|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
Corroder Grandmaster Cheater Supreme Reputation: 75
Joined: 10 Apr 2015 Posts: 1667
|
Posted: Tue Jun 16, 2015 7:39 am Post subject: Execute lua script |
|
|
Hi, guys...
I made a trainer by CE designer form and writing script some functions in CE -> Table -> Show Cheat Lua Table.
Then i have copy and paste all script into lua engine. And delete all script from Show Cheat Lua Table and execute it from lua engine. It work good. Next i save script in lua engine as a lua file, say it "test.lua" and add this lua file with "add file" in CE -> Table.
The problem when i I save the trainer as CT file and open it, it seem not automatic execute test.lua file which has added in CT file.
Question :
1. Which lua command / function can auto execute test.lua when open
the trainer ?
2. I want it work without add or put test.lua in same directory with CE
trainer file [use require, dofile() or loadfile() ]
3. Does somebody help to explain or help to fix this problem ?
4. Is impossible to store our AOB code in cMemo and call it into aobscan
function ?
Thanks and regards...
|
|
Back to top |
|
|
panraven Grandmaster Cheater Reputation: 55
Joined: 01 Oct 2008 Posts: 941
|
Posted: Tue Jun 16, 2015 11:12 am Post subject: |
|
|
loadstring and with ce function findTableFile
eg.
Code: | --
function loadTableCode(n)
local t = findTableFile(n)
if t ~= nil then
local s = t.Stream
local c = readStringLocal(s.Memory,s.Size)
return c ~= nil and loadstring(c) -- return a function
end
end
local f = loadTableCode('loadtest.lua')
print(type(f))
if type(f) == 'function' then f() else print('not loaded') end
-- example content of 'loadtest.lua'
-- print('test') |
|
|
Back to top |
|
|
Corroder Grandmaster Cheater Supreme Reputation: 75
Joined: 10 Apr 2015 Posts: 1667
|
Posted: Tue Jun 16, 2015 10:07 pm Post subject: |
|
|
Thanks Panraven for solution...
I've tried it and it work good.
But the way, when i try open RAM process (use CE memory viewer or Hex Editor) while the trainer running, by open cheatengine-386 and view it in memory editor, still able to read script and codes.
My point is to hide or make hard to read code / script when someone try to leech and or steal the script and codes.
I tried with lua encryption function, e.q :
Code: |
local script = string.dump(
function()
--Content
print("Camouflaging Done.")
end
)
buff=""
for v=1,string.len(script) do --Convert our string into a hex string.
buff=buff..'\\'..string.byte(script,v)
end
file=io.open('encrypted.txt','w') --Output our bytecode into ascii format to encrypted.txt
file:write(buff)
file:flush()
file:close()
|
it work only give encrypted code in ASCII format and save it in a txt file. But still able to see script and code by memory viewer or Hex editor.
I am still to look best method / tool which can be use for encrypting or obfuscating script and code. (for Lua Table and or Lua script).
Next, what about your opinion to do protecting our CE file (CETRAINER / STAND ALONE EXE file) script and or code, make it more hard to read in memory viewer or Hex editor :
1. By obfuscating exe file or
2. (Is it Possible) use crypto tool to manipulating text or
3. (is it Possible) change UTF-8 to UTF-16 or other or
4. Other methods
I thinking about put leecher trap (camouflage codes) inside the trainer script with make substitute for some function or codes.
i try doing this for example :
i have original AOB code : D0 D1 66 XX YY 99 9A ZZ
and replace code is : D0 D0 66 XX YY 99 9A 00
Code: |
c1 = "D0 D1 66"
c2 = "XX YY 99 9A ZZ"
sp = string(" ")
fs = aobscan() ------ change function aobsan() name with something
r1 = tostring("0xd0, 0xd0")
r2 = 'tostring(0x00")
-- leecher trap
-- put fake script here....
-- bla bla bla
-- contains aobscan() / aobswap() / luacall / [ENABLE] [DISABLE] etc etc
function CEButton1Click (sender)
resultList = fs(tostring(c1)+sp+tostring(c2)"+W*X-C") --- not sure use this "+" to combine all code or use ","
if (resultList) then
lngt = resultList.getCount()
for x=0, lngt-1, 1 do
writeBytes(resultList[x], tostring(r1), 0x66, 0xXX, 0xYY, 0x99, 0x9A, r2) end
resultList.Destroy()
resultList = nil
end
|
Also i try to change AOB, to a stirng (number) e.q d0 =46, d1 = 47, etc...
or how if we put our code in a memo or as a lua table and load it in a button(s) function ?.
I hope any solution to protecting our script / codes from leecher and steal.
Regards
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 457
Joined: 09 May 2003 Posts: 25262 Location: The netherlands
|
Posted: Wed Jun 17, 2015 2:41 am Post subject: |
|
|
see if you can build(and probably fix) the luac executable using the ce lua source. convert a lua script into raw lua bytecode, and then load that
i never got that to work properly though, so may need some bugfixing (i did get it to work in lua 5.3)
Anyhow, why concern yourself about leechers. Just be the first to publish your findings in public and everyone will know you got it first and give you credits, even if other people find it themselves later on. (it's how patents and scientific research papers work as well)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
panraven Grandmaster Cheater Reputation: 55
Joined: 01 Oct 2008 Posts: 941
|
Posted: Wed Jun 17, 2015 7:50 am Post subject: |
|
|
load is similar to loadstring, but it use a custom reader function as input instead of explicit string. So the source can be encoded 1st, and decoded by this reader function.
eg.
Code: | --[[
--- this encoding not work for double byte char
local script="local aob = 'my aob 12 ff 22 ee 77 dd' print(#aob) print('-done-')"
local encoded,hash = {},script:len()
for i=1,script:len() do table.insert(encoded,bXor(hash+i,script:sub(i,i):byte()) % 256) end
local ms = createMemoryStream()
ms.write(encoded,#encoded)
ms.saveToFile('_testcode')
ms.Destroy()
--- manual load the disk file '_testcode' as tableFile in ct
--]]
function loadTableCode(n) -- this has to match the encoding method above now
local t = findTableFile(n)
local r -- reader function for _load_
if t ~= nil then
local s = t.Stream
local i,hash = -1,s.Size
r = function()
i=i+1 -- i is zero-base now, so +1 in xor function
if i < s.Size then return string.char(bXor(hash+i+1, s.read(1)[1]) % 256) end
end
end
return r ~= nil and load(r) -- a function when execute
end
local ff = loadTableCode('_testcode')
-- the target string should not be found before the function executed? ah.. no, but it is more likely broken in parts in memory.
-- if type(ff)=='function' then ff() else print('not load') end |
ofc this is just using an egg to hide the chicken. One can still reveal your encoded code from the loadTableCode in ct xml source , it just rise the bar a bit higher to prevent lame leecher.
No matter how sophisticated the source encoding is, if you provide the aob string for the aobscan / memscan function in run time, the aob string will still stay on the memory 'for a while' . Try use local variable to hold the string so that there is higher chance the string will be garbage collect / overwrote sooner.
The memscan can accept aob as table if I'm not wrong, where -1 means 'wildcard' bytes. Then the aob table can be read from an encoded binary. It is harder to memory search a table than a string, I guess.
Alternatively, you can hide the tree in a forest if using aob string. That's instead of hiding the target aob string, we provide many false targets to confuse a lame leecher. This function generate many aob pattern string and then garbage collect. Try run this function before and after the scanning and in the very beginning of code initial, or periodically from a timer function (n=100 is good enough I think).
Code: | function makeForest(n,showcheck) -- this g for flash bytecode, change if need
local g = {'202825262a2b29d0d1d2d3d4a0a1a2a3','246263656c6d','2561666869','464f10111213141516'}
local t,r = {},function(m) return math.floor(math.random()*m) end
for i=1,n do
local s,l = {},r(10)+4
for j=1,l do
local a = r(#g)
local k = bShr(r(#g[1+a]),1)
table.insert(s,string.sub(g[1+a],k*2+1, k*2+2))
for i=1,a do table.insert(s,'??') end
end
t[i]=table.concat(s,' ')
if showcheck==true then print(t[i]) end
end
t = nil -- release
collectgarbage()
end
makeForest(10,true) -- no true when in actual running |
|
|
Back to top |
|
|
Corroder Grandmaster Cheater Supreme Reputation: 75
Joined: 10 Apr 2015 Posts: 1667
|
Posted: Thu Jun 18, 2015 7:15 am Post subject: |
|
|
The reason to hide our script / code (for game hack trainer) because a lot of people who join in a game hacking group , perform " leeching " our trainer when we release it to public . Furthermore, they just change the title of the trainer and they claim as their own work and as a founder.
More , they sold or exchanged the trainer with anything is in their advantages.
I just not understand why they don't want to learn, ask how, search some samples and try make it by their own.
I think some of expert cheaters and hackers here ever had experienced something like this and quite resent it.
I am not expert cheater or hacker, that is the reason I am join this forum in connections to learn, ask and share things specially about CE and LUA scripting. All knowledge start from nothing, by learn, it should comes to everything or something useful for ourselves or public.
Thanks to DB for hints and also Panraven for codes and explanation.
I have try implementation the codes to getting out the best work of them.
One question to Panraven (and others), is it better use :
Code: |
luaL_loadbuffer(L,script,strlen(script),”=noname”)
|
to load script even use load_dostring?.
How to implement it intoi a function ?
B/Regards
|
|
Back to top |
|
|
panraven Grandmaster Cheater Reputation: 55
Joined: 01 Oct 2008 Posts: 941
|
Posted: Thu Jun 18, 2015 10:11 am Post subject: |
|
|
oh, that's c-api for the lua language.
I've no idea exactly how it work.
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|