Compiling Ahk_h and using a Dynamic Password (v1) Topic is solved

[kyuuuri]

Hello, this topic has 3 questions/titles:
1. Compiling problem
I watched this webinar https://www.youtube.com/watch?v=ao5FdsqWTVQ&feature=youtu.be and compiled the source myself.
I have a few questions:
When compiling the source, the output is different from what comes with the release of ahk_h, like the size is half of the released version of ahk_h.
Size of Autohotkey.exe from released version in Github: 2,3mb.
Size of Autohotkey.exe from compiled version: 1,1mb
Both x64w.
The dll is the same size.

I read somewhere that I had to run: CleanUpAndPack.exe but when I do it outputs that the function "ChangeVersionInfo" doesn't exist.
Questions:

• What should I do here?

• When using ahk2exe to "compile" an ahk script, I can select AutoHotkeySC.bin or AutoHotkey.exe Is there any difference?

About changing a Password (to make it dynamic)
Let's say I make a function that generates a random amount of characters (let's say it is between 19 and 35 characters) using letters, numbers and symbols.
In ahk_h v1's source I searched "g_default_pwd" and found the following:

1.

Code: Select all

pw[i] = pwd == g_default_pwd ? (TCHAR) _T("A\0\0\0\0u\0\0\0\0t\0\0\0\0o\0\0\0\0H\0\0\0\0o\0\0\0\0t\0\0\0\0k\0\0\0\0e\0\0\0\0y\0\0\0\0")[i*5] : (TCHAR)*pwd[i];

From what I read and understand the password is "Autohotkey" and it is inside that declaration between the "\0", let's say I have a function that returns a random password of random characters, I should do this?

Code: Select all

pw = pwd == g_default_pwd ? randompassword() : (TCHAR)*pwd;

2.

Code: Select all

extern TCHAR g_default_pwd0;
extern TCHAR g_default_pwd1;
extern TCHAR g_default_pwd2;
extern TCHAR g_default_pwd3;
extern TCHAR g_default_pwd4;
extern TCHAR g_default_pwd5;
extern TCHAR g_default_pwd6;
extern TCHAR g_default_pwd7;
extern TCHAR g_default_pwd8;
extern TCHAR g_default_pwd9;
extern TCHAR *g_default_pwd[];

If I'm generating a new password with random amount of characters, do I have to change this piece of code to something like (in pseudo code)?

Code: Select all

Loop, Password_Size
	extern TCHAR g_default_pwd Loop_Index;
extern TCHAR *g_default_pwd[];

3.

Code: Select all

TCHAR g_default_pwd0 = 0;
TCHAR g_default_pwd1 = 0;
TCHAR g_default_pwd2 = 0;
TCHAR g_default_pwd3 = 0;
TCHAR g_default_pwd4 = 0;
TCHAR g_default_pwd5 = 0;
TCHAR g_default_pwd6 = 0;
TCHAR g_default_pwd7 = 0;
TCHAR g_default_pwd8 = 0;
TCHAR g_default_pwd9 = 0;
TCHAR *g_default_pwd[] = { &g_default_pwd0, &g_default_pwd1, &g_default_pwd2, &g_default_pwd3, &g_default_pwd4, &g_default_pwd5, &g_default_pwd6, &g_default_pwd7, &g_default_pwd8, &g_default_pwd9, 0, 0 };

Should I change this to a loop like this? (again in pseudo code) (number = index of loop)

Code: Select all

loop, Password_Size
{
	TCHAR g_default_pwd Loop_Index = 0;
	TCHAR *g_default_pwd[Loop_Index] = { &g_default_pwd Loop_Index};
}
TCHAR *g_default_pwd[Loop_Index+1] = {0};
TCHAR *g_default_pwd[Loop_Index+2] = {0};

4.

Code: Select all

for (int i = 0; i < 10; i++)
				*g_default_pwd[i] = i + 1;

Here I should change the " i < 10" to "i < size_of_password+1" right?

How it works?
Let's say I compile ahk_h v1's source with this random function, will the password be different everytime I use ahk2exe to "compile" an ahk script? or it is randomly generated everytime I compile ahk_h v1's source code?

Thanks in Advance.

[HotKeyIt]

I have removed ChangeVersionInfo, it was not required here.

1. You can't use random password!

2+3. You will need as many g_default_pwd... variables as your password is long + 1.
4. Correct.

Dynamic != random!
For example you can write a function that generates the password based on given number, then use it here:

Code: Select all

pw[i] = pwd == g_default_pwd ? MyPasswordFunction(i) : (TCHAR)*pwd[i];

Use the compiled exe in debug mode to view/generate a password from some content of the exe, e.g. error messages, some arrays with characters...
Then see what password is generated based on your definition and use it.
Something like this:

Code: Select all

TCHAR MyPasswordFunction(int i)
{
  TCHAR pw;
  if (i==0)
  {
    ...
   } else if (i<3){
     ....
   } else if ...
     ...
   }
   return pw;

[kyuuuri]

Thanks for the answer!
This means that if I follow these steps:
Compile ahk_h v1's source code with dynamic password
Compile ahk script called "A" with the source I compiled before
Compile ahk script called "B" with the source I compiled before
Both passwords for "A" and "B" will be the same because the password is generated only once when compiling ahk_h v1's source?
If this is the case, what is the advantage of using a dynamic password? Can't I simply generate a random password and manually editing the source for it?

Thanks in advance

@edit:

I have removed ChangeVersionInfo, it was not required here.

Forgot to say, Thanks for updating the file. Still got 2 more problems:
First, the function ErrMsg is missing, I simply added an empty function in the file to temporary solve this.
@edit2: removed something from edit1 because I solved it.
I want to add that I can't find a way to compile ANSI version, I had to remove the ANSI thing from the CleanUpAndPack.ahk script.

And I have my last question: when compiling an .ahk script, is it the same if I use AutohotkeySC.bin or Autohotkey.exe?

[HotKeyIt]

Advantage of dynamic password is that it won't be easy to hack your script, while standard password is rather easy to hack since it is documented and available online.

• When using ahk2exe to "compile" an ahk script, I can select AutoHotkeySC.bin or AutoHotkey.exe Is there any difference?

AutoHotkey.exe can execute other script then included by using /E or /Execute switch, AutoHotkeySC.bin can't.

[kyuuuri]

Nice, thanks for all the answers. I will create a new topic with a guide on how to compile ahk_h step by step. Should I do it here? or on ahk_l's tutorials? (there is no tutorial section for ahk_h)

[HotKeyIt]

Do it here: https://www.autohotkey.com/boards/viewforum.php?f=65
I will make the topic sticky

[kyuuuri]

Do it here: https://www.autohotkey.com/boards/viewforum.php?f=65
I will make the topic sticky

Done sir!
https://www.autohotkey.com/boards/viewtopic.php?f=65&t=62308

Please check the steps to see if I did something wrong or if I'm missing something (I compiled everything with no errors but didn't test the compiled source with big/complicated scripts), later I will add how to change the password.

[kyuuuri]

Hello, I have 2 more questions (Hope that those 2 are the last questions) about using dynamic password.
Let's say I use your example and do the following:

Code: Select all

pw[i] = pwd == g_default_pwd ? MyPasswordFunction(i) : (TCHAR)*pwd[i];

Code: Select all

TCHAR MyPasswordFunction(int i)
{
	TCHAR pw;
	if (i == 0)
	{
		pw = 'A';
	}
	else if (i == 1)
	{
		pw = 'U';
	}
	else if (i > 1)
	{
		pw = 'T';
	}
	return pw;
}

The password becomes: "AUTTTTTTTT" (tested, it works).
I have 2 problems:
1. I can't find any idea about a way to generate a better password. I read the following examples you gave

Use the compiled exe in debug mode to view/generate a password from some content of the exe, e.g. error messages, some arrays with characters...
Then see what password is generated based on your definition and use it.

But I don't understand how to use that, like can you give any example (even pseudo-code helps) of a simple password using information from the exe?

2. How to debug it? I changed the properties for Debug | Win32, added a breakpoint on MyPasswordFunction and pressed F5 but I can't see any value, I can't find the password anywhere, already tried using google but had no luck.
I had the following when adding a breakpoint on the function:

The breakpoint will not currently be hit. No executable code of the debugger's target code type is associated with this line.

This is the last thing I need so I can finish the guide I shared before so everyone can change the password.

Thanks in advance!

[HotKeyIt]

1. Create a compiled script and put it in source\resources\AHK.zip:

Code: Select all

script:="MsgBox this is a test"
VarSetCapacity(var,StrPut(script,"UTF-8"))
size:=StrPut(script,&var,"UTF-8")
sz:=ZipRawMemory(&var,size, dest, "AutoHotkey")
f:=FileOpen("C:\Temp\AHK.zip","w","UTF-8-RAW")
f.RawWrite(&dest,sz)
f.Close()

2. Add AHK RCDATA ".\\source\\resources\\AHK.zip" in the end of AutoHotkey.rc (Resource Files).
This will run that script and allow you to debug the password function.

3. Now add your password function to the top of util.cpp.
Check what variables/text is available in your function, simply try to access it, so for example accessing error messages:

Code: Select all

TCHAR MyPasswordFunction(int i)
{
	TCHAR pw;
	if (i < 2)
	{
		pw = *(ERR_PARAM2_REQUIRED + i*2);
	}...

Then you will see what password is generated and can use it in Ahk2Exe.
You can check what arrays, strings... are available for you to use as password and combine them to a password string.

[kyuuuri]

1. Create a compiled script and put it in source\resources\AHK.zip:

Code: Select all

script:="MsgBox this is a test"
VarSetCapacity(var,StrPut(script,"UTF-8"))
size:=StrPut(script,&var,"UTF-8")
sz:=ZipRawMemory(&var,size, dest, "AutoHotkey")
f:=FileOpen("C:\Temp\AHK.zip","w","UTF-8-RAW")
f.RawWrite(&dest,sz)
f.Close()

Done, created a file called AHK.ahk, pasted the code, compiled it and compressed with ZIP format.

2. Add AHK RCDATA ".\\source\\resources\\AHK.zip" in the end of AutoHotkey.rc (Resource Files).
This will run that script and allow you to debug the password function.

Done

3. Now add your password function to the top of util.cpp.
Check what variables/text is available in your function, simply try to access it, so for example accessing error messages:

Code: Select all

TCHAR MyPasswordFunction(int i)
{
	TCHAR pw;
	if (i < 2)
	{
		pw = *(ERR_PARAM2_REQUIRED + i*2);
	}...

Then you will see what password is generated and can use it in Ahk2Exe.
You can check what arrays, strings... are available for you to use as password and combine them to a password string.

Added my password function to the top of util.cpp. But I can't manage to see what my password will be.

Code: Select all

TCHAR MyPasswordFunction(int i)
{
	TCHAR pw;
	if (i == 0)
	{
		pw = *(ERR_PARAM1_REQUIRED + i * 2);
	}
	else if (i == 1)
	{
		pw = 'U';
	}
	else if (i > 1)
	{
		pw = 'T';
	}
	return pw;
}

And then I Debug | Win32
I get this error:

---------------------------
AutoHotkey.exe
---------------------------
Error at line 1.

Line Text: PK
Error: This line does not contain a recognized action.

The program will exit.

Same error for wrong password when compiling an ahk with ahk2exe.
This is the last thing executed before the error

This happens as well with a fresh ahk source with no changes (only the changed needed to compile the source) (only when I include AHK RCDATA ".\\source\\resources\\AHK.zip" in the end of AutoHotkey.rc (Resource Files).)

[HotKeyIt]

There should be no AHK.ahk?
Just run this code to create the zip file straight away, it is not a standard zip format file.

Code: Select all

script:="MsgBox this is a test"
VarSetCapacity(var,StrPut(script,"UTF-8"))
size:=StrPut(script,&var,"UTF-8")
sz:=ZipRawMemory(&var,size, dest, "AutoHotkey")
f:=FileOpen("C:\Temp\AHK.zip","w","UTF-8-RAW")
f.RawWrite(&dest,sz)
f.Close()

You have to step into DecompressBuffer to see what happens, I assume since you had the wrong file it did not get to the part with password!

[kyuuuri]

There should be no AHK.ahk?
Just run this code to create the zip file straight away, it is not a standard zip format file.

Code: Select all

script:="MsgBox this is a test"
VarSetCapacity(var,StrPut(script,"UTF-8"))
size:=StrPut(script,&var,"UTF-8")
sz:=ZipRawMemory(&var,size, dest, "AutoHotkey")
f:=FileOpen("C:\Temp\AHK.zip","w","UTF-8-RAW")
f.RawWrite(&dest,sz)
f.Close()

You have to step into DecompressBuffer to see what happens, I assume since you had the wrong file it did not get to the part with password!

That worked!!! Thank you!. I will add this to the post, thanks again for answering all my questions hope you don't hate me now hahaha.

[HotKeyIt]

[kyuuuri]

Last question!
Using a function like this:

Code: Select all

pw[i] = pwd == g_default_pwd ? MyPasswordFunction(i) : (TCHAR)*pwd[i];

Code: Select all

TCHAR MyPasswordFunction(int i)
{
	TCHAR pw;
	if (i == 0)
	{
		pw = *(ERR_PARAM1_REQUIRED + i * 2);
	}
	else if (i == 1)
	{
		pw = 'U';
	}
	else if (i > 1)
	{
		pw = 'T';
	}
	return pw;
}

How can I add fake entries like on default password where you had 4 "/0" between each letter?

[HotKeyIt]

You can do things like this: pw = *(_T("akllerUiuzugz")+6);

[uhwok3n]

Hello! I would like to make a different password for each of my users. I feel AHK_H is the best method to achieve this. In order to do this I will need to create separate compiled autohotkey_h folders for each individual person correct? Is there a function I can use for getting slightly more random dynamic hash like passwords?

*Edit: I'm sure there are ways to create more dynamic hash like passwords, what would be the best method to achieve this? using time/date perhaps in password function?

[kyuuuri]

Hello! I would like to make a different password for each of my users. I feel AHK_H is the best method to achieve this. In order to do this I will need to create separate compiled autohotkey_h folders for each individual person correct? Is there a function I can use for getting slightly more random dynamic hash like passwords?

*Edit: I'm sure there are ways to create more dynamic hash like passwords, what would be the best method to achieve this? using time/date perhaps in password function?

Yes, you need to compile each time with a different password. Maybe you can make an script that generates a random value and replaces the password on the .cpp files with it.

[uhwok3n]

You can do things like this: pw = *(_T("akllerUiuzugz")+6);

How does the code mentioned by @HotKeyIt work? With the example given by both HotKeyIt and @kyuuuri would you replace:

Code: Select all

TCHAR MyPasswordFunction(int i)
{
	TCHAR pw;
	if (i == 0)
	{
		pw = *(ERR_PARAM1_REQUIRED + i * 2);
	}
	else if (i == 1)
	{
		pw = 'U';
	}
	else if (i > 1)
	{
		pw = 'T';
	}
	return pw;
}

with

Code: Select all

TCHAR MyPasswordFunction(int i)
{
	TCHAR pw;
	if (i == 0)
	{
		pw = *(ERR_PARAM1_REQUIRED + i * 2);
	}
	else if (i == 1)
	{
		pw = *(_T("akllerUiuzugz")+6);
	}
	else if (i > 1)
	{
		pw = *(_T("akllerUiuzugz")+6)
	}
	return pw;
}

??

Would that add 6 0's? And could I instead use a different amount of zeros in each block by changing the number 6, to something like 4 for added protection? In another thread HotKeyIt mentioned using "\000" 3 0's for numbers, how would I implement this with that understanding? I suppose I don't know what this statement is doing. Help would be appreciated, I want the best encryption I can create for myself. Thank you in advance.

[HotKeyIt]

No, the 0's are not necessary here, pw = *(_T("akllerUiuzugz")+6); was just to show how to add fake entries since you would be using only one character out of that string, so analyzing the strings of exe would make it difficult to find out the password:

Code: Select all

TCHAR MyPasswordFunction(int i)
{
	TCHAR pw;
	if (i == 0)
	{
		pw = *(ERR_PARAM1_REQUIRED + i * 2);
	}
	else if (i == 1)
	{
		pw = *(_T("akdlferkjgioghoi")+i);
	}
	else if (i > 5)
	{
		pw = *(_T("lkjfolajfkoajoighgfzfzt")+i//2)
	}
	else if (i > 1)
	{
		pw = *(_T("kgiosfdiohort")+i*2)
	}
	return pw;
}

[uhwok3n]

Thanks for responding @HotKeyIt

so in the first if (i ==0)
the error param_required pulls what characters?
in else if (i == 1)
Does it pull the first character? with(+i) so 'a'
in else if (i > 5)
if i == 5 that would be 5 * 2 which == 10 / i (10/ 2) == 5 which would be 'o'? and when i is 6 it would be 6 * 2 / 2 == 6 would be 'l' OR does it go backwards from the string?
if (i > 1) would basically do the same thing above? forwards

Does it use the additional non-used characters in the string when for part of the encryption?