Gio wrote: ↑29 May 2019, 18:01
There are many things you can do to try and hide source code information from a hacker (but be advised: security is just like the height of a wall: there are always some practical limits and perhaps even problems to applying too many methods). Here a few examples:
1. Obfuscator (you are using already).
2. An executable packer (some packers are pretty hard to unpack, but do check if the source code is not visible afterwards). Hint: don't use mpress.
3. Separation of the sensitive information (in example: create a DLL file using visual studio and have the script call a function in it to retrieve the info).
4. Use an encrypted connection to the database engine (this avoids a bogus DLL attack).
Does anyone know how to customize the executable, so that the data that is presented with below can be changed?
HexEdit should be enougth if you know the structure of a PE file (hint: always keep the same string lengths of the info you change). PE Explorer might do it aswell, with the added benefit of some UI controls.
Hello!
Your tip is very interesting. Unfortunately my programming level is not so good, although I'm in the maximum endeavor to learn.
An executable packer: I'm using Ahk2Exe.ahk loaded in 64bit AutoHotkey.exe on (ahkdll-v1-release-master), it opens a window to which I create .exe (this is reliable?) My question is really whether I keep compiling like this, or I need migrate to another program (I'll have to learn from scratch, but I can do it).
Separation of the sensitive information: In this case is another case to study, Idk how to create the .dll
Use an encrypted connection to the database engine: Obfuscator encrypts the information I need, and between them is the data access to my database. Does this become safe?
And I don't quite understand the HexEdit, what file do I need to access to change this information that is displayed in the compiled .exe? Ahk2Exe.ahk? (I know I could go and look at the file, but at the moment I can't do that, and I did not resist wanting to know
)!
guest3456 wrote: ↑29 May 2019, 18:22
if you ask in the AHK_H subforum, then HotKeyIt can help you better to make the script more secure and harder to decompile
but no solution is 100%. usually you are better off focusing your marketing and advertising on the customers who value your product and want to pay for it.
(i sell a compiled ahk script but i use AHK_Basic and the old HotKeyCamo compiler)
After your tip, I thought about creating a new publication in the AHK_H subforum, but although I'm using the AHK_H version, this doubt might be interesting for any version (I believe). Anyway, if the protection of the AHK_H is different I'll created a new one where you recommended, thank you!
Yes, I'll be focusing on marketing for my target audience, but the problem I run is not far from me if I can do just that, on the contrary, my target audience will be more interested in wanting to access my information and recreate based on my work, or else access my database to cause a big mess!
