable-1-click settings for ease of use.

More specifically regarding your questions:

If you wish to protect your script, translation is irrelevant, as this is for translating your GUI strings, user messages, and labels into different languages. So do not tick any checkboxes under "Translate."

Obfuscation is similar to translation, in that it replaces variable- and/or function names with long hexadecimal strings that are difficult to read for humans. As Jos already pointed out, obfuscation does not protect your script, it just makes understanding what goes on a bit harder for people trying to analyse the code. So you can leave those checkboxes unticked as well.

Under the Tab "Encrypt" I would suggest you tick "Phrases" and "Strings" only; you can also leave "Strings" unticked, then your code will execute faster (fewer decryption calls), but all text strings will then be legible (unchanged) in the encrypted version of your script.

Forget about subsets (encrypting only parts of your script) and indirection (more slowdown, but makes it harder for hackers to analyse) for now. Do not Shuffle multiple keys either, start by using a single key.

Under Tab "Structure" activate only "Enable Phrasing."

 

IMPORTANT: before you start CodeCrypter, you first have to:

  • study the $CCkey definitions in function _MCFCC_Init() in MCFinclude.au3 (ca. line 200) to decide which key your script will be using for en/decryption. The $CCkey array index = numeric key ID in CodeCrypter (under Tab "Encrypt"). For example, by default, key 2 = whatever macro @computername returns, key 3 = whatever macro @username returns, key 4 = whatever your motherboard hardware returns as ID, etcetera. You can replace these with your own definitions as you see fit.
  • #include MCFinclude.au3 in your script (below your other includes, but above your own code)
  • run CodeScanner to produce the MCF files for your script (so CodeCrypter knows what is what)

The underlying idea is that anyone can copy your encrypted script, but it will use whatever the environment returns locally as decryption key, producing garbage unless it matches whatever the script was encrypted with.

  • 2 weeks later...
Posted (edited)
Func _MCFCC(Const $hexstring,$Index=0)
    Return BinaryToString(_AesDecrypt($CCkey[$Index],$hexstring))
EndFunc
Execute(_MCFCC("0x3E412784925C5828FBF21D820DB2354F27D09C711B1037F92BF5A9C40D082875191674F69433659275C74D6CE0CC20CF"))

(5110) : ==> Variable used without being declared.:
Return BinaryToString(_AesDecrypt($CCkey[$Index],$hexstring))
Return BinaryToString(_AesDecrypt(^ ERROR

All includes good, script at least run, but this error appears when I run function in my program

Why it returns this error?

 

Using Other method this same

error.jpg

Edited by Miliardsto
Posted

Without a (minimum-sized!) reproducer script, there's no way anyone except you could possibly figure out what is wrong in your set-up.

Posted

Ok how it looks I put MCFinclude on the end of script to crypt only one func

all settings in MCF are default

#include "MCFinclude.au3"

Func caster($1, $2, $3, $4)
            MsgBox(0,0,"HEHE")
EndFunc   ;==>caster

 

how looks end of MCF0test.a3

Func _MCFCC(Const $hexstring,$Index=0)
    Return BinaryToString(_AesDecrypt($CCkey[$Index],$hexstring))
EndFunc
Execute(_MCFCC("0xFDC21601806E93F06BBD7D45F99C79AAC91054A03DFFD95399086F95C4A2A69D9EC51B801DCE62A2B5C3BCA680001FFC"))

Func _dummyCalls()
    Execute(_MCFCC("0xBD25F88F746B3786BE932AA40256A5F2F4583EF70F2FDEE2E6CA1F757CA1CABDC73AD1E020420F6EE6B7C011A81DB069"))
    Execute(_MCFCC("0x70E9D703461C0EC8423D9A116ECA526A7579A9F02120F2DCFBEC33037A57964D"))
    Local $a=0,$b=1
    Local $c[1]
    Execute(_MCFCC("0x10F63382C3EFDCBF161393B33FE57C6EBCAA627FD5C4FD3A61D7E5C7A0268D40E1A06B3F98600095CF26D4356443EDEC"))
    Execute(_MCFCC("0x14C313C2EE1FAA1CBD24902BFCACF904E8534842B667798C8C8DDB0390A0B65DAC0097AEB50EACC7B320069CB2B4260A"))
    Execute(_MCFCC("0x2AB19FD826D1C02B97D1DD2B3E1F4DF4F182C81539E7AB474127C7DA4475CF0A229AD03A88E7A737AFB8D9E3025F8B0C"))
    Execute(_MCFCC("0x4A1E66F0EF5BF40C7DAD490F04711A5BAE8CBBC8903C3E0FEDF324127C0D6281EB1E6F353616453BA4C3F642EA78A64A9A0886C02421089BA92D85990FFC780D"))
    Execute(_MCFCC("0xC738B7ADB02C44C7272DEF1A7EDEAEC0C2A7973B42BDCEFF4E9E20EEF5F44997F7409CDC920E53E33639A2F8A154FAF8"))
    Execute(_MCFCC("0x51D6E8C0E6278FE744D7802FD6D24AC490DFBA5DEBBF10D0BC3BBD0297117D9219A380C81E8501CB3A004421E8060BDACA4E62CE0BEAD82FD0919E1D8B906585"))
EndFunc

Func _MCFCC_Init($Type=0,$query=True)
    ReDim $CCkey[8]
    If Execute(_MCFCC("0x75F41993928F753C434519681FDB64F1168A465CCAAB33E0B58EC3981ABDDBFA2225C54E3EE23DF2672B4BE7EB705FBD")) Then
    $CCkey[1]=$cmdline[1]
    Else
    $CCkey[1]=_MCFCC("0x58DEA7AC7E4BC05AD6D9C2CC2FD0D619F48F173CF59B6DE2E40DB688B04CA7C2")
    EndIf
    $CCkey[2]=@ComputerName
    $CCkey[3]=@UserName
    $CCkey[ 4 ]=Execute(_MCFCC("0x48850CA6C26902FE4E90FCC98E4A922659F9D09448028B1535280FE33250D2923269BC5268161F85D4A7FDE5D309317984D08F270012DDA6A3720B85E38A9A4D"))
    $CCkey[ 5 ]=Execute(_MCFCC("0x02C6570003E0D84831C8E9A4401AF24096D32CE9E05FB37DE201424F9A681F3CA6E479D84F53D22253A7D7EC6FACF85A2A43AD47D19C636CC2A328C73DC8AFE4"))
    $CCkey[ 6 ]=Execute(_MCFCC("0x02D417ED586A7A1CA7C31A85086D97F6F98D65323AA4D5991515DC00F90783A569E63C1A6D530C1E73B92E2132677C3B"))
    $CCkey[7]=@IPaddress1
    If Execute(_MCFCC("0x3D3368FAA710867DCFAFBCD8561CE2882861D368B5DF6AA100D637F51A75C9C2")) Then $Type=1
    If Execute(_MCFCC("0xF2C4AF44E1CAAEDD567C90EB30B44DF9429FDC0D76EB209E1FF0AC1B6186E70942D61416B12F37C8029901D3FD37D126EC03B2AC6F663EF5B90B98850AFD1156")) Then
    $CCkeytype=1
    $CCkey[$CCkeytype]=Execute(_MCFCC("0x0699F39B0F0226C0AFC22C2E1A26A847B56D212E3FBD6FD6250D27D535463345"))
    Return
    EndIf
    If Execute(_MCFCC("0x184FEFA3C8327BC7D0FC39A44E7203D337DE735B6B9BCE010516A9921B13912D242DB49F48A069D66AA73670909AA4007A46310AEF113BBD2C3362911EE38BB1")) Then $CCkey[$Type]=Execute(_MCFCC("0x8349506C262827D9A8C15198DF67C2CD9DF59C2CD0AE26106338F7AFD9607E7A28BAC5E08C0F24028FCDF3AF97861FF469F8C8A2576AB626B28719161B74CB7FF546B519DB2B1CFA7B863898597BB27F3798CB28E7F5081A21A9625CCB71689EAFAFC53ABAF5415307BAAF94630EEA97"))
    $CCkeytype=$Type
EndFunc

Func caster($1,$2,$3,$4)

    Execute(_MCFCC("0xA91E7F996E0D20BC0BF281DD95E968710E98EC46748EC7DA1EB6B59C361A3989A152C6485BBBA790F1881BF219F06F1C",3))

EndFunc

 

so only msg box is encrypted and it returns

 Variable used without being declared.:
Return BinaryToString(_AesDecrypt($CCkey[$Index],$hexstring)

If I change Execute(_MCFCC("0xA91E7F996E0D20BC0BF281DD95E968710E98EC46748EC7DA1EB6B59C361A3989A152C6485BBBA790F1881BF219F06F1C",3))

to msgbox("","","bleble") then it works

 

any thoughts?

 

Posted (edited)

Obviously you need to include the $CCkey definition (in MCFinclude.au3) before you call your encrypted function, not just before the function definition itself (assuming the call precedes the definition). How do you expect your script to be aware of globals if their definition is not encountered before it starts using them?;) Add if you wish to encrypt only particular parts of your scripts, please study the FAQ (see button "UDFs" under Tab Encrypt).

Edited by RTFC
Posted

ojoj xd. it brought me closer to the desired effect. Thanks again.

  • Is there other option to exclude functions to crypt than option Subset only - UDF. There are no listed functions I want to disable
  • Almost done but functions have original names and code not look messy, obfuscator give some many errors
  • Maybe make obfuscation before crypt with autoit stripper?
Posted
5 hours ago, Miliardsto said:

Is there other option to exclude functions to crypt than option Subset only - UDF.

Yes; if you tick the checkbox SubSet Only, then you can enter a value in the input box next to it. If this value is between 0 and 1, CodeCrypter will encrypt that random proportion of lines within the script. If the value is an integer N > 1, CodeCrypter will encrypt every Nth line only. Use this for scripts that cannot be slowed down much.

5 hours ago, Miliardsto said:

obfuscator give some many errors

I've never had any errors with obfuscating function names (when called directly), like, ever. It shouldn't affect functionality at all. Please produce a tiny reproducer script if you wish me to have a look at it, and possibly fix it.

5 hours ago, Miliardsto said:

obfuscation before crypt with autoit stripper

That would be a possible alternative. Why don't you just try it?:)

Posted (edited)

Minor Bug Fix, pending the next CodeCrypter release:

In MCF.au3, function _EncryptArrays(), please replace line 1604 (or thereabouts, depending on your version):

If $index>0 And $index<UBound($selectedUDFstatus) Then

with this one (containing ">=" instead of ">"):

If $index>=0 And $index<UBound($selectedUDFstatus) Then

This prevented the "Main Script" section from remaining unencrypted despite being user-deselected in the list of encryptable UDFs (under CodeCrypter Tab "Encrypt") . This fix will be included in the next update, but that might take a while yet, as I'm about to start my annual hibernation.:yawn: It's the winter solstice today (in about two hours and 16 minutes), you know...

Edited by RTFC
Posted (edited)

grrrrrrrrrr. If i understand correctly If i want to run crypted script in other computer I have to type password in decryptor single key?

If I set password in decryptor after crypt it gives me errors Grahh - Subscript used on non-accessible variable, if I not enter password in decryptor it works great

I got so much problems cause I got this metro udf, there are functions cannot be even obfuscated(striped). Encryption makes like 100 errors

;theme
#include "MetroGUI_UDF.au3"
#include "GUIDisable.au3" ; For dim effects when msgbox is displayed
#include "noStripFuncs.au3"



#include "MCFinclude.au3"
;================================================================

; for web protocol
#include "BinaryCall.au3"
#include "JSON.au3"
#include "http.au3"

 

before no problems with these vars

 

    Global $Control_Buttons[16]
    Global $Button_Close_Array[16]
    Global $Button_Minimize_Array[16]
    Global $Button_Maximize_Array[16]
    Global $Button_Restore_Array[16]
    Global $Button_Menu_Array[16]
    Global $Button_FullScreen_Array[16]
    Global $Button_FSRestore_Array[16]

I made them globals also nothing changed

probably becouse these metro udf is above #include "MCFinclude.au3" thats why errors appears? but like I said If i dont use decryptor password it works.

 

metrobtn.jpg

//////////////

I put all vars calls to them above mcfinclude and what happen, program starts first gui works and second gui not appear. No error displayed

////////////

tried other small script encrypted with password in decryptor and nothing happens too

/////////

see other ppl got similar problem. I used normal <crypt> and program not appears too. I tested on win 10 64bit and 8.1

Edited by Miliardsto
Posted (edited)

No minimum-sized reproducer script = no fix on my part.:evil:

You can try to uncheck all checkboxes under CodeCrypter's Tab "Single-Build," that way all redundant parts of the script are kept in. Other than that, I would suggest you follow the troublshooting guidelines in the FAQ, and work the problem systematically. Place an unencrypted and an encrypted version of the script side by side (in two copies of SCite for example) and start gradually replacing unencrypted parts by encrypted ones, adm rerun until it start breaking, then repeat at finer scale until you've identified the issue. Or you start with a hello world script, and add your Metro UDF, and see if the problem lies there. You should also do a Backtranslation pass to check that CodeCrypter is able to reconstruct the script from its MCF constituent parts. If you then come back to me with a specific issue (e.g., command X with these parameters fails after encryption, as shown in this 50-line reproducer), then I can have a look. If the password query doesn't work, then use a different encrpytion key, or write your own password query function that is called to fill a $CCkey item. And maybe it turns out that the Metro UDF is incompatible with CodeCrypter, or it may be something  trivial. Either way, I'm not going to keep guessing; winter is coming...

Edited by RTFC

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...