'compiled' resources

[Stratospheria]

Is it possible to create 'compiled' resources which you can spread out but where nobody can see the source code?

[dzek (varez)]

yup, but they can be decompiled. idk where was link to some gui complier and ive got only this:

http://upload.dzek.metal.info/pliki/Lua.rar

i'm using it to compile my scripts.

Extract this to C:\Lua (this is important!), then copy your script into that folder, drag and drop that file on compile.bat file, luac.out will be created - this is your compiled version.

[Stratospheria]

but is it easy to decompile? I mean, is there a point to compile it?

[dzek (varez)]

most ppl will be too lazy - but decompiling is as easy as compiling..

but - compiling rips off all comments, custom functions name and variable names (they are random after decompile) - this makes hard to read & edit your scripts.

[Stratospheria]

ah, cool

[Slothman]

yes, decompiled scripts sometimes don't even work. If you really don't want others stealing your work its a decent method, but Id you plan on releasing the script, a lot of server owners like to see what they are getting.

[NeonGen]

Sorry for bumping this topic, but my question is small and I thought it would be good for archiving purpose.

Is there a reason why I can't use standard Lua compilers?

[Aibo]

Is there a reason why I can't use standard Lua compilers?

who said you can't?

http://luabinaries.sourceforge.net/download.html — compiles just fine.

[NeonGen]

who said you can't?

Ah. Well I just drew that conclusion, because many people provide rapidshare like links to compiling software. It makes me think they made something custom, rather then using standard Lua compiler from the Lua binaries.

Another question: I see many people saying that compiling has really no advantages, other then protecting your code a little bit. But in many languages pre-compiling can improve the performance of your code. As the language doesn't have to be interpreted while running. Is this not the case with Lua or MTA:Lua?

[Zango]

Compiling code will improve performance in LUA

[Cavorta]

dzek (varez) anyone mirror it ?

[eAi]

Just download it from the lua website! Compiling the code will protect it from casual viewers, but not hackers etc. It will very slightly speed up the loading of the resource, but have no impact on it's performance while it's running.

[NeonGen]

It will very slightly speed up the loading of the resource, but have no impact on it's performance while it's running.

These tiny little difference have a huge impact, when you run a client+server on a slow machine. It is why I was interested.

[Ransom]

Compiling is good to keep noobs from building off your Lua script, but if you really want noone else to "use" your script (say its mostly clientside), then you need to host the files somewhere trustworthy and send the client script using loadstring and some magic. The client code will only exist in memory, this means the client will always download the script (bad). This could be used in a limited way for small scripts or pieces of scripts so said hackers don't have all the puzzle pieces to play with.

I don't recommend doing this unless you have something SMALL and truly exceptional. Someone stealing your vehicle spawning script isn't that big a deal.

Server Lua file:

 function RecieveScriptFromServer () 
    local file = fileOpen ( 'CLIENTSIDE.lua', true )--This opens the script containing the clientside script inside the resource 
    if file then    
        local packets = {} 
        local counter = 1 
        while not fileIsEOF(file) do              
            packets[counter] = fileRead(file, 30000)--65535 byte send limit per trigger 
            counter = counter + 1 
        end 
        fileClose(file)  
        triggerClientEvent ( "onRequestClientFiles", root, packets) 
    else 
        outputConsole("Client files are missing serverside!") 
    end 
end 
addEvent( "onRecieveScriptFromServer", true ) 
addEventHandler( "onRecieveScriptFromServer", root, RecieveScriptFromServer )    

Client Lua file:

 triggerServerEvent ( "onRecieveScriptFromServer", getLocalPlayer() )  
  
function RequestClientFiles (clientCode) 
    append = "" 
    for k,v in ipairs(clientCode) do 
        append = append..v 
    end 
    loadstring(append)() 
end 
addEvent( "onRequestClientFiles", true ) 
addEventHandler( "onRequestClientFiles", root, RequestClientFiles ) 

The clientside script can only be obtained physically by a hacker sniffing out MTA packets. Lua script sent through loadstring cannot be compiled (in my testing), although it would not matter much. If someone knew how to sniff packets surely they could deal with a compiled Lua file. The script can be obfuscated immensely before sent, but again thieves would still be able to 'use' the script, even if they don't understand it, which defeats the purpose of using this method.

This is what I have learned recently anyway.

[MX_Master]

Another interesting method is compiling all client scripts to one file. It's can be done by lua compiler too.

[Kenix]

Another interesting method is compiling all client scripts to one file. It's can be done by lua compiler too.

Also can be more tables in first lines of script.

array = { { { } } } 

Decompilator can't decompile this file.

Edited July 28, 2012 by Guest

[InDev]

I use the same method as Ransom since months ago but I just read all files and split the finished text each trigger limit characters, probably a bit longer than Ransom's method, put it in a table and send to the client then make all in one and loadstring() but the problem is with the 'onClientResourceStart' event...

[UAEpro]

i CAN Compile any LUA file .. and NO ONE << yea NO ONE

can DeCompile it ..

Contact by PM if you want to know what i can do , and i can compile ur script but i will not tell anyone how i can do it

[DakiLLa]

i CAN Compile any LUA file .. and NO ONE << yea NO ONE

can DeCompile it ..

Contact by PM if you want to know what i can do , and i can compile ur script but i will not tell anyone how i can do it

@ lol'd

[UAEpro]

i CAN Compile any LUA file .. and NO ONE << yea NO ONE

can DeCompile it ..

Contact by PM if you want to know what i can do , and i can compile ur script but i will not tell anyone how i can do it

@ lol'd

if you dont Believe me you can test me with any noob script

test me ^^

[Remi-X]

I love to bump lol

There was a method with pawn to add some code which makes it impossible to decompile the script. Well, impossible, the decompiled file only showed three lines of includes which might not even be present in the script itself. Just read some other topic about compiling, so that's what remind me of this. Now I'm wondering; isnt't there some code for lua to achieve the same?

[Orange]

@Remi-X: it's like

  
omfguncompilable = {{{{{{},{},{},{}}}}}}; 
  

Should work

[Zango]

We wrote an obfuscator for LUA once at DKR. It was never implemented in praxis though, seems like lost effort when it's only code we can protect. Most people nail the models.

If you want, I can probably pull out some details. Obfuscation doesn't make it impossible, but depending on the technique very hard and time consuming to reverse engineer the script.

[Orange]

@Zango: I planned to find one, but it seems that there's only ONE publicly available, which doesn't really work. Can you share your app? I need something like that one, but for lua :>

[Phat Looser]

Another interesting method is to script object-oriented.

Since thieves can't understand it I'm pretty sure they will fail at using it.

Example is my anticheat which was stolen but failed completely. It simply killed everybody who joined.