AutoHotkey Community

Just wondering, but is there a reason why i can't encrypt them with an external program? I tried an autoit 3 script and they run perfectly when the exe is encrypted post-compile. There must be End-Of-File data with AHK? I get "exe corrupted" when opening after encrypting.
Or am i missing something? I turned UPX and compression off with both tests.

I just want to provide ample protection to my Autohotkey program.

What are you using to encrypt them? I can't find anything resonably priced that doesn't set off every anti-virus known to man.

I can't answer your original question, I'm sorry, but I would suggest that it's probably a moot consideration in any case.

Because of the process a "compiled" AutoHotkey (and presumably also AutoIt) script follows when executed, the source of the script must be made available unencrypted in memory as part of the operation. At that point the source code is easily accessible.

Encrypting the .exe file with any form of security or copy protection wrapper will really only provide protection to the AutoHotkey loader itself, not the script source.

I've never needed to obtain the source from an AutoIt script that's been "compiled", but I would think it's no harder than for AutoHotkey with or without an outer encryption layer, and with or without password protection during the compile process. Others may have specific (or at least more) knowledge in that area though.

AutoHotkey is a fantastic product, but in its current form it's not really the development platform you should be looking at if source security is your main (or a major) concern.

In a compiled AutoHotkey script, the script part is already compressed and encrypted. I think the library used to decompress and decrypt it at run-time reads from the file itself, so modifying (i.e. further compressing or encrypting) the file will prevent it from working. Either way, I believe it has a checksum which inhibits modification (triggers the "Exe corrupted" message).
I second that. See also Someone decompiled my passworded and protected script.