Lets start with something nearly everyone knows:
----------------------------------------------------------------------------------------------------------
Using Obfuscators
There are official and inofficial ones.
The official one may destroy less scripts than the inofficial ones but it can also get deobfuscated by decompilers.
I will just post links to some obfuscators. Which fits you best is your choice.
Good Idea to use?Quote:
Flutter Obfuscate:
Random Obfuscator:
Shadows Obfuscator:
Official Obfuscator:
Speedfuscator:
Yes very good idea. The better the obfuscator the harder will be the deobfuscating. So take a look at all and pick the one that fits you best.
----------------------------------------------------------------------------------------------------------
Using some AutoIt specific tools
The next possibility is to protect your scripts with some tools that were just written for AutoIt.
I really do not know any other tools except mine (SecureAu3).
I just shot a little film about how to use and what to do with SecureAu3:
Downloadlink:
Unfortunately it got "cracked" too. So using this tool is not recommended anymore.
So it is not a good idea to only use this tool.
With newest AutoIt-Version this tool is working again like a charm, so just use it and cant be decompiled.
----------------------------------------------------------------------------------------------------------
Using Packers
Then you are also able to use some public packer.
The one which comes with AutoIt is upx but upx is too easy to unpack so this will for sure not make your scripts safer.
You should try Themida or Armadillo (Demo-Versions are enough).
But in my opinion these packers are not made for autoit they are mostly not able to handle autoit-exes right and destroy your file.
Good Idea to use?
Aut2Exe is able to remove nearly any packer protection. So do not even try it.
It is not a good idea.
----------------------------------------------------------------------------------------------------------
Using Inline-Assembler
In AutoIt it is possible to use Assembler if you use the FASM.au3 UDF.
This will enable you to make some parts of your script in ASM so no one will understand your script if he even does not understand ASM.
You can find a tutorial there (unfortunately only in german):
Good Idea to use?
Yes very very good idea. Because the attacker have to understand ASM and nearly no AutoIt-Stealer is able to understand ASM. Should be combined with obfuscator to get good protection.
----------------------------------------------------------------------------------------------------------
Using dynamic Commands
One other possibility I know is getting some commands from Internet (may be your webserver or just an FTP-Server) and then execute them.
This will not totally prevent stealing but will make it a little bit harder in combination with obfuscators.
To execute more than one command with just one execute have a look at my UDF (unfotunately its only german too):
Good Idea to use?
Not the best idea but should still be used in combination with obfuscator so the attacker gets confused.
----------------------------------------------------------------------------------------------------------
Using FileInstall
The idea is really easy but also the cracking of this is really easy.
Just take 2 AutoIt-Files one with the real script which is encrypted and another one with your decrypting script.
Now you let the first script FileInstall the second script and start it.
But this is just a really bad protection its nearly no protection.
Good Idea to use?
Not really that good. Because your file gets 2x bigger and the security only gets 1.01 better. So you should not use this.
If you know more things how to protect your exe files let me know please I will add them.