Yeah, Luraph isn’t a very good obfuscator and it’s a bit of a joke in the “obfuscator community”.
Like @jody7777 said, it’s just an edited version of LBI. I don’t have time to actually deobfuscate it to get usable bytecode, but you shouldn’t need to. Just sandbox the script and print all the calls it makes to get an idea for about what it does.
If it were Xen or Ironbrew I’d be able to dump all the constants for you but I don’t have a constant dumper for Luraph simply because I’ve never needed one. I’ll look into making one now, but no promises!
As for the OP, @marfit, you should save your game as XML (.rbxlx). Then open the file in a text editor like Notepad++ and search for the scripts! Once you find them you can delete them there.
I was testing my DeObfuscating skills with these scripts and I found out the seconds script.
game
GetService
HttpService
GetAsync
https://www.google.com
1337
pcall
script
Value
Name
true
print
on
Enabled
off
false
Disabled
1337
game
GetService
RunService
IsStudio
script
Destroy
print
gamer
Players
1337
1337
By the sounds of it you’ve taken a bunch of scripts / models made openly available.
I recommend never using them and scanning them completely.
The name builder X when searched is linked to a group of exploiters.
As for Luraph Ive seen a bunch of questionable posts about it. Its definatly a backdoor. Remove it ASAP.
Also the question is, how many plugins / models have you taken. And are multiple of them by the same person claiming one requires the other? It is very important you take this very seriously and it is dealt with quickly. Stop all works on that place and any other place that has the same plugins / scripts until you can identify and remove them. Avoid pressing run and even hovering over the plugins until its resolved.
For future reference, dont use other peoples plugins without absolute certainty. Ive got a few plugins e.g character Motor6 Builder which I know comes from a good place and good people with tons of users that have no problems. Other than that I will completely avoid plugins because they can run within studio without having to press play.
Should you need to encrypt text make your own encryption for a few good reasons:
Exploiters can get the same thing you did
You do not know what it contains
You can make a better one tailored to your uses.
It could be taking any kind of information. If you have http enabled it will pass on your info through http. It could also be using global datastores to do this.
Until you read through the scripts you wont know what they are actually taking. They could be copying your game models and guis. As you cannot access the sources script you are kind of to blame for not checking it out completely before pressing run.
When using other peoples scripts, if they are hiding the source, remove it immediately. Its not worth the potential risks.
You can unpack models. I recommend doing this and then checking the whole thing for any scripts
Agreed, someone else bumped it back up so it was up on recent, as there wasn’t really a clear and detailed answer I felt it was needed just to clear it up for others who might use other players scripts or have the same issue.
Remove all of your plugins then install required ones and look at their creators, I mean when you go to their profile and check for stuff you are %100 gonna see if its the real person or not then if your sure its original use the plugin. If it happens again I’d recommend to delete all of your plugins and not use plugins anymore.