scripthook module

[tdsx]

^This.

If you're planning to release this, someone will find a way to detect it in just a few moments, I'd recommend that if you plan to release something like this then you should get rid of some amount of security.

how would they detect it though and what are crc checks like kona chan is saying. I know what crc is but nobody is explaining how they would detect specifically

[Kona-chan]

how would they detect it though and what are crc checks like kona chan is saying. I know what crc is but nobody is explaining how they would detect specifically

By checking if the crc of the file matches the crc of the script you modified.
But again, you can bypass anything that is clientside by faking it anyway.

[tdsx]

By checking if the crc of the file matches the crc of the script you modified.
But again, you can bypass anything that is clientside by faking it anyway.

Would the server get the crc through net messages? I'm confused.

[Kona-chan]

Would the server get the crc through net messages? I'm confused.

The CRC could be send with a net message, even though there's plenty of other ways to do it but most of them are fancy and/or retarded.

[tdsx]

The CRC could be send with a net message, even though there's plenty of other ways to do it but most of them are fancy and/or retarded.

That's what I'm sayin, but daz and demo say there's a way. Only way I could think of detecting this is if the AC creates the global variables and checks if they got destroyed. I'll just save the value of it and restore it, but I can't think of any other way.

The AC should never even load clientside in the first place, tho. Only time it should load is when you join to get the files and check for which AC it uses

[ExiledStyles]

what use would that be? i still don't understand the purpose of this module but if it's to stop net messages from being sent then why would you have to worry about the client determining it's existence

[D3M0L1T10N]

That's what I'm sayin, but daz and demo say there's a way. Only way I could think of detecting this is if the AC creates the global variables and checks if they got destroyed. I'll just save the value of it and restore it, but I can't think of any other way.

The AC should never even load clientside in the first place, tho. Only time it should load is when you join to get the files and check for which AC it uses

here i will help you but only a little bit

you can load lua other ways than just RunString, and when you have 69 files modified like the way LifePunch does it you have an issue, especially if they are constantly being changed and have important code in them like menus to change teams etc

also...

Code:

setmetatable( _G, 
 __newindex = function( table, key, value )
  if ( key == "_SOURCE" ) then
   do ban stuff

   return
  end
 end
end )

[tdsx]

here i will help you but only a little bit

you can load lua other ways than just RunString, and when you have 69 files modified like the way LifePunch does it you have an issue, especially if they are constantly being changed and have important code in them like menus to change teams etc

also...

Code:

setmetatable( _G, 
 __newindex = function( table, key, value )
  if ( key == "_SOURCE" ) then
   do ban stuff

   return
  end
 end
end )

except it's raw set, so it doesn't call __newindex

Similar to lua_settable, but does a raw assignment (i.e., without metamethods).

and it's not hooked via RunString, it's hooked via luaL_loadbuffer, which is what every single lua script is loaded with.

not only that, but as I've already said, the AC will never even initialize in the first place if you prevent it from loading and use the same net messages/whatever. the idea is to join the server, scope out what AC it uses by grep'ing all of its files, and then use a bypass for it, which I'm beginning to make, as I've already bypassed 3 ACs. admittedly, TAC is complete shit, but I'm just throwin these out there. then you rejoin the server with your bypass loaded and the clientside AC files blacklisted.

let me make it simple.

1. join with no cheats loaded (important!)
2. find out what AC it uses.
3. write/find a bypass for it that uses scripthook to emulate the clientside and blacklist the AC files.
4. rejoin and load cheats.

it doesn't matter what files or variables the server changes. you just downloaded all of the files and know them, so on the rare occurrence that they modified the AC, you know exactly what was modded. as an example, leyac has 2 variables: hellohellohelloimcool and ijustwannaberightbyyourside which can both be easily modded in the config.

cmon man.

[D3M0L1T10N]

except it's raw set, so it doesn't call __newindex

and it's not hooked via RunString, it's hooked via luaL_loadbuffer, which is what every single lua script is loaded with.

not only that, but as I've already said, the AC will never even initialize in the first place if you prevent it from loading and use the same net messages/whatever. the idea is to join the server, scope out what AC it uses by grep'ing all of its files, and then use a bypass for it, which I'm beginning to make, as I've already bypassed 3 ACs. admittedly, TAC is complete shit, but I'm just throwin these out there. then you rejoin the server with your bypass loaded and the clientside AC files blacklisted.

let me make it simple.

1. join with no cheats loaded (important!)
2. find out what AC it uses.
3. write/find a bypass for it that uses scripthook to emulate the clientside and blacklist the AC files.
4. rejoin and load cheats.

it doesn't matter what files or variables the server changes. you just downloaded all of the files and know them, so on the rare occurrence that they modified the AC, you know exactly what was modded. as an example, leyac has 2 variables: hellohellohelloimcool and ijustwannaberightbyyourside which can both be easily modded in the config.

cmon man.

again

if you have files being sent to you scramble obfuscated using diff net variables etc, also again you can send and load lua chunks not using loadbuffer (at least last time i tried it, i need to try it again)

also forgot that it's rawset, you can probably still check a couple of other ways haven't tested that either

i think you are forgetting you can randomize names, and it gets like 100x harder once everything is scrambled and obfuscated making it not worth the mess

there is a reason i ditched using this method to bypass anticheats

[tdsx]

again

if you have files being sent to you scramble obfuscated using diff net variables etc, also again you can send and load lua chunks not using loadbuffer (at least last time i tried it, i need to try it again)

also forgot that it's rawset, you can probably still check a couple of other ways haven't tested that either

i think you are forgetting you can randomize names, and it gets like 100x harder once everything is scrambled and obfuscated making it not worth the mess

there is a reason i ditched using this method to bypass anticheats

you're talking about precompiled chunks, which is bytecode, which is disabled in gmod. the lowest level of loading code through any normal means is lua_load, and guess what, luaL_loadbuffer calls lua_load, lol.

go use luaL_loadstring, lua_dump the chunk, and call lua_load. it will either tell you its incompatible bytecode or malformed bytecode.

you're also still not understanding that the AC would not be loaded clientside. randomized names and such is something else.

[Azrius]

wow this is really cool

[Scetch08]

D3M0L1T10N talking serious and Daz being impressed, What world is this?

[Kona-chan]

D3M0L1T10N talking serious and Daz being impressed, What world is this?

it's not google it's bing

[Leystryku]

it's absolutly not like someone re-released gm_preproc from ~january 2011, just with another name, and thinks he's a genius :v:

[tdsx]

it's absolutly not like someone re-released gm_preproc from ~january 2011, just with another name, and thinks he's a genius :v:

Never heard of it. Sounds like nobody else has either. Sounds like it's easily detectable too from what I found on Google. I'm on my phone tho so idk.
Here, this thread is good for you. https://www.mpgh.net/forum/showthread.php?t=905349