Rhyono Posted December 13, 2012 Posted December 13, 2012 @BrewManNH I don't know what the size ratio typically is for obfuscated code, but I was using Mat's example. 105 bytes to 2826, which results in 26.91 times larger. It looks like you're saying that a non-obfuscated script would be compiled to be far larger than 27x the source (which I know it is), that also seems to imply that obfuscated code isn't much smaller than after compiling. Is obfuscated about the size of compiled or is it just a smaller multiplier?
BrewManNH Posted December 13, 2012 Posted December 13, 2012 (edited) When I compile a script with obfuscator using default settings, original source is about 1760 lines and 84K in size, the end result file is 1602k in size and 20600 lines long due to all the includes I use. If I obfuscate it with just /sv and /sf which removes unused functions and variables (similar to what /so does) but still obfuscates all the functions and variables and whatnot the end result is 564K in size and 7240 lines or so. If I do the same script with just the /striponly parameter it comes out at 536K and around 6240 lines. So, by looking at the results of this, if you do not use Obfuscator at all, your file is going to be a lot larger than just your source code if you use any of the larger include files. If you run it and just use Obfuscator to strip the unused functions etc., it's about the same size (+/- 30K or so in my case) with or without obfuscation. Edited December 13, 2012 by BrewManNH If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag GudeHow to ask questions the smart way! I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from. Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays. - ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script. - Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label. - _FileGetProperty - Retrieve the properties of a file - SciTE Toolbar - A toolbar demo for use with the SciTE editor - GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI. - Latin Square password generator
Developers Jos Posted December 13, 2012 Author Developers Posted December 13, 2012 (edited) @Jos I'm just one of those people that considers source code that is 27 times larger to be massive. Actually, in general I consider 27x to be quite a bit larger.This is only for short scripts without Includes due to some overhead Func's being added. You will find that it is different for larger scripts and there are a couple of things to minimise the size by an option to obfuscate minimum to shorten all variable/func names and the Strip function, which removes all unused Func's and Global Variables.You will find that the script in the EXE is many times smaller than simply compiling it. (Hence my remark )Jos Edited December 13, 2012 by Jos SciTE4AutoIt3 Full installer Download page - Beta files Read before posting How to post scriptsource Forum etiquette Forum Rules Live for the present, Dream of the future, Learn from the past.
JohnOne Posted December 13, 2012 Posted December 13, 2012 Jos, is the encryption for renaming variables, one way encryption? AutoIt Absolute Beginners Require a serial Pause Script Video Tutorials by Morthawt ipify Monkey's are, like, natures humans.
Developers Jos Posted December 13, 2012 Author Developers Posted December 13, 2012 Jos, is the encryption for renaming variables, one way encryption?It is a one-way rename process. SciTE4AutoIt3 Full installer Download page - Beta files Read before posting How to post scriptsource Forum etiquette Forum Rules Live for the present, Dream of the future, Learn from the past.
Rhyono Posted December 14, 2012 Posted December 14, 2012 @Jos I can see why some calls and executes would break it (since it seems a lot of what it does is converting everything to be called or executed), but what causes event/GUI related things to break it?
Mat Posted December 14, 2012 Posted December 14, 2012 (edited) @Jos I can see why some calls and executes would break it (since it seems a lot of what it does is converting everything to be called or executed), but what causes event/GUI related things to break it?Anything requiring a string function name is broken. (Edit: apart from in the case where obfuscator can read the string as Jos said above) Edited December 14, 2012 by Mat AutoIt Project Listing
Rhyono Posted December 14, 2012 Posted December 14, 2012 (edited) I'm guessing the following two would break, right? $startButton = GUICtrlCreateButton("Start", 81, 160, 75, 25) GUICtrlSetOnEvent($startButton,"begin") GUIRegisterMsg($wm_command,'_return') Edited December 14, 2012 by Rhyono
BrewManNH Posted December 14, 2012 Posted December 14, 2012 Wrong, they'd both work just fine. You should probably test these things for yourself prior to asking if they'd work. 1 minute of typing up some workable code would have answered the question. If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag GudeHow to ask questions the smart way! I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from. Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays. - ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script. - Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label. - _FileGetProperty - Retrieve the properties of a file - SciTE Toolbar - A toolbar demo for use with the SciTE editor - GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI. - Latin Square password generator
Rhyono Posted December 14, 2012 Posted December 14, 2012 @BrewManNH I'd prefer to know why they would work over simply knowing they would. Learning the rules of what works in the obfuscator is a lot easier than guessing at it all of the time. I thought it wouldn't work because Mat said that anything using a string variable name wouldn't work, but flipping back to Jos' example it looks like trying to concatenate or store a string in variable would break it. Is that the only rule? All of those works as long as you don't try to concatenate a string or store a string in a variable?
Mat Posted December 14, 2012 Posted December 14, 2012 @BrewManNH I'd prefer to know why they would work over simply knowing they would. Learning the rules of what works in the obfuscator is a lot easier than guessing at it all of the time. I thought it wouldn't work because Mat said that anything using a string variable name wouldn't work, but flipping back to Jos' example it looks like trying to concatenate or store a string in variable would break it. Is that the only rule? All of those works as long as you don't try to concatenate a string or store a string in a variable?No, string representations of functions will break IF its not a string literal. So your close, but its if you try and do anything to a string, not just concatenating or storing in a variable. Rhyono 1 AutoIt Project Listing
wraithdu Posted December 14, 2012 Posted December 14, 2012 Basically, obfuscator cannot know the value of a variable at runtime. So this would break: #Obfuscator_Parameters=/sf /sv /om /cs=0 /cn=0 $startButton = GUICtrlCreateButton("Start", 81, 160, 75, 25) GUICtrlSetOnEvent($startButton,"begin") $func = '_return' GUIRegisterMsg($wm_command,$func) Func _return() EndFunc So when obfuscating, it looks at the registered function $func, has no idea what the value is (remember it is not the interpreter and has no idea about variable values, etc), and removes Func _return() because it seems it is not used. $0 = GUICtrlCreateButton("Start", 81, 160, 75, 25) GUICtrlSetOnEvent($0,"begin") $1 = '_return' GUIRegisterMsg($2,$1) Versus your example, obfuscator knows that GUIRegisterMsg takes a function name as its second parameter, and since it is a literal string it can find it, alter its name, whatever. You can manually make my example work by using the #Obfuscator_Ignore_Funcs directive. #Obfuscator_Parameters=/sf /sv /om /cs=0 /cn=0 #Obfuscator_Ignore_Funcs=_return $startButton = GUICtrlCreateButton("Start", 81, 160, 75, 25) GUICtrlSetOnEvent($startButton,"begin") $func = '_return' GUIRegisterMsg($wm_command,$func) Func _return() EndFunc #Obfuscator_Ignore_Funcs=_return $0 = GUICtrlCreateButton("Start", 81, 160, 75, 25) GUICtrlSetOnEvent($0,"begin") $1 = '_return' GUIRegisterMsg($2,$1) Func _return() EndFunc Rhyono 1
wraithdu Posted December 14, 2012 Posted December 14, 2012 (edited) Further, since I think this might be your next question, what happens if _return() is called somewhere else and not removed entirely? #Obfuscator_Parameters=/sf /sv /om /cs=0 /cn=0 $startButton = GUICtrlCreateButton("Start", 81, 160, 75, 25) GUICtrlSetOnEvent($startButton,"begin") $func = '_return' GUIRegisterMsg($wm_command,$func) _return() Func _return() EndFunc It gets renamed and breaks anyway. $0 = GUICtrlCreateButton("Start", 81, 160, 75, 25) GUICtrlSetOnEvent($0,"begin") $1 = '_return' GUIRegisterMsg($2,$1) _3() Func _3() EndFunc Of course the Ignore_Funcs situation is handled as well, and is the safest way out. _return() retains its original name everywhere. #Obfuscator_Ignore_Funcs=_return $0 = GUICtrlCreateButton("Start", 81, 160, 75, 25) GUICtrlSetOnEvent($0,"begin") $1 = '_return' GUIRegisterMsg($2,$1) _return() Func _return() EndFunc Edited December 14, 2012 by wraithdu
Rhyono Posted December 14, 2012 Posted December 14, 2012 Thanks Mat and wraithdu, that explains it quite thoroughly.
EQuSu Posted February 5, 2013 Posted February 5, 2013 Hi I'm trying to decompile an .exe autoit file using exe2aut.exe I get na obfuscated script which is fine since i'm not really interested in editing it, but when i try to run the .au3 script that i got, it gives me an error asking for a .tbl file. I don't get that .tbl file after the exe2aut.exe decompile, so how can i extract it from the autoit .exe? Or is there some other way? Thanks
JohnOne Posted February 5, 2013 Posted February 5, 2013 What is the original file? AutoIt Absolute Beginners Require a serial Pause Script Video Tutorials by Morthawt ipify Monkey's are, like, natures humans.
Moderators Melba23 Posted February 5, 2013 Moderators Posted February 5, 2013 EQuSu,Welcome to the AutoIt forum. Unfortunately you appear to have missed the Forum rules on your way in. Please read them now (there is also a link at bottom right of each page) - particularly the bit about not discussing decompilation - and then you will understand why you will get no help. And if you ever mention decompiling a script again you will be permanently removed from the forum. M23 Any of my own code posted anywhere on the forum is available for use by others without any restriction of any kind Open spoiler to see my UDFs: Spoiler ArrayMultiColSort ---- Sort arrays on multiple columnsChooseFileFolder ---- Single and multiple selections from specified path treeview listingDate_Time_Convert -- Easily convert date/time formats, including the language usedExtMsgBox --------- A highly customisable replacement for MsgBoxGUIExtender -------- Extend and retract multiple sections within a GUIGUIFrame ---------- Subdivide GUIs into many adjustable framesGUIListViewEx ------- Insert, delete, move, drag, sort, edit and colour ListView itemsGUITreeViewEx ------ Check/clear parent and child checkboxes in a TreeViewMarquee ----------- Scrolling tickertape GUIsNoFocusLines ------- Remove the dotted focus lines from buttons, sliders, radios and checkboxesNotify ------------- Small notifications on the edge of the displayScrollbars ----------Automatically sized scrollbars with a single commandStringSize ---------- Automatically size controls to fit textToast -------------- Small GUIs which pop out of the notification area
doppelGanger Posted February 6, 2013 Posted February 6, 2013 (edited) @Thread Starterthank you for your wonderful program and you did the best thing to secure our source code...however, i tried to compare and use exe2aut(decompiler application) with the 64bit and 32bit64bit:@Obfuscator-fully obfuscated@exe2aut-fully unreadable for human32bit:@Obfuscator-fully obfuscated@exe2aut-readable some text, and other personal strings shows upmy problem is that, i cant release a 32bit application to my users it is because maybe others know how to use autoit and they can decompile it...can you suggest an alternative way to obfuscate the source code like the 64bit does.thank you... Edited February 6, 2013 by doppelGanger
Developers Jos Posted February 6, 2013 Author Developers Posted February 6, 2013 (edited) @Thread Starterthank you for your wonderful program and you did the best thing to secure our source code...You are welcome.. BUT where have your read it make the sourcecode secure? Believe I made it pretty clear it doesn't make it secure at all! however, i tried to compare and use exe2aut(decompiler application) with the 64bit and 32bitThere is NO supported exe2aut and any other illegal stuff has been pretty much beaten to dead and isn't up for discussion in our forums any more.Please read our forum rules. Edited February 6, 2013 by Jos SciTE4AutoIt3 Full installer Download page - Beta files Read before posting How to post scriptsource Forum etiquette Forum Rules Live for the present, Dream of the future, Learn from the past.
doppelGanger Posted February 6, 2013 Posted February 6, 2013 You are welcome.. BUT where have your read it make the sourcecode secure? Believe I made it pretty clear it doesn't make it secure at all! There is NO supported exe2aut and any other illegal stuff has been pretty much beaten to dead and isn't up for discussion in our forums any more.Please read our forum rules.sorry about those things i've said, but sir can't we discuss about the security about 32bit that I had post?
Recommended Posts