Reverse engineering a function reference

Hello there!

I just wonder if there is anyway to gather any useful information about what a function does just by it’s reference without calling it of course.

Example:

function Hello()
	local a = BrickColor.Black()
	workspace.Baseplate.BrickColor = a
end

print(Hello) -- Returns the address of the function only

Unfortunately I wasn’t able to extract any information other than the function address by printing it’s reference.

I’m aware of the function string.dump but it’s disabled in roblox luaua.

My use case is just to gather any information about a function returned by a linked module script that contains an exploit. Am not really in absolute need to know what this function does but I was just curious!

My best bet is that it’s impossible to do such thing without an illegal tool.
But I decided to ask since some people comes up with crazy solutions that you can just wonder your expertise lmao :smiley:

1 Like

I don’t think lua in general does not have an option to display what a function does, I mean only recently have you been able to print a table and see its contents, but unlike js I don’t think its possible atm although it would be a nice feature to have.

You could possible do some metatable magic to display it but that would be too much effort I think

local hello = {}

hello.info = [[
  if arg then
    print('hello')
  end
]]

setmetatable(hello, {
    __call = 
      function(something) -- put your function here
        if something then
          print('hello')
        end
      end
    }
)


print(hello.info)

--[[
would print;

  if arg then
    print('hello')
  end
]]


hello()
1 Like

Actually nevermind that, when print() is called so is the __tostring metamethod so you don’t need the index

local hello = {}

setmetatable(hello, {
    __call = 
      function(something) -- put your function here
        if something then
          print('hello')
        end
      end
  __tostring = function()
    return [[
      if arg then
        print('hello')
      end
    ]]
    }
)


print(hello)

--[[
would print;

  if arg then
    print('hello')
  end
]]


hello(true) -- 'hello'
1 Like

The problem is that in my case I don’t know the function’s source code

Yea, this is the only way I could think of. But with the current lua its impossible without pre typing the function in a string

1 Like

Yeaa that’s what I think since roblox have heavily edited their lua implementation to strip all the tools and functions that can gather binary information like my case to prevent exploiters from easily breaking in.
But who knows there might be a sneaky solution :eyes:

In standard lua. you can do that by doing this
string.dump(function_reference, true) → Returns the function’s source code.

1 Like

There are some useful debug tools provided by roblox which can provide some fun facts about functions

Namely the debug.info function

debug.info takes two arguments:

debug.info(environment, options)

The environment parameter is either a number, representing the number of scopes up youre looking (0 is within the current scope, 1 is one scope above, etc), or a function like you probably need

The options parameter is a string containing characters which represent special data about the environment/function

Some of the special options are:

“a” → # of arguments, boolean if … is present
“f” → memory address of function
“n” → returns the name of the environment
“s” → returns the path of the script the code is within

For example:

print(debug.info(testFunction,"s")) --> workspace.Script

I know none of this is source code but it might be useful in some capacity

2 Likes

This doesn’t give me much info about the function’s source code but it’s certainly helpful and a useful function. Thank you!

And since this is the best answer so far from the goal of this post I’ll mark it as a solution for now

Is there anything useful about the env name?
image