Jump to content

Recommended Posts

Posted

@Borje  You have already confirmed that it works with a desktop path without special letters.
Unfortunately, I can not undertake any further investigation because I have no suitable environment.

App: Au3toCmd              UDF: _SingleScript()                             

Posted

Ok, I understand i think it could also be in the power shell to I think a solution can be if it possible to change the code page encoding.

Posted (edited)

Here is a special debugging version.
It includes a codepage change: chcp 1252
Just show me the resulting window.

Obsolete code deleted.

 

Edited by Exit
Obsolete code deleted.

App: Au3toCmd              UDF: _SingleScript()                             

  • 1 month later...
Posted

Hi, 

Nice job creating this, looks realy promising. 

But... When I run the cmd file, my scripts starts just fine. But when I extract the zip and run the newly genereated CMD file, it looks like my script file is scrambled.

test.png.f4eb70560cc3d8ebda77161f822ef4ec.png

 

Any clues how to debug?

 

 

Posted

Thanks for your report.
Since the original CMD file works, I assume that there is a problem with the unzipper.
Which unzipper do you use?
Buildin Windows or 7Zip or ...?

Can you please try a simple script?
For example the one-liner:

MsgBox (0, default, "Hello world")

 

App: Au3toCmd              UDF: _SingleScript()                             

Posted (edited)

Yes that worked, 

So I tried again, and remembered I cheated a little. When I run the au3tocmd script, it runs au3check.exe", ' -q, and gave me an error. So stubborn me, I removed that line.

So now I restored the line and fixed the error:  I run autoit from beta, so I modified  your script to "$sA3Dir & "\beta\" on several lines. 

Now it created a zip without issues

I extracted the zip again (tried 7zip and builtin windows explorer) ,and run the CMD file. Now it just does seem to run the autoit script at all. (But it does not give a scrambled autoit error either) When running from cmd prompt I get this:

 

test4.png.75af6b2c9acd4cd35e14f96f316889c3.png

The original cmd file gives me: processid = 644 and returnvalue = 0, and than the script starts up normally. 

I will try to extract the datastream with nirsoft AlternateStreamView and see how that goes.

 

I added the zip 

blogt4.cmd.ADS.zip

Edited by MightyWeird
Typos
Posted
16 hours ago, MightyWeird said:

Yes that worked, 

What worked? The one-liner in the zipped version? 
If YES, then send me please the source of the failing script for debugging.

App: Au3toCmd              UDF: _SingleScript()                             

Posted

I have now tested your script and found no errors. Neither in the CMD version nor in the zipped CMD version.
The GUI shows fine.
However, I haven't tested the beta version.

App: Au3toCmd              UDF: _SingleScript()                             

Posted

You are correct. The problem was on my end. 

I got a fresh copy of your script without my beta modifications. I modified my script / setup to non beta. 

Looks fine now.

Thank you.

 

Posted

Hello @MightyWeird . Just one more note if you want to use the Autoit Beta version:
Do not modify the Au3toCmd, just compile your script in the beta environment and use the resulting EXE file as input in Au3toCmd.

App: Au3toCmd              UDF: _SingleScript()                             

  • 1 month later...
Posted

Hi Exit
Which is best to convert an exe file to a3x and then run yours
Au3toCmd or running the exe file in your Au3toCmd program?
Which of these options will be the best protection against Avoid false positives?

 

 

Posted
58 minutes ago, Borje said:

Hi Exit
Which is best to convert an exe file to a3x and then run yours
Au3toCmd or running the exe file in your Au3toCmd program?
Which of these options will be the best protection against Avoid false positives?

 

 

I am very interested in this topic. 

Never used the ax3 way only because I think is more vulnerable than a .exe (yes you can decompile... but I wrote password in crypted .ini files and some other tricks..)

In my company we use extensively Autoit EXEs (no a3x), so much that my company agree to  add global virus exceptions to the executables made with autoit.

And executables with FTP/SFTP instructions are always suspect to antiviruses....

But I don't love this approach, and also I want to distribute some executables outside my company (friends.. with other antiviruses)

I am trying this @Exit solution and it's working well, now I am guessing how to deploy my scripts remotely and autoMagically (you have to distribute a .zip, unzip, and first time launch a .cmd, check the existance of the icon...  ) 

Also my concern is about the alternate data stream... Maybe one day the AV (and other security tools we have...) can start to  check also the alternate data stream ... I don't know.... 

Posted
1 hour ago, Borje said:

Which of these options will be the best protection against Avoid false positives?

Hello @Borje, I think that the solution with entering an A3X file is better than entering an EXE file, because the "Autoit3.exe" file is accepted as trustworthy by most virus scanners.

19 minutes ago, t0nZ said:

now I am guessing how to deploy my scripts remotely

Hello @t0nZ,, unfortunately the way via a zip file is inevitable, as ADS files cannot be sent via FTP or email.

20 minutes ago, t0nZ said:

Also my concern is about the alternate data stream... Maybe one day the AV (and other security tools we have...) can start to  check also the alternate data stream ...

and that's why I recommended Borje to use the A3X variant.

App: Au3toCmd              UDF: _SingleScript()                             

Posted

First of all : This is not a negative evaluation of the project made by @Exit !

53 minutes ago, t0nZ said:

Never used the ax3 way only because I think is more vulnerable than a .exe (yes you can decompile... but I wrote password in crypted .ini files and some other tricks..)

According to my knowledge, a standalone .a3x file is no different from the variant included in the .exe (experts like @Jos may correct me). Therefore an .a3x file is not more vulnerable at all.

The aspect "alternate data streams" has just been answered by @Exit  while I was writing this post :lol:.

Musashi-C64.png

"In the beginning the Universe was created. This has made a lot of people very angry and been widely regarded as a bad move."

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...