Dangers of Mcode?

Get help with using AutoHotkey and its commands and hotkeys
Posts: 24
Joined: 08 Sep 2018, 22:05

Dangers of Mcode?

05 Oct 2018, 23:25


I am bit new to AHK scripting and have done few scripts my self. When playing with other scripts I have came across Mcode. I did bit research on it and a bit confused about security of it. I was wondering how can a user know the code is not malicious, harmful, etc.? I am talking about taking someones Mcode function which is inside a script that can be found on forum or other website and using it. For ahk script it is easy to see, but when it comes to Mcode I see it differently? Am I missing something here? :?: Thank you in advance.
Posts: 913
Joined: 15 Jun 2015, 06:21

Re: Dangers of Mcode?

06 Oct 2018, 05:26

There are online assemblers and disassemblers that you can paste machine code into to get Assembly. But then you have to read Assembly. Like- https://defuse.ca/online-x86-assembler.htm, use the disassembler at the bottom.

There are various open source disassemblers out there, but in the case of AutoHotkey, it becomes a bit tricky. That's because the disassemblers probably won't work on a .ahk script, but rather on .exe files. A tool that would take "raw" machine code and give you pseudo C code would likely be preferred. There might be a tool out there to take Assembly code and give you pseudo C code. So copy and paste the Mcode > to get Assembly > then copy and paste it to get pseudo C Code. Of course, you would still have to read the pseudo C code, though that's likely more of a format to make sense. The other issue is how good the "translations" from machine code > assembly > pseudo C code were.

There are other ways to determine what a function or part of a script that has Mcode is doing, like have it run in a virtual machine and see what changes it made or observe what it does. VirtualBox, for example, is free. I think you can set something up where you can see any file or registry changes that were made when running a program.

Return to “Ask For Help”

Who is online

Users browsing this forum: flyingDman, hracer75, kakatto and 231 guests