MisterRemote

Established Members
  • Content Count

    13
  • Joined

  • Last visited

Community Reputation

0 Neutral

About MisterRemote

  • Rank
    Member
  1. Oh my, I laughed a lot reading these postings about viruses. It's nothing new that Autoit based executables are recognized as malicious. These false positives can occur if UPX is used while compiling or some bad guys published hundreds of viruses based on same autoit version, you can read more about it in official Autoit forums: http://www.autoitscript.com/forum/topic/34658-are-my-autoit-exes-really-infected/ http://www.libraries.psu.edu/psul/cataloging/techresources/macros/autoit_docs/false_positives.html The problem with Autoit is that all executables compiled with same Autoit Version are very similar. In each autoit executable an autoit interpreter and lots of standard functions are included. That means that each autoit executable contains 80% identical data and only 20% self written source code. Antivirus companies create something like fingerprints of parts from these executables to recognize other modified programs containing same virus. So it can happen that these fingerprint is taken from part that is common for every script compiled with autoit version x. That expalins too why there can be differences between program versions of beencode editor. Sometimes older false positives are corrected by antivirus updates, sometimes they are not (because devs don't contact all companies). Sometimes there are no or very less viruses published with compiler version, so there are no or very less false positives. Sometimes there are a lot. With using upx there is the same problem. It's a common compression algorithm used by many compilers not only autoit. False positives can occur too if program acts like many viruses, for example sending data via internet, accessing/writing registry, using remote access features or calling some dll functions of windows. So for example the tool "puty" is often recognized as a virus. Things like that are normaly recognized by heurisitic virus search, meaning they don't can find a signature in database, but they find behaviour suspicious. Some antivirus tools do a good job some do a bad job. So if some small and unknown antivirus tool says this is a virus you should not trust blindly in it. If majority does not detect anything you can be relative sure that there is nothing to detect. If you are unsure send file to the biggest companies to reevaluate it and check again some weeks later. If you are very paranoid don't use closed source software at all and use only open source instead. So you can review source code and compile it yourself. To show how funny some results can be i wrote a very simple script containing all available standard includes and compiled it with UPX ans max compression: Sourcecode: #Region ;**** Directives created by AutoIt3Wrapper_GUI **** #AutoIt3Wrapper_Compression=4 #AutoIt3Wrapper_UseX64=n #EndRegion ;**** Directives created by AutoIt3Wrapper_GUI **** #include <Array.au3> #include <AVIConstants.au3> #include <BorderConstants.au3> #include <ButtonConstants.au3> #include <Clipboard.au3> #include <Color.au3> #include <ColorConstants.au3> #include <ComboConstants.au3> #include <Constants.au3> #include <Crypt.au3> #include <Date.au3> #include <DateTimeConstants.au3> #include <Debug.au3> #include <DirConstants.au3> #include <EditConstants.au3> #include <EventLog.au3> #include <Excel.au3> #include <File.au3> #include <FileConstants.au3> #include <FontConstants.au3> #include <FrameConstants.au3> #include <FTPEx.au3> #include <GDIPlus.au3> #include <GDIPlusConstants.au3> #include <GuiAVI.au3> #include <GuiButton.au3> #include <GuiComboBox.au3> #include <GuiComboBoxEx.au3> #include <GUIConstants.au3> #include <GUIConstantsEx.au3> #include <GuiDateTimePicker.au3> #include <GuiEdit.au3> #include <GuiHeader.au3> #include <GuiImageList.au3> #include <GuiIPAddress.au3> #include <GuiListBox.au3> #include <GuiListView.au3> #include <GuiMenu.au3> #include <GuiMonthCal.au3> #include <GuiReBar.au3> #include <GuiRichEdit.au3> #include <GuiScrollBars.au3> #include <GuiSlider.au3> #include <GuiStatusBar.au3> #include <GuiTab.au3> #include <GuiToolbar.au3> #include <GuiToolTip.au3> #include <GuiTreeView.au3> #include <HeaderConstants.au3> #include <IE.au3> #include <ImageListConstants.au3> #include <Inet.au3> #include <IPAddressConstants.au3> #include <ListBoxConstants.au3> #include <ListViewConstants.au3> #include <Math.au3> #include <Memory.au3> #include <MemoryConstants.au3> #include <MenuConstants.au3> #include <Misc.au3> #include <NamedPipes.au3> #include <NetShare.au3> #include <Process.au3> #include <ProcessConstants.au3> #include <ProgressConstants.au3> #include <RebarConstants.au3> #include <RichEditConstants.au3> #include <ScreenCapture.au3> #include <ScrollBarConstants.au3> #include <Security.au3> #include <SecurityConstants.au3> #include <SendMessage.au3> #include <SliderConstants.au3> #include <Sound.au3> #include <SQLite.au3> #include <SQLite.dll.au3> #include <StaticConstants.au3> #include <StatusBarConstants.au3> #include <String.au3> #include <StructureConstants.au3> #include <TabConstants.au3> #include <Timers.au3> #include <ToolbarConstants.au3> #include <ToolTipConstants.au3> #include <TreeViewConstants.au3> #include <UDFGlobalID.au3> #include <UpDownConstants.au3> #include <Visa.au3> #include <WinAPI.au3> #include <WinAPIError.au3> #include <WindowsConstants.au3> #include <WinNet.au3> #include <Word.au3> MsgBox(0,"I am a virus","eicar loves me and pentagon sucks") This script only contains a simple harmless msgbox. Compile it as IamAvirus.exe and let's check results: http://www.virustotal.com/file-scan/report.html?id=7fa3dccc2047d0fb84c4c69dfb17fa130a542d62c88a8bc5b184864cff7300dc-1313492952 K7AntiVirus 9.109.5017 2011.08.15 Trojan SUPERAntiSpyware 4.40.0.1006 2011.08.16 Trojan.Agent/Gen-Goo
  2. For sure bencode editor can do much more than only editing torrents or utorrent config files. But be honest... majority uses it for exact these purposes, you even mention it as example usage on your google project page. So I don't see a conflict in some ut or torrent specific CLI functions. Supporting general beencode editing via CLI would be possible too, but it would not be very user friendly compared to GUI. But I understand your problem with my ideas. For doing some specific replacements your tool would need a glue how torrent or ut config files are organized / keys or sections are named contrary to a general beencode editing where user decides what key/value should be changed, added or deleted.
  3. If you need help in further developing contact me via email. As mentioned before I have already experience in autoit scripting and would really appreciate supporting this project. Integrating all features from GUI into CLI would be impossible I guess, but some little things like announce, torrentname, comment and creationtool editing shouldn't be very complex. Path editing/replacing in resume.dat via cli would be nice too, but I don't think it's a feature that is very often needed. Rest of features aren't very well suited for CLI. So keep it simple, for the rest there is your GUI. Another nice thing would be merging some settings into utorrent settings.dat via ini file. So your CLI could accept something like this: BEncode Editor.exe -utMergeSettings -i "my.ini" -o "settings.dat" In ini file you could provide some basic settings like up/down speed, queue settings, sharelimits, disccache size etc. So you could easily integrate these basic settings into multiple ut installations without touching rest of settings like folder or port settings of the instance. I personaly use lots of intances on my seedbox and would really appreciate a feature like this. Copying settings.dat requires manualy editing of Folderpaths and Ports so this feature would make it easier to change some major settings global for all instances. Hope I could give you some good ideas for your upcoming CLI.
  4. Hi Ultima, I'm looking for a way to implement a function in my autoit based ReleaseTool that allows me to modify announce url of torrent files. Is beencode editor still based on autoit? Any way to get a look at your source code or at least any way to implement a command line interface in beencode editor? Would be nice if you could contact me.