[How-To] Solutions to prevent stealing of your AutoIt-Code

So I just want to show you some Solutions how to make stealing of your AutoIt-Code harder.

Lets start with something nearly everyone knows:

----------------------------------------------------------------------------------------------------------

Using Obfuscators

There are official and inofficial ones.
The official one may destroy less scripts than the inofficial ones but it can also get deobfuscated by decompilers.

I will just post links to some obfuscators. Which fits you best is your choice. ;)

Quote:

Flutter Obfuscate: [Only registered and activated users can see links. Click Here To Register...] Random Obfuscator: [Only registered and activated users can see links. Click Here To Register...] Shadows Obfuscator: [Only registered and activated users can see links. Click Here To Register...] Official Obfuscator: [Only registered and activated users can see links. Click Here To Register...] Speedfuscator: [Only registered and activated users can see links. Click Here To Register...]

Good Idea to use?
Yes very good idea. The better the obfuscator the harder will be the deobfuscating. So take a look at all and pick the one that fits you best.


----------------------------------------------------------------------------------------------------------

Using some AutoIt specific tools

The next possibility is to protect your scripts with some tools that were just written for AutoIt.
I really do not know any other tools except mine (SecureAu3).
I just shot a little film about how to use and what to do with SecureAu3:

Downloadlink: [Only registered and activated users can see links. Click Here To Register...]

Good Idea to use?
Unfortunately it got "cracked" too. So using this tool is not recommended anymore.
So it is not a good idea to only use this tool.
With newest AutoIt-Version this tool is working again like a charm, so just use it and cant be decompiled. :D
----------------------------------------------------------------------------------------------------------

Using Packers

Then you are also able to use some public packer.

The one which comes with AutoIt is upx but upx is too easy to unpack so this will for sure not make your scripts safer.
You should try Themida or Armadillo (Demo-Versions are enough).
But in my opinion these packers are not made for autoit they are mostly not able to handle autoit-exes right and destroy your file.

Good Idea to use?
Aut2Exe is able to remove nearly any packer protection. So do not even try it.
It is not a good idea.

----------------------------------------------------------------------------------------------------------

Using Inline-Assembler

In AutoIt it is possible to use Assembler if you use the FASM.au3 UDF.
This will enable you to make some parts of your script in ASM so no one will understand your script if he even does not understand ASM.
You can find a tutorial there (unfortunately only in german):
[Only registered and activated users can see links. Click Here To Register...]

Good Idea to use?
Yes very very good idea. Because the attacker have to understand ASM and nearly no AutoIt-Stealer is able to understand ASM. Should be combined with obfuscator to get good protection.

----------------------------------------------------------------------------------------------------------

Using dynamic Commands

One other possibility I know is getting some commands from Internet (may be your webserver or just an FTP-Server) and then execute them.
This will not totally prevent stealing but will make it a little bit harder in combination with obfuscators.
To execute more than one command with just one execute have a look at my UDF (unfotunately its only german too):
[Only registered and activated users can see links. Click Here To Register...]

Good Idea to use?
Not the best idea but should still be used in combination with obfuscator so the attacker gets confused.

----------------------------------------------------------------------------------------------------------

Using FileInstall

The idea is really easy but also the cracking of this is really easy.
Just take 2 AutoIt-Files one with the real script which is encrypted and another one with your decrypting script.
Now you let the first script FileInstall the second script and start it.
But this is just a really bad protection its nearly no protection. :D

Good Idea to use?
Not really that good. Because your file gets 2x bigger and the security only gets 1.01 better. So you should not use this.

If you know more things how to protect your exe files let me know please I will add them.

Thanks again. You are one of the best here :D

nobody in this forum is really inetested in making scripts safe. I was working on a own script that makes au3 safer, but there was only QQ in my thread and now the thread is down in the nirvana. I stopped working on it because i didn't need protected au3. Nobody was able to finish my task and decompile the au3 successfully.

[Only registered and activated users can see links. Click Here To Register...]

Quote:

Originally Posted by expo_botter nobody in this forum is really inetested in making scripts safe. I was working on a own script that makes au3 safer, but there was only QQ in my thread and now the thread is down in the nirvana. I stopped working on it because i didn't need protected au3. Nobody was able to finish my task and decompile the au3 successfully. [Only registered and activated users can see links. Click Here To Register...]

Nobody wanted to have a deeper look because people do not like if you open a thready and say:

"Hey guys see my tool its uncrackable, didnt I do a nice job?"

They more like things similiar to:

"Hey guys here is a little tool which can protect your AutoIt-Scripts just try it by yourself"

That is why this thread just disappeared not because of the content but because of the thing that you did not give your tool to us. ;)

Quote:

Originally Posted by expo_botter nobody in this forum is really inetested in making scripts safe. I was working on a own script that makes au3 safer, but there was only QQ in my thread and now the thread is down in the nirvana. I stopped working on it because i didn't need protected au3. Nobody was able to finish my task and decompile the au3 successfully. [Only registered and activated users can see links. Click Here To Register...]

I'm not agree with you :D

I really interested in making my script safe.

But I am a new member here :o

My thread was meaned like: "Hey guys i got a tool protected bv myself. Try to decompile it and let me know how i can improve the protection and if it's safe enough i can release it."

btw: my protector isn't release-friendly yet, so there is no way i can release it.

The point is: People are highly interested in tools that can decompile another person's script in order to change the window title thus declare it as one's own work.
At the same time these people are desperately looking for tools that prevent others from decompiling their trivial pixelsearch bots or some 1337 S4 Mt2 Ultra Mega Hack-It-All.
Yet when somebody uploades a protected decompile-me script without releasing a tool do protect own scripts, those people just don't care or show their skill by posting something like "5/41 detection ratio in VT so I'm too clever for you and won't download it".
I'm afraid that's what the AutoIt section is finally about. :p

Haha mein mini tut in deinem thread ? danke :)

Ich überleg schon länger ob ich da mal weitermachen sollte :D

Hab aber keine zeit :(

Netter thread danke dir das du das hier nochmal so ausführlich zeigst und so viele möglichkeiten anbietest

Simplest solution ever:

• do not release your stuff

But that would definitely decrease the amount of fame you could gain. ;D

For the average scriptkiddie, a whole script like this
would be ways too big. But single functions could be stolen, anyway. :|

MfG

Another way to protect the exe is to hide the language in which it was written.
The first thing a hacker will try to understand is what language used to build the exe.

so my target also is to hide this information.

i know that you can get this information if you will open the exe in HEX editor and will look for strings that saying what is the language.
so i know that in order to hide, i should delete this information in HEX editor.

but My question is if there are other ways to get this information (except to try all available decompilers)?
and if so, then what else should I look at?

and another question, Suppose I hide this information well, how time do you think it will take for the hacker to know what is the language of the exe?

Good tutorial! I agree with code obfucation if you're having commercial interest in your project. Another thing thats often associated with obfuscation is code optimization (e.g. remove unused variables), is there something for that with AutoIT?

On another note I think the bot and hacking community should be more into open source. If many of the tools available in this forum would be available in source code everyone could just learn from each other and write better tools. Screw the Scriptkiddys that copy stuff, all that matters is that there are good tools for people to use. If you wouldn't want people to use your stuff you shouldn't release at all.

Not putting anyone down, there exists this "myth of the genius programmer" and I think it's very prevelent in the hacking community. It's the idea of "I don't want people to see my code". Maybe thats because your code contains stuff others haven't done yet or because you think it's too "ugly". Or you're maybe afraid of being pointed at for an error you made. The thing is 99% are not elitist geniuses that produce perfectly clean code without errors, so at least don't feel bad about showing you code to the world.

Good talk on this Topic:

You could also apply licenses to you project, to legally declare what can and can't be done with your code. If someone would violate you license she can become liable.

A lot of decompilers, need to Obfuscate the code or just share it is what I do.

I just can't understand why everyone wants to "protect" their projects.

You don't do any innovative or new things, nothing that needs to be kept as a secret. Do you guys really think someone would want to steal your autoit game hack or even make money with it? And in the case someone wants to sell your Project a license is all you need. Having a license is way more effective than every obfuscator in the world (and also less time intensive for you).

There are many licenses you can use floating around the net.

Quote:

Originally Posted by warfley I just can't understand why everyone wants to "protect" their projects. 1.)You don't do any innovative or new things, nothing that needs to be kept as a secret. 2.)Do you guys really think someone would want to steal your autoit game hack or even make money with it? 3.)And in the case someone wants to sell your Project a license is all you need. 4.)Having a license is way more effective than every obfuscator in the world (and also less time intensive for you). There are many licenses you can use floating around the net.

1.)This is not why someone obfuscate code on this forum
2.)yes. happens often on epvp
3.)HWID. else licenses can be shared through simple packet manipulations
4.)Decompile and no obfuscator == Mark license check method and write true(simplest way)

Quote:

1.)This is not why someone obfuscate code on this forum 2.)yes. happens often on epvp 3.)HWID. else licenses can be shared through simple packet manipulations 4.)Decompile and no obfuscator == Mark license check method and write true(simplest way)

I mean a legally license, if someone misuses it you can sue him.