Jump to content

Sky Slate Blueberry Blackcurrant Watermelon Strawberry Orange Banana Apple Emerald Chocolate
Photo

Possibly a Hero. Scan a script for ...


  • Please log in to reply
20 replies to this topic
tidbit
  • Administrators
  • 2709 posts
  • Hates playing Janitor
  • Last active: Jan 15 2016 11:37 PM
  • Joined: 09 Mar 2008

Possibly a Hero

v1.11 (Fri December 21, 2012)

Screenshot

Download

 

Hotkeys:

Ctrl & w --- Quit (main window only)

 

Info:

Do you hate running a script only to have it create file(s) on your desktop (or anywhere else)? Do you not trust the author of the program and think there might be something malicious or prank-y? Do you not want to have a program accessing files or the internet?

This script detects all that (and more)! It might just save your computer from something evil or perhaps save you the hassle of cleaning up a bunch of unwanted files.

However, This system is not perfect, but it seems to work good. It uses regex to parse the script, not a real AHK parser. So some things may be false-positives or missed threats. But that is why there is a Summary section for you to easily double-check.

 

Features:

* Atleast 12 detection categories.
* Code view allows you to copy/paste code into an editor without needing to save and load a file.
* Detection rules are in regex, so it's fairly easy to expand.
* Drag-and-drop on the GUI or on the script (or exe).
* File overview.
* Open the file location.
* Parse or ignore code in comments (both ; and /**/).
* Resizeable.
* Run the file.
* Threat summary.
 
 

Log:

v1.11 (Sun December 30, 2012)
- Tiny update to some keywords.
 
v1.1 (Fri December 21, 2012)
- Initial released on Sat December 22, 2012

 


rawr. be very afraid
*poke*
. Populate the AutoHotkey city. Pointless but somewhat fun. .


TLM
  • Administrators
  • 3864 posts
  • Last active:
  • Joined: 21 Aug 2006

zha18.png

glad you got it working biggrin.png going to test the new version..


Posted Image

don't duplicate, iterate!


tidbit
  • Administrators
  • 2709 posts
  • Hates playing Janitor
  • Last active: Jan 15 2016 11:37 PM
  • Joined: 09 Mar 2008

Yup, works pretty good if you ask me. Thanks for the testing icon_mrgreen.gif


rawr. be very afraid
*poke*
. Populate the AutoHotkey city. Pointless but somewhat fun. .


RaptorX
  • Members
  • 751 posts
  • Last active: Feb 19 2015 02:47 AM
  • Joined: 19 Feb 2010

is this the first AHK antivirus/sandboxie? xD
will take a look later on!


AutoHotkey Toolkit [Main Project]
Scintilla Wrapper
LexAHKL

tidbit
  • Administrators
  • 2709 posts
  • Hates playing Janitor
  • Last active: Jan 15 2016 11:37 PM
  • Joined: 09 Mar 2008

Got the idea after a couple things:

1. A lot of apps or addons for browsers have a little warning before you install saying things like "This addon adds a new button" or other notes/warnings.

2. I got sick of running random scripts (from irc) and all of a sudden I have 5 new folders and 3 files made on my desktop.

 

So I made this smile.png a simple little checker to avoid unwanted stuff. I then expanded with other keyword groups.

it does nothing special, not really a sandboxie. It just reads the source and spits out a simple analysis that you might want to read through.


rawr. be very afraid
*poke*
. Populate the AutoHotkey city. Pointless but somewhat fun. .


BamBam4275
  • Members
  • 33 posts
  • Last active: Aug 01 2013 05:44 PM
  • Joined: 30 Aug 2011

Raptor i foresee this functionality being included in your live code.. i can paste a paste bin someone wants help with and click a button and itll tell me what kind of stuff its gunnu due!  Good job tidbit!



garry
  • Spam Officer
  • 3219 posts
  • Last active: Sep 20 2018 02:47 PM
  • Joined: 19 Apr 2005

I started your script and open the file PossiblyAHero.ahk , it says >  !!!DANGER!!! Dangerous Commands ......  smile.png   ,  ok just kidding

very interesting , thank you tidbit



jNizM
  • Members
  • 928 posts
  • Last active: Jan 12 2018 09:23 AM
  • Joined: 01 Aug 2012
Because of a GUI-BUG I changed your Gui a bit
 
Spoiler


20121228122syqvcf8w9o.jpg
[AHK] 1.1.27.04 x64 Unicode | [WIN] 10 Pro (Version 1709)
My GitHub Profile | Donations are appreciated if I could help you

tidbit
  • Administrators
  • 2709 posts
  • Hates playing Janitor
  • Last active: Jan 15 2016 11:37 PM
  • Joined: 09 Mar 2008

Garry: Hehe. If I used a real parser it wouldn't even detect itself.

 

jNizM: May I ask what bug? I don't see anything different other than set margins (which you didn't correctly set the second GUI) and some and some width changes.

 

Thanks all!

 

Edit: found a couple keyword issues. will update later.


rawr. be very afraid
*poke*
. Populate the AutoHotkey city. Pointless but somewhat fun. .


faqbot
  • Members
  • 997 posts
  • Last active:
  • Joined: 10 Apr 2012
is this the first AHK antivirus/sandboxie?

Nope, jslover was earlier "AHK Script Runner" http://www.autohotke...rum/#entry84025
code now unavailable and of course not ahk_l ready. I believe there was another check for "funny" things script as well.

tidbit
  • Administrators
  • 2709 posts
  • Hates playing Janitor
  • Last active: Jan 15 2016 11:37 PM
  • Joined: 09 Mar 2008

update: 1.11. tiny update.

fixed some regex in the keywords that I forgot to escape properly, some things were being detected when they shouldn't.


rawr. be very afraid
*poke*
. Populate the AutoHotkey city. Pointless but somewhat fun. .


jNizM
  • Members
  • 928 posts
  • Last active: Jan 12 2018 09:23 AM
  • Joined: 01 Aug 2012
Normal Gui-Settings (with Bug)
Spoiler

guibeforek0nrltcduq_thumb.jpg


Changed Gui-Settings
Spoiler

guiafteripm2z8c1g5_thumb.jpg



Before:
Gui, Add, Button, xm         w60    ,test
Gui, Add, Edit,   x+5   yp   w165   ,test
Gui, Add, Edit,   xm         w100   ,test
Gui, Add, Button, x+5   yp   w60    ,test
Gui, Add, Button, x+5   yp   w60    ,test
Gui, Show

After:
Gui, Add, Button, xm-1         w60    ,test
Gui, Add, Edit,   x+5   yp+1   w165   ,test
Gui, Add, Edit,   xm           w100   ,test
Gui, Add, Button, x+5   yp-1   w60    ,test
Gui, Add, Button, x+5   yp     w60    ,test
Gui, Show

unbenanntsj0wolxy53.jpg

I opened a topic here
[AHK] 1.1.27.04 x64 Unicode | [WIN] 10 Pro (Version 1709)
My GitHub Profile | Donations are appreciated if I could help you

tidbit
  • Administrators
  • 2709 posts
  • Hates playing Janitor
  • Last active: Jan 15 2016 11:37 PM
  • Joined: 09 Mar 2008

not a bug, just me being lazy and using GUI's autosize feature and not making things perfectly aligned. Thanks though smile.png I'll fix that later.


rawr. be very afraid
*poke*
. Populate the AutoHotkey city. Pointless but somewhat fun. .


MasterFocus
  • Moderators
  • 4323 posts
  • Last active: Jan 28 2016 01:38 AM
  • Joined: 08 Apr 2009

Once again, great work tidbit! I'll try it later. smile.png


-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Antonio França -- git.io -- github.com -- ahk4.net -- sites.google.com -- ahkscript.org

Member of the AHK community since 08/Apr/2009. Moderator since mid-2012.


tidbit
  • Administrators
  • 2709 posts
  • Hates playing Janitor
  • Last active: Jan 15 2016 11:37 PM
  • Joined: 09 Mar 2008

Thanks MastFocus!

 

jNizM:  since it seems it's not a bug and it displays differently on different OS's, I think i'll leave it as-is. But thanks for the insight on the quirk.


rawr. be very afraid
*poke*
. Populate the AutoHotkey city. Pointless but somewhat fun. .