| View previous topic :: View next topic |
| Author |
Message |
Keule
Cheater
![]() Reputation: 0
Joined: 08 Aug 2012
Posts: 25
|
 Posted: Mon Oct 14, 2013 9:16 am Post subject: [IMPORTANT] How to crypt this Code? |
 |
|
Hello CE-Community,
is there a secure Way to crypt this Code?
| Code: | http = require("socket.http")
ptr = http.request("URL/pointer.txt") |
I'm asking because i dont want any User, that uses CE-Reverse or similar Tools, getting access to the Pointer-File at my Server.
Cheers,
Keule
|
|
| Back to top |
|
 |
mgr.inz.Player
I post too much
 Reputation: 222
Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00
|
| Posted: Mon Oct 14, 2013 11:36 am Post subject: |
|
|
Nope, you can not.
Anyone who created more advanced trainers/cheats etc. is able to get that URL. The only thing you can do is to implement "handshake" authorization. After that you can pass pointer.txt content via PHP or something similar.
http://forum.cheatengine.org/viewtopic.php?t=567503
_________________
|
|
| Back to top |
|
|
daspamer
Grandmaster Cheater Supreme
 Reputation: 54
Joined: 13 Sep 2011
Posts: 1588
|
|
| Back to top |
|
|
mgr.inz.Player
I post too much
Reputation: 222
Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00
|
| Posted: Mon Oct 14, 2013 12:00 pm Post subject: |
|
|
well, it depends. If authorization is OK, client can send request: "give me pointers"
and server sends them.
@Keule
What exactly you keep inside pointer.txt ? CheatEngine multilevel pointers?
_________________
|
|
| Back to top |
|
|
daspamer
Grandmaster Cheater Supreme
Reputation: 54
Joined: 13 Sep 2011
Posts: 1588
|
| Posted: Mon Oct 14, 2013 12:23 pm Post subject: |
|
|
auth. based c.e, is not secure.
if the trainer gets reversed (and inside theres the auth. information)
whats the problem getting the values from server
i mean they will be capable of getting it
_________________
I'm rusty and getting older, help me re-learn lua. |
|
| Back to top |
|
|
Keule
Cheater
![]() Reputation: 0
Joined: 08 Aug 2012
Posts: 25
|
| Posted: Mon Oct 14, 2013 1:11 pm Post subject: |
|
|
Yes, inside pointer.txt will be just a CE Multipointer:
| Code: |
pointer.txt Strings: (Line #Comments arent included)
[game.exe+01234567]+3C // Line 1
[game.exe+01765432]+4C // Line 2
[[game.exe+DEADBABE]+5C]+14 // Line 3
[game.exe+12345678] // Line 4
http = require("socket.http")
readPtrFile = http.request("url/pointer.txt");
ptr = {}
for line in string.gfind (readPtrFile,"[^\n]+") do
ptr[#ptr+1] = line
end
local value1 = readFloat("[[" ..ptr[1].."]+18]+60")
local value2 = readFloat("[[" ..ptr[2].."]+3C]+10")
local value3 = readFloat("[" ..ptr[3].."]+3C")
local value4 = readFloat(ptr[4])
control_setCaption(UDF1_CELabel11, value1)
control_setCaption(UDF1_CELabel12, value2)
control_setCaption(UDF1_CELabel13, value3)
control_setCaption(UDF1_CELabel14, value4)
|
I just want the pointer.txt dont show [game.exe+12345678] , instead it should read a crypted string.
So in Steps:
1. Read a crypted string of pointer.txt, which is the encrypted Text of "[game.exe+12345678]" (i encrypt it then manually on Trainerupdate to write a new one down to pointer.txt then).
2. The Lua-Script encrypts this String automatically, and sets this Value as the Pointer.
The only Effect it should have at the End, that easy "Reversers" arent able to get my decrypted Basepointers+first_offset 
Last edited by Keule on Mon Oct 14, 2013 1:22 pm; edited 1 time in total |
|
| Back to top |
|
|
mgr.inz.Player
I post too much
Reputation: 222
Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00
|
| Posted: Mon Oct 14, 2013 1:18 pm Post subject: |
|
|
In that case you can not protect it.
I though that pointer.txt will contain some data which will only work for only one person.
@DaSpamer, well as we discussed earlier, everything inside cetrainer or generated EXE trainer can be hacked/cracked/dumped.
Properly made authorization, password hash check on server-side, can be good. Of course, if downloaded data can be used by other people ( [game.exe+01234567]+3C will work for others) anyone (skilled) can dump it.
EDIT
@Keule, by default all CheatEngine Lua scripts are in plain text.
example:
1. your trainer launched
2. I launch CE and attach it to your trainer (in this case it will be CE attached to another instance of CE)
3. I can read whole Lua script.
conclusion:
Never use decryption inside Lua script. It must be outside, at your server. But, legit (skilled) user can still dump those informations (pointers) and share it with others.
_________________
|
|
| Back to top |
|
|
Keule
Cheater
![]() Reputation: 0
Joined: 08 Aug 2012
Posts: 25
|
| Posted: Tue Oct 15, 2013 8:31 am Post subject: |
|
|
Okay, anyways thx for the Answers 
I'm going to Test a few Scripts now i took yesterday, maybe there will be a way soon...
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
