Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Example of 32/64 bit Lua obfuscation (CE Gui Extension)

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Extensions
View previous topic :: View next topic  
Author Message
AylinCE
Grandmaster Cheater
Reputation: 10

Joined: 16 Feb 2017
Posts: 671

PostPosted: Wed Nov 17, 2021 3:26 am    Post subject: Example of 32/64 bit Lua obfuscation (CE Gui Extension) Reply with quote

And hello again..

Let's not get into this discussion again;
Lua can't be hidden, and anyone who knows their stuff can unravel it.
Unfortunately, this is true and it is pointless to argue.

So what are the things to do?
Only the degree of surprise can be increased. (Masters can provide examples of this)

Inspired by global shares, I created a starter plugin.
I hope it will hold you for a while.

Thanks to @mgr.inz.Player for the 32 and 64 bit integrated gui.

PS: If you solved it, keep it to yourself. Being arrogant won't do you any good!

Download the add-on package from the link below and;
https://www.dosyaupload.com/2M89e/EncodeLuaScriptV2.rar

(Unzip the rar package. Copy the .lua extension document for a folder and menu in it) Drop it into the CE>>Autorun folder.

Content and description:

    1) The box to drop the encoded text.
    2) Copy the CE Lua Script code completely to the box to be encrypted.
    3) Clears boxes 1 and 2.
    4) Starts 32 and 64 bit encryption.
    5) Type your own signature for the spoof function name.
    6) It records the signature no. 5 and the explanation you will write in the 2nd box. (This record is automatically loaded every time you open it. Do not forget to write a description in the 2nd box, for example, "This script was created by AylinCE")
    7) To view your current Signature and description if you forgot.
    Cool Lets you copy the encrypted output.
    9) Transmits the encrypted output into CE Lua script. (Warning: CE deletes the code inside the Lua Script and leaves the encrypted code in its place)
    10) Encrypted output and annotation box for Signature.


--###############################--
Reminder: There are no unsolved puzzles. Shocked Shocked
Taking concealment a step further; It is useful for improving encryption. Evil or Very Mad Evil or Very Mad
--###############################--

We are waiting for different posts from the masters for surprise tactics. Question

Until we meet on another useful topic;
Enjoy it.



EncGuiDesc.PNG
 Description:
 Filesize:  43.27 KB
 Viewed:  2631 Time(s)

EncGuiDesc.PNG



_________________
Hi Hitler Take control of your trainer
Enthusiastic people: Always one step ahead
Do not underestimate me Master: You were a beginner in the past
Back to top
View user's profile Send private message Visit poster's website MSN Messenger
atom0s
Moderator
Reputation: 181

Joined: 25 Jan 2006
Posts: 8346
Location: 127.0.0.1

PostPosted: Sun Nov 21, 2021 2:05 pm    Post subject: Reply with quote

Quote:
PS: If you solved it, keep it to yourself. Being arrogant won't do you any good!


There is a difference between being arrogant and warning people from using something that does not actually add any security to their scripts. I'd rather people not waste their time/effort adding a bunch of bloat to their code for no gain besides basic level skiddy copy/pasting.

I will give my feedback and show why it is a weak means of protection.


1. It connects to the internet.

There is no reason this should ever be connecting to the internet given you posted it publicly for free. It tries to validate itself against a Google doc to ensure it's still "available". This is pointless and easy to bypass without any effort. If you have Fiddler or Wireshark, you can easily fake the data returned and bypass this check without knowing how to code in Lua at all.


2. It adds junk code that is entirely pointless and easily understood to be junk.

Doing things like this:

Code:

function nErTiGeL_ilIilI(iElIinlTI5391ilI)local ilInErTiGElilI = (5*3-2/8+9*2/9+8*3) end local ilInErTiGElilI = (5*3-2/8+9*2/9+8*3)


Is entirely pointless. It is extremely easy to just look at this and see it does nothing. The fact that its the same data just different var/func names also helps show it's useless junk code. If your goal is to add control flow obfuscation, you need to actually inter-weave junk code with real code. As it is now, it's extremely easy to see this is doing nothing and can be removed/ignored.

Even a newbie to Lua will figure out this is doing nothing pretty easily/fast. All you need to understand is how Lua functions work and scope (local vs global) and you can understand this is doing nothing.


3. The end result is just 'load' "obfuscated" 3 times.

Your 'protection' is not doing anything other than passing the original script through 'load' multiple times while appending the junk code above and wrapping it into a new function 'ByAylinCE'. This isn't doing anything that is hard to undo/understand by even entry level Lua coders.

This is basically the same thing as taking a password and base64'ing it 3 times and considering it secure.

Lua's 'load' function does not do anything for security at all. Because of how you're using it as well, you just pass the strings each time, allowing it to be self-defeated pretty easily. You can override 'load' and have it self-unpack anything that has ran through your script like this:

Code:

--[[
* Emulate expected CE functions and variables that the outer script(s) may rely on.
*
* This is needed if you plan to run this deobfuscation outside of CE's Lua environment, ie. with Lua for Windows.
--]]
local cheatEngineIs64Bit = function () return false; end

--[[
* Overrides the 'load' global function to recursively self-call until an inner 'loadstring' attempt fails.
--]]
local load_o = load;
load = function (s)
    assert(type(s) == 'string', 'Unsupported load type.');

    -- Return a recurive deobfuscation helper function instead of what 'load' expects..
    return function ()
        local status, ret = pcall(function () return loadstring(s); end);
        assert(status == true, 'Failed to deobfuscate script!');

        status, ret = pcall(function () ret(); end);
        if (status ~= true) then
            -- Assume the last attempt that fails is the real script..
            print(s);
        end
    end
end

---------------------------------------------------------------------------------------------------
-- Paste the full initial Lua script data below this line!
---------------------------------------------------------------------------------------------------


This script will work even outside of CE. For example, if you want to use a Lua environment such as Lua for Windows.

Simply paste the above into a new Lua script, then below the last line, as it states, paste the original Lua script from your tool into it.

For the tool itself, you can decrypt both parts:
- EncLuaScriptV2.lua -> Just paste the entire file below the line stated above.
- EncodeLuaScriptV2/EncodeLuaScriptV2.CETRAINER -> Paste the Lua script between <LuaScript> ... </LuaScript>.


I am not trying to deter you from working towards protecting your scripts. I just want to inform you/others on what is or isn't actually helping/protecting things and how easy it is to undo/reverse what you've done to try to protect things. In this case, this is not protecting anything overall. And entry level Lua coders can figure this out pretty easily.

You are still better off using encodeFunction. If you are releasing trainers made in CE, your best bet is to alter the byte code of Lua itself so that all current available tools for decompiling Lua byte code don't just work out of the box. Change the order/id of things, add extra fluff/obfuscation to the actual byte code compiler, etc. Doing anything from the Lua script level will easily be undone/bypassed.

_________________
- Retired.
Back to top
View user's profile Send private message Visit poster's website
Csimbi
I post too much
Reputation: 82

Joined: 14 Jul 2007
Posts: 2834

PostPosted: Wed Nov 24, 2021 11:28 am    Post subject: Reply with quote

*facepalm*
Back to top
View user's profile Send private message
AylinCE
Grandmaster Cheater
Reputation: 10

Joined: 16 Feb 2017
Posts: 671

PostPosted: Sun Nov 28, 2021 3:05 pm    Post subject: Re: Example of 32/64 bit Lua obfuscation (CE Gui Extension) Reply with quote

atom0s wrote:
...


AylinCE wrote:
And hello again..

Let's not get into this discussion again;
Lua can't be hidden, and anyone who knows their stuff can unravel it.
Unfortunately, this is true and it is pointless to argue.


This was already stated.
While there are 100 people who will give the same solution as you; why did you just spend time deciphering a simple code?

Questioning the current situation rather than sharing an example!

I know the code is unprotected.
The reason why I published the subject was to see examples from the masters.

"Questioning the current situation rather than sharing an example!"

And we are still in the same place! No progress! Rolling Eyes Rolling Eyes Rolling Eyes

_________________
Hi Hitler Take control of your trainer
Enthusiastic people: Always one step ahead
Do not underestimate me Master: You were a beginner in the past
Back to top
View user's profile Send private message Visit poster's website MSN Messenger
atom0s
Moderator
Reputation: 181

Joined: 25 Jan 2006
Posts: 8346
Location: 127.0.0.1

PostPosted: Sun Nov 28, 2021 8:56 pm    Post subject: Reply with quote

AylinCE wrote:
AylinCE wrote:
And hello again..

Let's not get into this discussion again;
Lua can't be hidden, and anyone who knows their stuff can unravel it.
Unfortunately, this is true and it is pointless to argue.


This was already stated.
While there are 100 people who will give the same solution as you; why did you just spend time deciphering a simple code?


Putting a disclaimer on the topic does not absolve it from being criticized or try to hide it from having feedback posted. You made the topic with a buzzword people who look to 'protect' their scripts search for. Not just for CE-related stuff, but stuff in Lua in general. Tons of things use Lua and have huge userbases behind them were trying to protect scripts is common practice.

I point was to point out how little this tool actually does in regards to even 'obfuscation' because just running Lua through its own functions is not really much obfuscation at all. And appending junk code that does absolutely nothing or effect the result in any manner is also not helping.

This just creates a false sense of security for someone that is searching for something to protect their work. Your disclaimer is also very specific to how the topic of protection has been on this forum/community alone. People searching outside of this forum and landing up here wont have a clue what your first paragraph meant and just ignore it.

Your post content also misleads people by saying stuff will be encrypted, that the output is encrypted, etc.
This isn't true.

AylinCE wrote:
Questioning the current situation rather than sharing an example!


I already gave a suggestion. Read the last sentence of my post above.

If your goal is to make an actual obfuscator, then you need to do actual edits to the code that is given as input. Like I said above, your code is the equivalent of doing base64 3 times on a password. That is not obfuscation or protection, at all.

If you plan to stick to just plan Lua, no matter what you do it'll be able to be undone. Simple point. But you can make it harder for people to read the output after any means of trying to undo the obfuscation by doing things such as:

- Variable obfuscation.
--> Rename variables to either random junk or misleading names.
--> Change variables from static values to calculations, lookups, etc.
--> Remove variables altogether.
--> Move all variables into a single table.

- String obfuscation.
--> Encrypt, compress, etc.
--> Remove direct string usage from calls/params and such.

- Control flow obfuscation.
--> Alter the script to add complexity. Break functions apart and add junk branching and similar tactics.
--> Break apart common things like basic if/else.
--> Add polymorphic handling of various things. (Lua's metatable system is extremely powerful for this.)


However again, this being done inside of stock Lua code is not idea. The better route to take is still to run your own version of Lua, modify the byte code that is compiled, and still do extra steps afterward. You can do a lot more in regards to obfuscation if you are working with byte code instead of actual Lua code. Working with actual code would require you to write/use a lexar and anaylize the source text as-is. With how many ways Lua can be written, what is optional (ie. parenthesis, line endings, new line breaks, etc.) this can become pretty annoying.

In CE, you can take the output from encodeFunction and remove the base85 layer and then work with the raw byte code yourself. Write your own custom VM to process and manipulate the data etc.

There are tons of ways to do things to help add layers of protection.

_________________
- Retired.
Back to top
View user's profile Send private message Visit poster's website
Csimbi
I post too much
Reputation: 82

Joined: 14 Jul 2007
Posts: 2834

PostPosted: Mon Nov 29, 2021 2:12 pm    Post subject: Reply with quote

atom0s,
none of that is going to protect code from an attacker with time.
It'll only protect from wannabes, same as AylinCE's so called obfuscation.
By now the download link does not even work, I think AylinCE realized it's worthless and taken it down to spare him from further humiliation.
Back to top
View user's profile Send private message
atom0s
Moderator
Reputation: 181

Joined: 25 Jan 2006
Posts: 8346
Location: 127.0.0.1

PostPosted: Tue Nov 30, 2021 6:31 pm    Post subject: This post has 1 review(s) Reply with quote

Csimbi wrote:
atom0s,
none of that is going to protect code from an attacker with time.
It'll only protect from wannabes,


I'm fully aware of that, this topic was in regards to obfuscation which is what my post was about.

Csimbi wrote:
By now the download link does not even work, I think AylinCE realized it's worthless and taken it down to spare him from further humiliation.


My posts are not intended to or aimed at humiliating anyone. It was to give a better understanding of why the script presented was not as advertised and to prevent people from having a false sense of security by using it.

_________________
- Retired.
Back to top
View user's profile Send private message Visit poster's website
AylinCE
Grandmaster Cheater
Reputation: 10

Joined: 16 Feb 2017
Posts: 671

PostPosted: Wed Dec 01, 2021 9:12 am    Post subject: Reply with quote

Connection terminated for a different encoding.
It will be updated as soon as possible!

_________________
Hi Hitler Take control of your trainer
Enthusiastic people: Always one step ahead
Do not underestimate me Master: You were a beginner in the past
Back to top
View user's profile Send private message Visit poster's website MSN Messenger
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Extensions All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites