Scripthook Undetected

[2ponds]

Recently i've been using scripthook, and I notice that I get kicked from some CAC servers for the reason "clientside lua execution", even though I didn't use any sort of lua cheats. If anyone has any insight as to what might be causing it, it is appreciated if you would comment.

[Keepo123]

scripthook is outdated, use friendlyhack ( https://www.mpgh.net/forum/showthrea...1291518&page=1 ) and look in your C:\Program Files (x86)\Steam\steamapps\common\friendlyhack, or where ever you put steam at.

[2ponds]

Can you use friendlyhack to block scripts from running, like block RunString, LuaCmd, SendLua etc, like in Scripthook?

- - - Updated - - -

Also is there a way to make scripthook undetected, like opening in visual studio and changing variable names or something? I've been thinking about trying it, but i'm not sure what part of scripthook CAC is detecting.

[Gorzoid]

Empty scripthook.lua and it should be fine, probably an outdated bypass doing it. Some scripts can detect script hook because it sets the global variables _SCRIPT and _SOURCE so you can fix that easily by using a hexeditor to change the variable name to some string of equal length

[The Beast123]

Empty scripthook.lua and it should be fine, probably an outdated bypass doing it. Some scripts can detect script hook because it sets the global variables _SCRIPT and _SOURCE so you can fix that easily by using a hexeditor to change the variable name to some string of equal length

Cringe. Surely you don't use scripthook yourself?

[ajloveslily]

Cringe. Surely you don't use scripthook yourself?

I don't see cringe here, that's literally what it does and emptying the lua file can fix it doing weird shit. As far as hex editor well you just have to be careful with that I suppose. The source code for scripthook is out there you just have to know where to look(aka fucking google) rhere's a "reundetected" version floating around here. just changes scripthook to fuckn*gger so servers that look for "scripthook" anywhere dont detect it

[eth0s]

ScriptHook is absolute trash.

[ajloveslily]

ScriptHook is absolute trash.

Let's see you do better.

[eth0s]

Let's see you do better.

Do you think I'm not capable or something? I've already coded something 10x better than scripthook that doesn't let server owners override files outside of the file stealing directory... Unlike scripthook. It's absolute trash.

Infact, I already added a file stealer in friendlyhack long ago, too bad it's outdated so you can't have anything good huh.

OT: Just hook luaL_loadbuffer if you wanna do something similar.

[The Beast123]

Do you think I'm not capable or something? I've already coded something 10x better than scripthook that doesn't let server owners override files outside of the file stealing directory... Unlike scripthook. It's absolute trash.

Infact, I already added a file stealer in friendlyhack long ago, too bad it's outdated so you can't have anything good huh.

OT: Just hook luaL_loadbuffer if you wanna do something similar.

Oubliette and others before him were literally doing this 6-7 years ago so I dunno why you're bragging about accomplishing this only just now.

luaL_loadbuffer is literally what it hooks in the first place. There's really no need to hook it when you can go hook RunStringEx instead. I remember back when I was coding crap for this game I detoured both and couldn't see a difference in results at all.





- - - Updated - - -

I don't see cringe here, that's literally what it does and emptying the lua file can fix it doing weird shit. As far as hex editor well you just have to be careful with that I suppose. The source code for scripthook is out there you just have to know where to look(aka fucking google) rhere's a "reundetected" version floating around here. just changes scripthook to fuckn*gger so servers that look for "scripthook" anywhere dont detect it

I said it's "cringe" because Gorzoid is intelligent enough to go make something that does all this himself in an undetectable fashion without having to use scripthook and change it variables to avoid detection.

[eth0s]

What I'm saying is that scripthook has exploits that anyone that can run lua on your computer can abuse to write files outside of the stolen files directory.

[ajloveslily]

What I'm saying is that scripthook has exploits that anyone that can run lua on your computer can abuse to write files outside of the stolen files directory.

Must be in the part of the code that wasn't released. Then again, I am not the most well versed in c++

Code:

int Detour(lua_State* state, const char *buff, size_t sz, const char *name)

{

	bool shouldRun = true;



	if (client && client->IsConnected())

	{

		const char* SCRIPT;

		const char* SOURCE;

		ILuaBase* base = state->luabase;



		std::string path;

		std::string address = std::string(client->GetNetChannelInfo()->GetAddress());

		address = ReplaceString(address, ":", "-");

		path = "scripthook/" + address + "/";



		std::string source = std::string(name);

		

		if (source.substr(0, 1) == "@")

		{

			source.erase(0, 1);

		}

		

		std::string orig = source;

		std::string fullpath = path + source;



		if (hasEnding(source, ".lua")) 

		{

			boost::filesystem::path p(fullpath);

			boost::filesystem::path dir = p.parent_path();

			boost::filesystem::create_directories(dir);



			if (boost::filesystem::exists(fullpath))

			{

				std::ofstream out(fullpath);

				out << std::string(buff);

			} else {

				std::ofstream out(fullpath, std::ios_base::app);

				out << "\n-----------------------------------------------------\n" + std::string(buff);

			}

		} else {

			std::string origsource = source;

			source = path + source;



			if (!boost::filesystem::exists(source + ".lua"))

			{

				std::ofstream out(source + ".lua");

				out << std::string(buff);

			} else {

				std::ofstream out(source + ".lua", std::ios_base::app);

				out << "\n-----------------------------------------------------\n" + std::string(buff);

			}

		}



		if (!boost::filesystem::exists("scripthook/scripthook.lua"))

		{

			ConColorMsg(Color(255, 145, 0, 255), "[Warning] ");

			Msg("scripthook.lua does not exist!\n");

		} else {

			base->PushSpecial(SPECIAL_GLOB);

				base->PushString("_SCRIPT");

				base->PushString(buff);

				base->RawSet(-3);

			base->Pop();



			base->PushSpecial(SPECIAL_GLOB);

				base->PushString("_SOURCE");

				base->PushString(orig.c_str());

				base->RawSet(-3);

			base->Pop();



			if (!luaL_loadfile(state, "scripthook/scripthook.lua"))

			{

				if (!lua_pcall(state, 0, 1, 0))

				{

					if (base->IsType(-1, Type::BOOL))

					{

						shouldRun = base->GetBool(-1);

					}



					base->Pop();

				} else {

					ConColorMsg(Color(255, 145, 0, 255), "[Warning] ");

					Msg("%s\n", base->GetString(-1));

				}

			} else {

				ConColorMsg(Color(255, 145, 0, 255), "[Warning] ");

				Msg("%s\n", base->GetString(-1));

			}



			base->PushSpecial(SPECIAL_GLOB);

				base->PushString("_SCRIPT");

				base->RawGet(-2);

				SCRIPT = base->GetString(-1);

			base->Pop(2);



			base->PushSpecial(SPECIAL_GLOB);

				base->PushString("_SOURCE");

				base->RawGet(-2);

				SOURCE = base->GetString(-1);

			base->Pop(2);			



			base->PushSpecial(SPECIAL_GLOB);

				base->PushString("_SCRIPT");

				base->PushNil();

				base->RawSet(-3);

			base->Pop();



			base->PushSpecial(SPECIAL_GLOB);

				base->PushString("_SOURCE");

				base->PushNil();

				base->RawSet(-3);

			base->Pop();

		}



		if (!shouldRun)

		{

			ConColorMsg(Color(0, 154, 255, 255), "[scripthook] ");

			Msg("Blocked %s\n", orig.c_str());

			luaL_loadstring(state, "");



			return 0;

		} else {

			std::string src = std::string(SOURCE);



			return luaL_loadbuffer(state, SCRIPT, sz, ("@" + src).c_str());

		}

	}



	return luaL_loadbuffer(state, buff, sz, name);

}



BOOL APIENTRY DllMain(HMODULE hModule, DWORD Reason, LPVOID lpReserved)

{

	if (Reason == DLL_PROCESS_ATTACH)

	{

		CreateInterfaceFn factory = Sys_GetFactory("engine.dll");

		client = (IVEngineClient*)factory(VENGINE_CLIENT_INTERFACE_VERSION_13, NULL);



		luaL_loadbuffer = (loadbuffer)GetProcAddress(GetModuleHandle("lua_shared.dll"), "luaL_loadbuffer");



		if (!luaL_loadbuffer)

		{

			ConColorMsg(Color(255, 0, 0, 255), "[Error] ");

			Msg("scripthook has failed to grab luaL_loadbuffer.\n");



			return FALSE;

		}



		DisableThreadLibraryCalls(hModule);

		DetourTransactionBegin();

		DetourUpdateThread(GetCurrentThread());

		DetourAttach(&(PVOID&)luaL_loadbuffer, Detour);



		if (DetourTransactionCommit() == NO_ERROR)

		{

			ConColorMsg(Color(0, 255, 0, 255), "[Success] ");

			Msg("scripthook has completed hooking successfully.\n");

			Msg("This is not the final version scripthook!\n");



			return TRUE;

		} else {

			ConColorMsg(Color(255, 0, 0, 255), "[Error] ");

			Msg("scripthook was unsucessful.\n");



			return FALSE;

		}



		return FALSE;

	}

}

[biggestbaddestgamerintown]

i think ur letting the cartoons get in ur brain