Suspicious Code

Help and Feedback Scripting Support
#1

After working with my friend the other day, I came across a suspicious chunk of encrypted code. Luckily, the keys are all there. I’m sure that most likely it’s an attempt to lock functionality behind a username barrier, would literally swapping the keys in and removing the chunk of code which checks for the username conditional be a good way to find out what this code does?

unknown

#2

It’s a backdoor, delete it.

The code notifies their Discord server that your game has been backdoored, and allows them to do whatever they want on the server-side.

1 Like
#3

Well, for one thing, I can for sure tell that it’s a backdoor. Now, I can’t say it’s something posting to discord like @ItsPlasmaRBLX is saying, but it very well could be that. I can tell that this is something that decodes the large string you are showing as the code (as far as before redeclaring P) looked like this after making it look a bit better:

local E = string. byte; 
local H = string.char;
local l = string.sub; 
local J = table.concat;
local F = table.insert;
local O = math.ldexp;
local Y = getfenv or function() return _ENV end;
local M = setmetatable;
local T = select;
local n = unpack or table.unpack;
local P = tonumber;

local function N(n) 
	local A, B, E = "", "", {}
	local C=256; 
	local D = {} 
	for e = 0, C-1 do 
		D[e] = H(e) 
	end;
	local e=1;
	local function G()
		local A = P(l(n,e,e),36)e=e+1;
		local B = P(l(n,e,e+A-1),36)e=e+A;
		return B 
	end; 
	A=H(G())
	E[1] = A;
	while e<#n do 
		local e=G()
		if D[e] then 
			B = D[e]
		else
			B = A..l(A, 1, 1)
		end
		D[C]=A..l(B,1,1)
		E[#E+1], A, C = B, B, C+1 
	end;
	return table.concat(E) 
end

Now, if I were to get the whole code, I could probably even get the decoded string out of it, but I’m pretty sure we don’t want that code to spread around. So, you could just delete the code and end it here or you could DM me it and I can try and get the decoded string out of it if you wanted (I have a lot of free time and am kind of interested in figuring this out ngl).

2 Likes
#4

Thanks for the response! I actually don’t think it’s a backdoor, but I guess it could be. I’d appreciate it very much if you could decode the string, I’ll send you a DM!

#5

Oh okay, thanks for informing me!