The tool that I use is written in pyton. I’ve pay to a guy to wrote it for me, because I know nothing about pyton or any other language that can be used to do the job quickly. I can make every single word 100 symbols if I want, which will make the file bigger, but I don’t have to worry about global variables names. I use my own maxscript to make the whole script only one line,
I use obfuscation not because I am a super smart maxscripter or I have codes that someone can’t write better than me. Writing a script cost time. All of you know this better than me. So, why I have to spend a month or more to write a script and someone to spend 10 minutes to decrypt it and get the readable code? I spend 10 minutes to prepare the script from readable to uglified version. Crackers can spend 10 minutes to decrypt my script, but then they have to spend much much more to make it readable. A little compensation for me I think.
How do you handle (local) variable names that are used several times throughout the code?
And how do you deal with structs (e.g. ‘object.member.property’, where ‘object’ and ‘member’ can be any string, but ‘property’ must not be changed for the code to run)?
I still don’t exactly see how this can be done without writing a full MAXScript parser (including all keywords, operators, 3ds Max internal method/function names…) or being extremely strict and consistent in the way you write your code in the first place?
– MartinB
and it’s doable… but as i said the code has to be written with some rules… for example not use local variables and function arguments that can interfere with property names.
I have a text file where I put all words that I don’t want to be replaced with random generated strings. If I don’t want the “property” to be replaced with something like “asdwqedj0r840r8yoaid”I will put the “property” in the exception_list.txt and the obfuscator will not replace that word.
As Denis said there are some rules that have to be met in the process of writing.
Simply use the encrypt script command that is part of Maxscript. It will produce a mse file which is run the same as a script but no one can see the content.
There is also no need to work about the dark underworld of hacker unlocking the mse Its not worth their time.
khe-khe… you are a little naive… we are talking about exactly opposite… it’s not about how to protect a code but about how to make a hacker’s life possibly more … how to say… despondent
Nice, save your insults for someone else.
[QUOTE=Does anyone know of any tools that can robustly perform code obfuscation for MAXScript code? This is not really about copy protection but more about protecting algorithms and many months of R&D. Obfuscation can be reverted, sure, but if done right it will be pretty slow and costly.
The above is the best possible solution and more to the point, no one worth their salt is going to waste time cracking a MaxScript. Anyone capable, would already know the “magic” held within. LOL
just don’t know what to say… do you really believe that mse is a code protection?
I know everybody already knows about it , but it still would help NOT spreading this and other links, please ! BTW: MSE Decryption is a matter of 1 sec, not 10 minutes like mentioned above …
In my opinion both proposed methods of encoding a script showed here are exactly the same, really. One might look harder to understand at a first glance, but it is very easy to turn one into the other. Don’t use your eyes.
I have used the same approach as Kostadin and it works very well. Also there is no need to prepare your code in any special way (at least not for me) in order to use it. It also respects local variables, structs, rollouts, controls, .Net, etc.
I see removing explicitly declared local variables as a big problem so personally I do not remove them.
Caching unnecessary functions with random variables is very simple to reverse and I see it as a waste of time especially for very large codes.
The most important thing I need to take care of is to not use building definitions and keywords as variables. Something that we usually do like using words such as "node", "channel" or using "x", "y", "z" as iterators.
Also, if you use .Net code in the script you need to take care of what is being modified.
An efficient parser can be written in Maxscript also, using RegEx, your best friend for these tasks and it can take 1-5 seconds to parse a 10K lines code.
In the end, there is no way to efficiently obfuscate MaxScript without having a huge impact in performance, and the best you can do is what was proposed here.
For very complex algorithms, any programmer will have a hard time trying to decode and fully understand it. Probably people with such knowledge will not want to waste their time doing so.
If what you have is a Nobel Algorithm, then I would suggest taking the C++ path as there will be many eyes trying to figure it out, and someone will do sooner or later.
For not "so secret" algorithms, it will be hard to turn this:
a+b+c=d
Into this:
flour + egg + sugar = cake
I have proved this to myself not being able to complete reverse some old code I developed and encoded a long time ago.
I hope this helps.
PD:
Do you really see such a big difference between this:
fn\--\********************************************************************************\
'ScjkMzrp3BrIBzBEln3I4g==''2wKt7IOkeYC9DJszleKK0g==':'snh5l17IyK1Q5YkIZ1VHWw==':'E9vZRm6Xb59iyzFSCsgJMA==':0.5=()
And this:
fn a b: c: d:0.5=()
Other thing that came to my mind but I’ve never tried and I don’t know how it will perform (if possible), would be to convert your script to a string, encode it and then decode and execute it with a C++ plugin or perhaps a C# utility.
If it works well, you would only need to recompile the plugin with different keys whenever you need or if you feel your key had been leaked, but you could write your whole code in Maxscript this way.
Denis showed this in the forum, but using maxscript. The complied plugin version is for him, you and all other guys that knows how to use C++/C# for this tack.
Thank you Kostadin.
Encrypting/decrypting a string is not a hard task, even with Maxscript. With C++/C# you can use much more powerful algorithms for such tasks. However, I’ve never tried to use it with a complex script.
I’ve done for sure string encryption, but using it for Maxscript might have side effects that I don’t know, so unless someone can assure a hundred percent that using execute will have no impact at all in a tool, it would take me a long time to do all sort of test.
Even using a C++ plugin for the task, once it is cracked, your whole Maxscript code would be exposed. But not everyone can crack C++ if they wanted to see your magic algorithm and I doubt a cracker would publish a crack for doing so, but you never know.