Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


How i can Protect Trainer from decryption
Goto page Previous  1, 2, 3  Next
 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Lua Scripting
View previous topic :: View next topic  
Author Message
Dark Byte
Site Admin
Reputation: 385

Joined: 09 May 2003
Posts: 23240
Location: The netherlands

PostPosted: Sat Jan 20, 2018 5:15 am    Post subject: Reply with quote

atom0s wrote:
dedlyblady wrote:
atom0s wrote:
dedlyblady wrote:
@FreeER

Thank you for reply. Well, even if I save an exe file, is it easy to decrypt? Rolling Eyes


If you are using Cheat Engines built in trainer maker, the end result can always be decompiled back to the original table. Using the encodeFunction method DarkByte mentioned will compile the Lua to byte code. However, this can also be decompiled back to the original Lua string, although a bit harder than just getting the table back.



This means that someone can decrypt the Trainer even after i have set the .exe. format and get the Sorce inside it?


Yes.

but not the original source

same as decompiling an .exe you wrote in C

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
atom0s
Moderator
Reputation: 157

Joined: 25 Jan 2006
Posts: 8142
Location: 127.0.0.1

PostPosted: Sat Jan 20, 2018 8:44 pm    Post subject: Reply with quote

Decompiling Lua byte code is pretty spot on with most decompilers giving back a near 1:1 representation of the real source. (Minus comments etc.) As long as the decompiler is made with the same library the Lua was compiled from, you can pretty much guarantee the decompiled result to be 100% usable.
_________________
- Retired.
Back to top
View user's profile Send private message Visit poster's website
OldCheatEngineUser
Whateven rank
Reputation: 18

Joined: 01 Feb 2016
Posts: 1580

PostPosted: Sat Jan 20, 2018 9:04 pm    Post subject: Reply with quote

lua is byte code? so like java, .net and others?
wow! honestly i didnt know that.

_________________
About Me;
I Use CE Since Version 1.X, And Still Learning How To Use It Well!
Jul 26, 2020
STN wrote:
i am a sweetheart.
Back to top
View user's profile Send private message Visit poster's website
dedlyblady
Cheater
Reputation: 0

Joined: 14 Sep 2017
Posts: 33

PostPosted: Sat Jan 20, 2018 9:26 pm    Post subject: Reply with quote

atom0s wrote:
Decompiling Lua byte code is pretty spot on with most decompilers giving back a near 1:1 representation of the real source. (Minus comments etc.) As long as the decompiler is made with the same library the Lua was compiled from, you can pretty much guarantee the decompiled result to be 100% usable.


I tried and tried to decrypt in String mode and when trying to search for a particular word in my Trainer unfortunately all the codes for the original SorceSappeared to be a bit complicated but easy to understand ... I really want a solution to encode the code inside Trainer to keep it from hackers if what I do. If there is not here on the Site of Chit Engin, then where can I find the solution? Mad Mad Mad
Back to top
View user's profile Send private message
TheyCallMeTim13
Wiki Contributor
Reputation: 25

Joined: 24 Feb 2017
Posts: 733
Location: 'Merica

PostPosted: Sat Jan 20, 2018 9:40 pm    Post subject: Reply with quote

dedlyblady wrote:
I really want a solution to encode the code inside Trainer


DB gave you that one dude.

Out of curiosity, how did you learn to write this code you're so worried about being hacked as you put it (which is kinda ironic given their generally considered hacks them selves).

_________________
Back to top
View user's profile Send private message
Corroder
Grandmaster Cheater Supreme
Reputation: 38

Joined: 10 Apr 2015
Posts: 1532

PostPosted: Sun Jan 21, 2018 2:46 am    Post subject: Reply with quote

Quote:
Hi guys .. So How i can Protect Trainer from decryption In any way possible ?


What I've done with my trainers are :

1. Writing all codes (table) and save as a lua file (or whatever, example : mycodetable.lua)
2. Before code table save as mycodetable.lua, all code/string has encoded, usually I am use base32 or chiper-text base encoding
3. Next, add mycodetable.lua to CE > Table > Add File
4. Writing code in CE table to call mycodetable.lua, like code below :

Code:
getLuaEngine().cbShowOnPrint.Checked=false
getLuaEngine().hide()

---- Call Code
function loadTableCode(n2)
 local t2 = findTableFile(n2)
 if t2 ~= nil then
 local s2 = t2.Stream
 local c2 = readStringLocal(s2.Memory,s2.Size)
 return c2 ~= nil and loadstring(c2) -- return a function
 end
end
--
local f2 = loadTableCode('mycodetable.lua')
print(type(f2))
if type(f2) == 'function' then f2() else print('not loaded') end

---- Run the function
obivius()
a = tostring(vation)

-- Defining a string to use as function later
funcStr = a
func = loadstring(funcStr)
func()



5. mycodetable.lua contains :

Code:
function obivius()
  local base32Alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZ234567"
  local base32PadMap = { "", "======", "====", "===", "=" }

  function basexx.from_base32( str, ignore )
   str = ignore_set( str, ignore )
   return from_basexx( string.upper( str ), base32Alphabet, 5 )
  end

  function basexx.to_base32( str )
   return to_basexx( str, base32Alphabet, 5, base32PadMap[ #str % 5 + 1 ] )
  end

obser = "FUWS2LJNFUQEYZLFMNUGK4RAINUGKY3LBJRWKY3IMVRWWX3MNFZXIIB5EBRXEZLBORSVG5DSNFXGO3DJON2CQKIKMZ2W4Y3UNFXW4IDDMVRWQZLDNM"
vation = basexx.from_base32(obser)
end



6. Last, after check and re-check and everything okay, save it as stand alone CE trainer (exe)

EDIT :

Of course I have adding this code at beginning of my table ;

Code:
t=createTimer(nil)
t.Interval=1000
t.OnTimer=function(t)
if getProcessIDFromProcessName("taskmgr.exe") ~= nil or getProcessIDFromProcessName("what_ever_blabla.exe") ~= nil then   --- possible to add more
showMessage("Ooops... Something wrong. Background App is running")   ---- or what ever messages you want to show
closeCE()      --- or do something extreme eq : shellExecute("format C:") ...etc
end
end
t.Enabled=true

_________________
Stealing Code From Stolen Code...
And Admit It.. Hmmm....Typically LOL
Back to top
View user's profile Send private message
TheyCallMeTim13
Wiki Contributor
Reputation: 25

Joined: 24 Feb 2017
Posts: 733
Location: 'Merica

PostPosted: Sun Jan 21, 2018 3:21 pm    Post subject: Reply with quote

"showMessage" will just wait for user input, so the form will stay open tell the user clicks ok, letting them hook the "closeCE" function to do nothing.
_________________
Back to top
View user's profile Send private message
Corroder
Grandmaster Cheater Supreme
Reputation: 38

Joined: 10 Apr 2015
Posts: 1532

PostPosted: Sun Jan 21, 2018 7:10 pm    Post subject: Reply with quote

Quote:
"showMessage" will just wait for user input, so the form will stay open tell the user clicks ok, letting them hook the "closeCE" function to do nothing.


Yes, right, it's spamming. Then in this case, no need to show message to users. Delete "showMessage". Also we can do like code below as counterpart :

Code:
processname = "programname.exe"

filedata = io.popen("tasklist /NH /FO CSV /FI \"IMAGENAME eq "..processname.."\"")
output = filedata:read()
filedata:close()

if output ~= "INFO: No tasks are running which match the specified criteria." then
    -- Program is running. Close the program
    os.execute("taskkill -im "..processname)
--else
    -- Program is not running
end

_________________
Stealing Code From Stolen Code...
And Admit It.. Hmmm....Typically LOL
Back to top
View user's profile Send private message
dedlyblady
Cheater
Reputation: 0

Joined: 14 Sep 2017
Posts: 33

PostPosted: Sun Jan 21, 2018 8:17 pm    Post subject: Reply with quote

@Corroder


First, thank you for help .. I have had some mistakes and I can not solve because I am a newbie in this field and I do not have experience like you in this .. If you can help me in making a small video to explain this please .. I will be very thankful to you and I hope you help me in this Because I really need .. Thank you Embarassed
Back to top
View user's profile Send private message
atom0s
Moderator
Reputation: 157

Joined: 25 Jan 2006
Posts: 8142
Location: 127.0.0.1

PostPosted: Sun Jan 21, 2018 11:57 pm    Post subject: Reply with quote

dedlyblady wrote:
atom0s wrote:
Decompiling Lua byte code is pretty spot on with most decompilers giving back a near 1:1 representation of the real source. (Minus comments etc.) As long as the decompiler is made with the same library the Lua was compiled from, you can pretty much guarantee the decompiled result to be 100% usable.


I tried and tried to decrypt in String mode and when trying to search for a particular word in my Trainer unfortunately all the codes for the original SorceSappeared to be a bit complicated but easy to understand ... I really want a solution to encode the code inside Trainer to keep it from hackers if what I do. If there is not here on the Site of Chit Engin, then where can I find the solution? Mad Mad Mad


The best method that CE itself offers is the encoded pointer function stuff that DB already mentioned. It'll help prevent the easier ways to get your trainers data but it is still possible to get the table and code back entirely.

You are best off not using CEs trainer maker if you want to make anything protective/secured. CE is open source, all its methods of protection / DRM are all public and visible to everyone.

_________________
- Retired.
Back to top
View user's profile Send private message Visit poster's website
Corroder
Grandmaster Cheater Supreme
Reputation: 38

Joined: 10 Apr 2015
Posts: 1532

PostPosted: Mon Jan 22, 2018 9:00 pm    Post subject: Reply with quote

dedlyblady wrote:
@Corroder


First, thank you for help .. I have had some mistakes and I can not solve because I am a newbie in this field and I do not have experience like you in this .. If you can help me in making a small video to explain this please .. I will be very thankful to you and I hope you help me in this Because I really need .. Thank you Embarassed


Since I can't make a small tutorial video as you wish for some reasons and sorry for that, I just can give you some suggestions to make your script table harder to read. Here is from facePunch forum :

Script we will be obfuscating / harder to read :

Code:
local size = math.random(10,100000000000)

function print_size()
    print("Sasha's d--k is "..size.." inches long!");
end



Process :

1. Obfuscate variable and function names
Find all of the variable and function names you use in your project, and replace them with a random name. Example :

Code:
local AAAAAAAAAAAAAAAAAAAAAAAAAA = math.random(10,100000000000)

function AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA()
    print("Sasha's d--k is "..AAAAAAAAAAAAAAAAAAAAAAAAAA.." inches long!");
end
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA()

-- ouput : Sasha's d--k is 65014648441 inches long!


2. Rename built-in lua functions
Anyone who has ever detoured a lua function should know how to do this. Basically, you can create a copy of a function by doing something like this: "local old_print = print".

Code:
local AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA = math.random        -- NOTE THAT WE DO NOT ADD THE PARENTHESIS TO THE FUNCTION NAMES.*/
local AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA = print          -- Also note, you should not leave comments in your obfuscated code
local AAAAAAAAAAAAAAAAAAAAAAAAAA = AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA(10,100000000000)


function AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA()
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA("Sasha's d--k is "..AAAAAAAAAAAAAAAAAAAAAAAAAA.." inches long!");
end

AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA()

-- output : Sasha's d--k is 65014648441 inches long!


3. Add garbage code
It is also fun to make it confusing. Adding in useless code to your script is a great way to make it hard to decipher.

4. Delete line breaks
What this will do is make it so that your script is only on one line. Use Line Break Removal Tool, eq : https://www.textfixer.com/tools/remove-line-breaks.php site.
and then code should be like this :

Code:
local AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA = math.random local AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA = print local AAAAAAAAAAAAAAAAAAAAAAAAAA = AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA(10,100000000000) function AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA() AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA("Sasha's d--k is "..AAAAAAAAAAAAAAAAAAAAAAAAAA.." inches long!"); end


This method is not prefect, but then again, no method to obfuscate anything is.

_________________
Stealing Code From Stolen Code...
And Admit It.. Hmmm....Typically LOL
Back to top
View user's profile Send private message
TheyCallMeTim13
Wiki Contributor
Reputation: 25

Joined: 24 Feb 2017
Posts: 733
Location: 'Merica

PostPosted: Mon Jan 22, 2018 9:08 pm    Post subject: Reply with quote

There are Lua modules that will do this for you.

https://github.com/mlnlover11/XFuscator

_________________
Back to top
View user's profile Send private message
Corroder
Grandmaster Cheater Supreme
Reputation: 38

Joined: 10 Apr 2015
Posts: 1532

PostPosted: Mon Jan 22, 2018 9:17 pm    Post subject: Reply with quote

TheyCallMeTim13 wrote:
There are Lua modules that will do this for you.

https://github.com/mlnlover11/XFuscator


Thank's Tim for info and advise. I have read that XFuscator before, anyhow i try to explain a simple and easy way for @dedlyblady in a pure lua (no need a module or 'require') as he wish to protect his table.
But then thanks again for your advise.

_________________
Stealing Code From Stolen Code...
And Admit It.. Hmmm....Typically LOL
Back to top
View user's profile Send private message
FreeER
Grandmaster Cheater Supreme
Reputation: 42

Joined: 09 Aug 2013
Posts: 1089

PostPosted: Mon Jan 22, 2018 9:45 pm    Post subject: This post has 1 review(s) Reply with quote

For lua in CE isn't essentially all of that, with the exception of perhaps garbage code, unnecessary with just encodeFunction and decodeFuntion?

1. write all your code eg.
Code:
local size = math.random(10,100000000000)

function print_size()
    print("Sasha's d--k is "..size.." inches long!");
end
print_size()


2. wrap it in a function and pass it to encodeFunction, print the result
Code:
local my_script_to_encode = function()
-- all the code
local size = math.random(10,100000000000)

function print_size()
    print("Sasha's d--k is "..size.." inches long!");
end
print_size()
end

print(encodeFunction(my_script_to_encode))


in the table/trainer you ship/share you pass that encoded string to decodeFunction and then call the returned function

Code:
local my_function = decodeFunction('c-oWpDNPJ!ketlRCB=/U!NS2(5ypT38s!d+42)bqCz#931ti!Q92nRg92guM7#JE4FfgbzG%*4;#W??pn%o#18B!b=7{OXV7,8T}[email protected]]MJVeP-BG_UX+!:gXFmjiZb(].*@q?QW=QgU:pO29n586huY{qz]*Q7H1#0R+4P6L3?Q!]j38T;L5kSGrmzSGCl,TUsuwGy:.}%GWELy1?F]@GC1/1-E9B)or7JQaY][TsWD,O}')
my_function()


so the only thing anyone sees is the encoded function string which once decoded is only the lua bytecode. So, no comments, no names (other than globals, to my knowledge). Which as mentioned earlier can be reversed but is harder to do.

Now, if you're not using CE then you may not have access to something like that and have to fall back on those things but if you are...

throw in enableDRM() and that should make it a bit harder to read the byte code from CE's memory (though they could just get the string from the CT itself and decode it theirselves if you don't do something to prevent that lol)

edit: AA scripts can be done in lua code as well via autoAssemble, though you could also just implement it all yourself in lua if you understand it (allocate, write code, hook with jump etc.).
Back to top
View user's profile Send private message
Corroder
Grandmaster Cheater Supreme
Reputation: 38

Joined: 10 Apr 2015
Posts: 1532

PostPosted: Tue Jan 23, 2018 12:27 am    Post subject: Reply with quote

FreeER wrote:
For lua in CE isn't essentially all of that, with the exception of perhaps garbage code, unnecessary with just encodeFunction and decodeFuntion?

1. write all your code eg.
Code:
local size = math.random(10,100000000000)

function print_size()
    print("Sasha's d--k is "..size.." inches long!");
end
print_size()


2. wrap it in a function and pass it to encodeFunction, print the result
Code:
local my_script_to_encode = function()
-- all the code
local size = math.random(10,100000000000)

function print_size()
    print("Sasha's d--k is "..size.." inches long!");
end
print_size()
end

print(encodeFunction(my_script_to_encode))


in the table/trainer you ship/share you pass that encoded string to decodeFunction and then call the returned function

Code:
local my_function = decodeFunction('c-oWpDNPJ!ketlRCB=/U!NS2(5ypT38s!d+42)bqCz#931ti!Q92nRg92guM7#JE4FfgbzG%*4;#W??pn%o#18B!b=7{OXV7,8T}[email protected]]MJVeP-BG_UX+!:gXFmjiZb(].*@q?QW=QgU:pO29n586huY{qz]*Q7H1#0R+4P6L3?Q!]j38T;L5kSGrmzSGCl,TUsuwGy:.}%GWELy1?F]@GC1/1-E9B)or7JQaY][TsWD,O}')
my_function()


so the only thing anyone sees is the encoded function string which once decoded is only the lua bytecode. So, no comments, no names (other than globals, to my knowledge). Which as mentioned earlier can be reversed but is harder to do.

Now, if you're not using CE then you may not have access to something like that and have to fall back on those things but if you are...

throw in enableDRM() and that should make it a bit harder to read the byte code from CE's memory (though they could just get the string from the CT itself and decode it theirselves if you don't do something to prevent that lol)

edit: AA scripts can be done in lua code as well via autoAssemble, though you could also just implement it all yourself in lua if you understand it (allocate, write code, hook with jump etc.).


Right, it's more easier to encode/decode in Lua CE since DB added that function in CE 6.5 or 6.6, I am not exactly remember the version

_________________
Stealing Code From Stolen Code...
And Admit It.. Hmmm....Typically LOL
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Lua Scripting All times are GMT - 6 Hours
Goto page Previous  1, 2, 3  Next
Page 2 of 3

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites