Armored Autohotkey executable builder ~ 0.9.5b

Basic Introduction

HotkeyCamo is a freeware closed source Autohotkey executable build wrapper written in PureBasic 4.

At last build was 2838 lines long (most of which is the bloody gui :0) and comprised entirely of standard pb4 functions and api calls.

It requires only the files found in the compiler directory of the Ahk distributable to function, no 3rd party tools.

PURPOSE

To wrap around the process of converting an AutoHotkey script into an executable with Ahk2Exe and provide additional features such as::

Optional countermeasures against official and 3rd party decompilers.
Large compatibility with official releases of AutoHotkey.
Compatible with the recent ansi and unicode build of AutoHotkey_L (1.0.48.5)
Internal pe resource control, add specific types and remove single or all types.
Internal pe version info control and builder.
Define multiple processes to execute additional tasks at build time.
Define the upx or alternate packer commandline parameters that Ahk2Exe uses.
Configurable from a script or a config file and environment variables.
Macros for certain build related files / folders and some programs.
Depending on its subsystem HkC can be command shell or graphical interface capable.
Works on the following windoze operating systems: 98se - xp - vista.

Countermeasures in brief

An AutoHotkey stubby consists of the header which is the core Interpreter, to which is attached a compressed and encoded archive structured binary overlay at the tail of the file.

When the stubby executes it crossreferences values and data sequences stored at its core with those in its payload to locate - identify and prepare itself for the next steps of acquiring the data.

These values and data sequences are exactly the targets that a decompiler uses (Like the Ahk interpreter) to detect and deconstruct this archive structured binary overlay.

HotkeyCamo by default maps and patches certain key data sequences in both Ahk2Exe and the interpreter stub at build time and scrambles them identically with values generated to confuse a decompiler but not the Interpreter in final executable form.

Although there is a decompiler distributed with Ahk, the actual methods implemented here go beyond that and are aimed at 3rd party decompilers that do not follow the standard rules of engagement. (like passwords or no decompile switches) ;)

However I must point out that what it is doing is just camouflage (hence the name) rather than full blown protection and is to be considered lightweight armor against n00bs or b1unts from interrogating your binary and not much else!

In the event that these methods get countered (very likely), or are just not required you can disable them by adding the ~np commandline option when executing HkC.

INSTALLATION

It is not essential but you will get the most out of this tool if you add it to one of two locations in your existing AutoHotkey install directory:

1. In a directory of its own,
[..]
    AutoHotkey.exe
    [Include]
    [Compiler]
    [x:\Program Files\AutoHotkey\HotkeyCamo\]
        HkC.exe

The default path to the build files used will be the compiler directory above HotkeyCamo's own.

All macro's for relative files and paths will work and the actual build directory (HkC's dir) will not interfere with how the modified builder finds includes and its other relative file paths

HotkeyCamo will copy upx from the compiler directory to its own directory.

2. Within the compiler subdirectory,
[..]
    AutoHotkey.exe
    [Include]
    [x:\Program Files\AutoHotkey\Compiler\]
        Ahk2Exe.exe
        AutoHotkeySC.bin
        HkC.exe
        Upx.exe

The default build file paths will be those in the same directory as HotkeyCamo.

The modified build files location is the same as your original so again no impact to how includes and other realtive paths are located, plus upx should already exist so will not be searched for.

If like me you do not have a standard install location for AutoHotkey just remember that the build files can exist either in HkC's directory or in a directory named compiler above HkC's current path.

When the above does not apply alternate paths to the two primary build files must be specified using the hkc_a2e and hkc_bin options.

Upx will also be searched for in the directory path of the file specified through the hkc_a2e option

Ahk2Exe.exe - No custom builds, only supported official builds.

AutoHotkeySC.bin - Only supported official builds or most recent build of AutoHotkey_L.
(Not the 20 kb smaller interpreters that are available. )

Upx.exe - Is required by HkC so it can unpack Ahk2Exe for many other elements to proceed, also it is required if you want to pack the output with upx for size reduction..

* None of the original build files are directly modified in any way, alternately named copies are created and deleted by HkC in its own directory during the build process *

CONTENTS

Files found in the release archive:
HkC.exe - Main program.
HkC.chm - Offline compiled html document.
HkC - Command shell based nfo format quick reference. (used by HkC if it has a console subsystem)

[EG] very basic examples (Yes these are really bad, I am an utter n00b with ahk, no time to write better ones yet)
Mcecs.ahk - A script that contains embedded HkC options.
Ascfg.ahk - The same script without the embedded options.
Quicklaunch.bat - Example of the save as quicklaunch.bat gui menu option. (modified for release)
Quicklaunch.ahk - Example of the save as quicklaunch.ahk gui menu option. (modified for release)
Build.cfg - Contains the HkC build options for Ascfg.ahk.
DefBinRes.cfg - A sample cfg template which contains the resource and version info values that are found in AutoHotkeySC.bin.
[RES] directory contains files used in the above examples.

UPDATES

General

Now supports the most recent ansi and unicode builds of AutoHotkey_L by Lexikos.
If upx cannot be found it will be searched for in the compiler directory or the path defined for Ahk2Exe.
Fixed the hkc_tmp option, If temp build files already exist they will now be replaced with the new files.
Log output for resource jobs with no description will now show the resource filename instead of '?'
Log output for execution jobs with no description will now show the program filename instead of '?'
Fixed a bug when saving options after a build would save the temp version info resource entry.

Gui

Ahk build version menu improved and Ahk_L versions added to it.
All browse/save dialog requests should now work as you would expect them too.
Fixed bugs in resource and execution tabs where a job element could not be added without a description.
Fixed a bug in auto version info inclusion where clicking build multiple times would stop it working.
Added alternate packer commandline string field to the options tab.
Browsing for alternate build files will auto fill the path and filename if the relative edit boxes are empty.
Using the ~np switch will disable camo options and the user seed box becomes the password box.

Config

Added the ~np commandline option to disable the camouflage process of the fuzzing procedure.
The hkc_rnd option now accepts numbers and characters and controls camo options or password.
The hkc_alt option now holds any upx or alternate packer commandline string. hkc_pak still enables it.