Decoding somebodies exploit script

I want somebody to decode this exploit script because I’m not a scripter and have no idea where to start. Or at least explain how I would decode something like this for future reference. (This is a long script lol)

Script had to put in pastebin due to it being so large

https://pastebin.com/7TxBjH4T

Thanks to whoever helps me decode some meaning out of this exploit script. (It’s a gui that gives somebody tools and access to other weird functions including handing people tools with innapropriate names).

1 Like

Hey there,
I’m pretty sure this is Luraph script obfuscation, and as far as I know the script isn’t able to be decoded (unless there is a script to clean up variable names for it to be readable). Also, I don’t think you should be using scripting support to be helped with decoding a script.

That’s Ironbrew. Ironbrew is one of the most secure script obfuscators out there, and there isn’t much you can do except assume what it does and try to patch some functions of it by reading already written code.

In Layman’s terms, you can’t decode/deobfuscate this.

It may be possible in the future, but for now (and probably a long time), don’t count on it.

Also @zQ86 , there has been a deobfuscator for a version of Luraph, but the resulting code from deobfuscations is still very hard to comprehend.

2 Likes

It was a backdoor which has been since removed but I just was curious what the script they had to execute meant.

Would it be smart idea to encode my scripts using IronBrew or would it cause any unwanted side-affects?

There’s no point in doing it to scripts that will be in your own place. I’ve heard about some model makers in competitive communities using obfuscation to hide code to prevent stealing, but other than that and exploiting I don’t know of any other use cases.

Encoding your own stuff will likely just make editing and debugging more of a hassle, and there will always be someone out there with more time on their hands than you to be willing to decode your scripts.

My general rule would be that if you don’t want your code to be copied, then don’t open-source it.

I might come across a bad developer who does things they shouldn’t having my map leaked would be one thing but the map and the scripts means I need a new game ASAP decoding it would make it harder yes but does it affect the performance of the script?

After researching I found some people who “Decode” the Luraph in StackOverflow
(I don’t know if it works but yeah its StackOverflow)

StackOverFlow:

The “DeObfuscator”:

If I got some wrong here message me and I will flag or delete my comment. :slight_smile:

Im talking about a Iron Brew Obfuscator

Obfuscating your code in studio would just make it slower. I’m also pretty sure that this script is Luraph because in one part it says:
image

Another comment on code obfuscation, it shouldn’t change the code’s functionality and so it also shouldn’t change the code logic.

It might be helpful hiding written code, but if an exploiter is decompiling the client’s byte code then they still can obtain a fully functional script with the same logic. The best solution to prevent script stealing is to include server dependencies with client scripts, because server code can’t be decompiled.

If someone’s worried about their code being accessed, then cryptography on the box should be used. Code obfuscation just makes things more of a process to debug and update.