Home › Forum › MultiPlayer Game Hacks & Cheats › Steam Games Hacks & Cheats › Garry's Mod Hacks & Cheats › Garry's Mod Discussions & Help › scripthook module
scripthook module
scripthook module
So I threw this together today. A module that saves all clientside/shared scripts and adds a hook that lets you prevent scripts from loading.
It isn't a traditional GMod hook. It loads a file and raw sets some global variables. _SCRIPT is the script itself. _SOURCE is the source of it (a file, RunString, SendLua, etc). This is what my 'hook' file looks like.
The global variables are destroyed after they're used. In the right hands, you could theoretically bypass any and every anti-cheat. Probably the most trouble you'll run into are anti-cheats that use net messages or concommands to communicate, in which case, you'll have to fool the server into thinking everything is A-ok by using the same concommands and net messages. If you don't communicate with the server as if the anti-cheat would, the server will know somethings fucky.
Pictures!
Every thing that is attempted to be ran is saved to a folder that is named after the server you are connected to!
Thoughts? Suggestions? Insults from @D3M0L1T10N? They're all welcome! This is going to be released soon
It isn't a traditional GMod hook. It loads a file and raw sets some global variables. _SCRIPT is the script itself. _SOURCE is the source of it (a file, RunString, SendLua, etc). This is what my 'hook' file looks like.
Code:
if (_SOURCE == "lua/autorun/client/msg.lua" or _SOURCE == "LuaCmd") then return false end
Pictures!
Every thing that is attempted to be ran is saved to a folder that is named after the server you are connected to!
Thoughts? Suggestions? Insults from @D3M0L1T10N? They're all welcome! This is going to be released soon
Wow this is the first thing I've seen released here that I can actually say impresses me, this looks pretty fucking awesome.
This is really cool and something I never even thought about doing (shows how original I am.)
This is really cool and something I never even thought about doing (shows how original I am.)
Sound really useful to use, Nothing like some extra protection! 
I wanted to find anything bad to say againaist this but instread I found the idea of using gLua to interact with RunString actually better than doing your 'blacklist' in C++, since you can just modify it on-the-fly without having to recompile everytime.
+rep
+rep
Thank you all for kind words. I can't wait to progress this
Looks good dude.
It's been a while since i saw someone do a blacklist like that. I also finished my filestealer a few days ago and have a blacklist too ( mine just reads from a txt file and stops files from loading, so its not as cool ).
It's been a while since i saw someone do a blacklist like that. I also finished my filestealer a few days ago and have a blacklist too ( mine just reads from a txt file and stops files from loading, so its not as cool ).
Originally Posted by tdsx
So I threw this together today. A module that saves all clientside/shared scripts and adds a hook that lets you prevent scripts from loading.
It isn't a traditional GMod hook. It loads a file and raw sets some global variables. _SCRIPT is the script itself. _SOURCE is the source of it (a file, RunString, SendLua, etc). This is what my 'hook' file looks like.
The global variables are destroyed after they're used. In the right hands, you could theoretically bypass any and every anti-cheat. Probably the most trouble you'll run into are anti-cheats that use net messages or concommands to communicate, in which case, you'll have to fool the server into thinking everything is A-ok by using the same concommands and net messages. If you don't communicate with the server as if the anti-cheat would, the server will know somethings fucky.
Pictures!
Every thing that is attempted to be ran is saved to a folder that is named after the server you are connected to!
Thoughts? Suggestions? Insults from @D3M0L1T10N? They're all welcome! This is going to be released soon
It isn't a traditional GMod hook. It loads a file and raw sets some global variables. _SCRIPT is the script itself. _SOURCE is the source of it (a file, RunString, SendLua, etc). This is what my 'hook' file looks like.
Code:
if (_SOURCE == "lua/autorun/client/msg.lua" or _SOURCE == "LuaCmd") then return false end
Pictures!
Every thing that is attempted to be ran is saved to a folder that is named after the server you are connected to!
Thoughts? Suggestions? Insults from @D3M0L1T10N? They're all welcome! This is going to be released soon
Worked something up to bypass LeyAC.
It doesn't completely emulate the actual clientside AC, but that's only because I only did this as a proof of concept. The server can request different things, which I didn't bother to put in. From what I see, though, everything seems normal.
And a TAC bypass just cause it's that fucking easy.
Code:
if (_SOURCE == "LuaCmd" and string.find(_SCRIPT, "if not hellohellohelloimcool")) then
net.Start("ijustwannahaveyourightbymyside")
net.WriteString(" ")
net.SendToServer()
return false
end
if (_SOURCE != "addons/leyac/lua/_ley_imp.lua") then return end
net.Receive("ijustwannahaveyourightbymyside", function()
net.Start("ijustwannahaveyourightbymyside")
net.WriteString(" ")
net.SendToServer()
end)
hook.Add("InitPostEntity", "LeyAC", function()
net.Start("ijustwannahaveyourightbymyside")
net.WriteString("in")
net.WriteString("hellohellohelloimcool")
net.SendToServer()
hook.Remove("InitPostEntity", "LeyAC")
end)
return false
And a TAC bypass just cause it's that fucking easy.
Code:
if (_SOURCE:lower() != "addons/tac/lua/autorun/client/cl_blunderbuss.lua") then return end
timer.Create("TACTimer", math.random(60, 120), 0, function()
net.Start("ttt_scoreboard")
net.WriteString("gotit")
net.SendToServer()
end)
return false
Originally Posted by tdsx
Worked something up to bypass LeyAC.
It doesn't completely emulate the actual clientside AC, but that's only because I only did this as a proof of concept. The server can request different things, which I didn't bother to put in. From what I see, though, everything seems normal.
And a TAC bypass just cause it's that fucking easy.
Code:
if (_SOURCE == "LuaCmd" and string.find(_SCRIPT, "if not hellohellohelloimcool")) then
net.Start("ijustwannahaveyourightbymyside")
net.WriteString(" ")
net.SendToServer()
return false
end
if (_SOURCE != "addons/leyac/lua/_ley_imp.lua") then return end
net.Receive("ijustwannahaveyourightbymyside", function()
net.Start("ijustwannahaveyourightbymyside")
net.WriteString(" ")
net.SendToServer()
end)
hook.Add("InitPostEntity", "LeyAC", function()
net.Start("ijustwannahaveyourightbymyside")
net.WriteString("in")
net.WriteString("hellohellohelloimcool")
net.SendToServer()
hook.Remove("InitPostEntity", "LeyAC")
end)
return false
And a TAC bypass just cause it's that fucking easy.
Code:
if (_SOURCE:lower() != "addons/tac/lua/autorun/client/cl_blunderbuss.lua") then return end
timer.Create("TACTimer", math.random(60, 120), 0, function()
net.Start("ttt_scoreboard")
net.WriteString("gotit")
net.SendToServer()
end)
return false
Originally Posted by TheLegenderyCat
When are you gonna release this?
u must be high if you are going to release a runstring hook to the public
- - - Updated - - -
The global variables are destroyed after they're used. In the right hands, you could theoretically bypass any and every anti-cheat.
not if the anti cheat is good
- - - Updated - - -
The global variables are destroyed after they're used. In the right hands, you could theoretically bypass any and every anti-cheat.
not if the anti cheat is good
Originally Posted by D3M0L1T10N
not if the anti cheat is good
Originally Posted by tdsx
if you emulate the AC clientside the server has no way to tell anything is wrong
Originally Posted by D3M0L1T10N
id show you why this wont work on some acs, but then you would fix it so nahhhhh
Originally Posted by D3M0L1T10N
u must be high if you are going to release a runstring hook to the public
- - - Updated - - -
The global variables are destroyed after they're used. In the right hands, you could theoretically bypass any and every anti-cheat.
not if the anti cheat is good
- - - Updated - - -
The global variables are destroyed after they're used. In the right hands, you could theoretically bypass any and every anti-cheat.
not if the anti cheat is good
If you're planning to release this, someone will find a way to detect it in just a few moments, I'd recommend that if you plan to release something like this then you should get rid of some amount of security.
Similar Threads
- 12Last post
- 4Last post
- 6Last post
- 0Last post
- 8Last post