"Luraph Script"

Help and Feedback Scripting Support
#1

Hello! And I was just creating my game on a peaceful cool day, and suddenly in the output when I was playing in studio it said repeating over and over. And when I copied and pasted it, it showed a link…:

" [Luraph Script:1: Unable to find module for asset id](rbxopenscript://www.dummy.com/dummy?scriptGuid=%7B9D0671A0%2DDFEF%2D499A%2D834C%2D860E4E7AC4DE%7D&gst=6#6)"

If this was so easy, I think I wasn’t trying enough. Please just tell me :confused:

Edit: I don’t know what this error was coming from or how it was created, but I am just confused. The only thing I just found was 4 scripts that had the SAME line of code. Here’s the line of code in each script:


--This an script of ROBLOX Studio. Do not delete it, this script secures your game from exploiters.

--Thanks.


require(4509414898):dab()
5 Likes
#2

Luraph is a lua obfuscator. It obfuscates the logic of the code by running it’s own VM in the lua VM. You are likely dealing with a backdoor. I suggest you REMOVE the script and any code relating to that.

I also recommend you disable any plugins you have enabled and do not use free models because they are likely the cause of your misfortune of having your game backdoored.

4 Likes
#3

Looks like a common backdoor/virus. It could be because you have a infected plugin. Maybe you accidentally inserted a model from the toolbar?

Simply delete it if you don’t know what it is.

2 Likes
#4

Okay I will try it. I guess it is because of a plugin. (Responding to both @EpicMetatableMoment and @xMax_yy)

#5

Luraph is a Lua obfuscator. It’s not that hard to undo if you are familiar with the Lua 5.1 VM

3 Likes
#6

If I delete a plugin/backdoor/virus do I also have to delete the 4 scripts that have the same line of code?

#7

If you have multiple scripts with the same line of code I suggest you remove the line of code if it is your script, and then disable any plugins you have and then restart studio.

2 Likes
#8

Okay! Thanks for telling me. I was so confused on what this was. I didn’t know it was like a new update or feature.

#9

With a quick look at your plugins I feel the problem is this plugin.

https://www.roblox.com/library/4110705448/Gui-to-Lua

Inside that I found this line of code

finalSource = '	' .. finalSource .. scriptSource:sub(last)
local code = [[local function ]]..id..[[_fake_script() -- ]]..realParent..'.'.. script.Name..[[ 
local script = Instance.new(']]..script.ClassName..[[', ]]..realParent..[[)]]
if convert_module_scripts and Nmodulescripts ~= 0 then  
	code = code .. "\n\tlocal req = require\n\tlocal require = function(obj)\n\t"
	code = code .. "\tlocal fake = fake_module_scripts[obj]\n\t"
	code = code .. "\tif fake then\n\t"
	code = code .. "\t\treturn fake()\n\t\tend\n\t\treturn req(obj)\n\tend"
end 
code = code .. "\n\n" .. finalSource.. "\nend\ncoroutine.wrap("..id.."_fake_script)()"
return code or ''

I suggest you uninstall the Gui To Lua! plugin specifically, but if that does not solve the issue install any other plugins you might have.

3 Likes
#10

Okay. How do I check if it has a backdoor/virus in the plugin or not?

#11

This is a multi step process, so listen carefully. (This can also be risky, so be careful when you’re doing this, if you install a plugin while doing this and studio keeps crashing I also made a post on how to remove the plugin: Studio not responding, a plugin's fault - #8 by DrKittyWaffles)

You will first have to install the plugin. Then you will want to open an empty baseplate so you don’t potentially infect one of your games. After that you will want to navigate to the folder on your computer containing where your plugins are located.

Your plugins are located at %localappdata%\Roblox\ which you can access by pressing the win + r key if you’re on windows.

image

After that look for the folder that is named according to your ROBLOX UserId.

image
image715×269 31.5 KB

In this case we are looking for a folder named 527473047. So when you find that folder you will want to open that folder. Inside the folder you will find an InstalledPlugins folder. You will want to open that.

Now you will want to look or the plugin you are testing, to find it look for the folder named by the Id in the URL on the site.

image

Inside that folder you will find another folder with a string of numbers. Just open that folder.

image

Now you have located the Plugin.rbxm file. You will want to drag it into studio.

image

image

Now you should see the plugin’s source code.

image

4 Likes
#12

I will try that more often when I install a plugin. One more thing before I go. Did you find anything else that had a backdoor/virus? Since the Gui to Lua! had a backdoor/virus I was wondering if anything else had a backdoor/virus.

1 Like
#13

I am currently somewhat busy and I do not really have much time to go through all of your plugins; but since I showed you how to view the source code of a module, you can do it yourself.

Some plugins you don’t need to check because they’re created by what I would considered “trusted” are: CloneTrooper1019, stravant, Davidii, Dued1, EchoReaper, memguy, DaMrNelson, OzzyPig, and ROBLOX. If you look at these people’s profiles you will probably quickly notice they all have popular games or something successful that would be in jeopardy if they were to just start releasing backdoors. (and some of them are just cool in general; cough CloneTrooper1019)

But of course you can check them if you don’t trust me. (I don’t even trust myself sometimes; “Did I lock the door when I left?”)

1 Like
#14

This is indeed quite hilarious to see a Luraph script here, especially as its a poor quality obfuscator. But yes you are right.

#15

Luraph is a terribly written lua obfuscator that can be easily deobfuscated.

#16

There is (what I consider to be) a faster way of doing this:
Step1: Open up ‘Command bar’ in studio (should be found under the view tab)
Step2: Paste following code into the command bar

local id = 4110705448;
game:GetObjects(“rbxassetid://”…id)[1]:Clone().Parent = workspace

Step3: Press enter then check workspace (it should be in there)

3 Likes
Is it possible to get a ModuleScript's text outside of studio?
#17

Oh thanks, that looks reasonable. @Enchanted_Tix you should consider that too.

#18

If found this script that has an error about “Luraph Script”. I removed it. I think it was also making HTTP requests but I don’t have HTTPService enabled in that game at the moment.

I found a pastebin that has the same script: https://pastebin.com/raw/DA1z4yc6

Also, my first reply on the Dev Forum :tada:

4 Likes
#19

I had this same error with the https://web.roblox.com/library/4110705448/Gui-to-Lua plugin.

#20

Be careful when installing plugins there are other plugins like terrain editors that have installed backdoors into my game such as prompting everyone to purchase shirts and all that