Sign in to follow this  
darkdreamingdan

luac.mtasa.com and us

Recommended Posts

there is no descompiler for luac.mtasa.com :lol::lol::lol:

Maybe not, but it takes no effort to write one.

Share this post


Link to post
On 21/10/2014 at 19:40, myonlake said:

Maybe not, but it takes no effort to write one.

is truth, gives to redo the script

Share this post


Link to post
there is no descompiler for luac.mtasa.com :lol::lol::lol:

Not true , it's possible to decompile scripts.

Share this post


Link to post

jup, somebody can.

Somebody who likes to steal content of it.

Share this post


Link to post

Is there anything in which x player can decrypt the encrypted data? (just asking because i dont want my scripts to be stolen)

Share this post


Link to post
Is there anything in which x player can decrypt the encrypted data? (just asking because i dont want my scripts to be stolen)

Yes. It's already being decrypted at runtime. It's just a matter of knowing what they're doing.

Generally, you won't see it happening, but otherwise, yes.

Share this post


Link to post

Then it's s stated that compiler won't secure the script fully... anyways It's nice to compile since not many players know about i

Share this post


Link to post

Just make as much as possible serverside, except for the effects, visuals, etc.

Share this post


Link to post

I've found that scripts compiled without luac.mtasa.com's extra obfuscation are easily decompiled. Why isn't the extra obfuscation forced? I don't see any negatives to it.

Share this post


Link to post

The obfuscation, as I believe, is an RSA (or some other) encryption. As you probably know, nothing is instantaneous - decryption takes some time and I guess it can take quite a while to decrypt very large scripts before they're loaded into memory. This might be a reason as to why it isn't forced.

Share this post


Link to post

You tried hard to make the scripts more secure, yet you've failed to eliminate the most obvious method of 'decrypting' the extra obfuscated file. *Ironic Well-Done Clap*

Share this post


Link to post

Good idea. (being sarcastic here if you don't realise) Completely remove the possibility to decrypt the code and hope it will magically load up. MTA needs to decrypt the code in order to load it into memory.

Share this post


Link to post
Good idea. (being sarcastic here if you don't realise) Completely remove the possibility to decrypt the code and hope it will magically load up. MTA needs to decrypt the code in order to load it into memory.

And why did I expect a normal non-narcissistic response from a MTA forum user? (rhetorical question if you dont realiZe) Idiot. I was referring to the built-in Lua function that dumps the bytecode.

Share this post


Link to post
if you dont realiZe
Actually, in international English standards, you use (modern) British English (–ise), not American English (–ize). Besides, I only expressed my view but you called me an idiot which I find quite offensive.

Share this post


Link to post
if you dont realiZe
Actually, in international English standards, you use (modern) British English (–ise), not American English (–ize). Besides, I only expressed my view but you called me an idiot which I find quite offensive.

Your opinion? Then why is your opinion to scold me for pointing out the issues of MTA that could have been easily avoided. It's not like I didn't try to help. And even if I was implying to remove the built-in decrypt function, it could still work. They could've still sent the request from the server to luac.mtasa.com and receive the bytecode for runtime. It's not like the server is not going to be connected to the Internet.

And as of realize/realise issue, it is actually fine to write it both ways. I just corrected you because you're using British spelling to sound smart, when obviously you are not.

Share this post


Link to post

People should just give out the source of their scripts. If you are worrying somebody duplicates your server then keep in mind most other games dont even have such scripting. Good server is made from community and financial resources to keep connection fast.

Share this post


Link to post
if you dont realiZe
Actually, in international English standards, you use (modern) British English (–ise), not American English (–ize). Besides, I only expressed my view but you called me an idiot which I find quite offensive.

Your opinion? Then why is your opinion to scold me for pointing out the issues of MTA that could have been easily avoided. It's not like I didn't try to help. And even if I was implying to remove the built-in decrypt function, it could still work. They could've still sent the request from the server to luac.mtasa.com and receive the bytecode for runtime. It's not like the server is not going to be connected to the Internet.

And as of realize/realise issue, it is actually fine to write it both ways. I just corrected you because you're using British spelling to sound smart, when obviously you are not.

Doesn't fix anything. Sniffing is way easier than you think... at least for those who already know how to get the decrypted code.

Share this post


Link to post
And as of realize/realise issue, it is actually fine to write it both ways. I just corrected you because you're using British spelling to sound smart, when obviously you are not.
Oh, I see. So you're using the American version so that you look dumb, which you obviously are.

Jokes aside, I actually used the British version not to look smart, but because I am a British resident.

Share this post


Link to post

@myonlake: Actually, it does fix anything (something)! It just doesn't fix everything*. BTW, did you ever take any dissembler classes? There is a lot of work to it. It is very unlikely that a person who wishes to steal is going to know this much.

Share this post


Link to post
Revolt said:
@myonlake: Actually, it does fix anything (something)! It just doesn't fix everything*. BTW, did you ever take any dissembler classes? There is a lot of work to it. It is very unlikely that a person who wishes to steal is going to know this much.

A lot of things you can learn from just the internet, really. And I never took any classes on any programming language, or an assembler or whatever, I've learnt it all by doing and experimenting, and ultimately just hacking.

No, it doesn't fix anything, it's just a different way to do the whole process. Regardless of what you have running in your runtime you can dump it out regardless of where you got the code from originally. As long as you're running it on your PC, you can get the original code.

Share this post


Link to post
On 14/01/2016 at 23:49, myonlake said:

A lot of things you can learn from just the internet, really. And I never took any classes on any programming language, or an assembler or whatever, I've learnt it all by doing and experimenting, and ultimately just hacking.

No, it doesn't fix anything, it's just a different way to do the whole process. Regardless of what you have running in your runtime you can dump it out regardless of where you got the code from originally. As long as you're running it on your PC, you can get the original code.

And yes, it does fix something (as I previously stated). This is fact*.

It is way easier to execute the critical function than running a disassembler on MTA server and eventually locating the exact moment the script is decrypted and pausing it. And removing the issue I first stated would leave this option as the only one remaining to achieve the desired result.

Theoretically, there is always a possibility, but the likelihood of it's exercise reduces massively upon removing the most threatening issue.

Share this post


Link to post

Revolt is quite right, despite being an ass. Only thing that can corrupt this system is creating a decrypter for public, so anyone can use it.

Share this post


Link to post

I'd like to intervene here, despite that I don't know anything about Lua nor anything on this topic.

You can correct each other if someone has made a mistake on their understanding of Lua or anything, but not through fights and insulting.

@Revolt: Brate, nemoj tako, nemoj se spuštati na njihov nivo, vidiš da samo hoće da se svađaju. Pusti ih.

Share this post


Link to post

what has changed; What's new?

mzDUCX6.png

and because I can not compile my scripts in OOP?

Q30XAGb.png

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.