AutoHotkey Community

Hello, I have a question which has been baffling me for a while now. If someone is running a limited user account then admin rights may be required to do some activities. Creating a script using runas can raise rights to the necessary level. I read that compiling a script into an exe file that contains the user account name and password to use with runas is not secure. My question is, how and why is it not secure? I'm not thinking about a situation where another person has physical access to the machine. I'm thinking about situations where a website triggers an exploit or some downloaded malware file is accidentally launched. Wouldn't running a limited user account stop any malware from being able to find a password and account name in the exe file. Also how could the malware "know" which exe file to target or where it might be stored? Wouldn't a firewall prevent the malware from getting any information it could find out? My apologies if these questions are naive but I'd really like to know the answers. Thanks!

Search the forum for Exe2Ahk. It's a decompiler.


Chances are, your password would be safe from that, but... If the Malware is trying to recieve messages, it may try to intercept info. Thing is, it would be able to intercept just as well if you entered the info manually. Password would probably be safer in the exe in that case.


I wouldn't think so.

For the most part, the password would be safe in your exe from external sources and virus'. Internally, it could easily be decompiled in barely any time to find the password.


It wouldn't. It might try to intercept messages though.


Firewall tries to block it from entering your system... It's like a door. Once it's been opened and let something bad in, the door is no longer protecting you... It just stops other intruders from entering as well.


That's what forums are for.

Your password should be as safe from external threats as it would be with you entering it, but internally... Anyone can decompile it within minutes.

Thanks for the reply. It was helpful. Can Exe2Ahk work on a regular limited user account? As it happens, I use Online Armor which monitors both inbound and outbound traffic. Even on my Admin account Exe2Ahk requires manual permission before it will run.

In your reply you mentioned external and internal sources. What is the difference? I couldn't follow the distinction.

If I follow correctly (which is doubtful ) having a password in an exe file is better protection against a keylogger than manually typing in a password. If so then the risk of having a password in an exe file is dependent upon whether a decompiler will run on the limited user account? Cheers!

Internal:
Someone physically at your PC.

External:
Someone not physically at your PC.

KeyLoggers are normally from an external source. Most times not really after a specific item, rather all items so the reciver can pick and choose as they wish.