Profile Picture

plusgiant5

Reputation: 5 [rate]

Joined: Dec, 2022

Last online:

Bio

reverse engineer

Badges

badge

Etc

Send Message

Threads List
Possible Alts

Activity Feed

Replied to thread : HOW DO YOU MAKE A EXECUTOR IN C++


start with googling it

Replied to thread : Aerion - Full Lua Execution [NOT OUT YET]


bypass byfron first

Replied to thread : How to make a custom api?


google searches alone should be able to teach you basic execution

Commented to thread : Is the revert ban shlt real?


idk ask roblox

Replied to thread : Is the revert ban shlt real?


roblox can always go over old logs and ban everyone who reverted so just hope they dont

Replied to thread : What things should be added to Lua?


string buffers

Commented to thread : (Lua C) Skydive script


Sensational.

Replied to thread : [REQ] How do I register custom funcs?


If you want stable custom functions that will never break, do something like:

1. Create a closure using closure offsets

2. Get the global table using a lua state offset

3. Create the string which should be the name of the function using string offsets

4. Write to the global table using table offsets, setting the key at the string you created to the closure you created

Replied to thread : Someone who knows about backdoors?


it is serverside code that will execute anything the client gives it

Replied to thread : Is this the right address?


no, this is the address of one of the places where the print function is called

specifically, the address of a PUSH instruction which pushes a pointer to the string "Video recording stopped", onto the stack

after this, the number 1 is pushed onto the stack (1 means blue print), then the print function is called using the CALL instruction

after the call, the print function will take both of these arguments off the stack and do the appropriate printing with them

so, if you want to emulate this printing that occurs at 0x003641B7, you want the address of the function, so you can call it yourself

the address is 0x00C7ACC0 and you can see it at the CALL instruction at 0x003641BE

 

IDA automatically names the function sub_C7ACC0, because the function is located at C7ACC0 in memory

you should right click on sub_C7ACC0, then rename it to "print" or "output" or something that makes it easier for you to understand

Replied to thread : how to find this... addresses...


this is from my source, and you dont need to find these addresses as i already update them weekly

learn how it works, then make your own exploit from scratch

also please dont use this execution method in a real exploit

Replied to thread : how much you'll rate urself at LUA ??


10/10 absolute understanding

Replied to thread : Need xrefs for roblox


To find LuaVM::load, use the string "oldResult, moduleRef  = ..." etc it's a long string, then go two function calls down. LuaVM::load is a very large function, so look for that.

As for the xrefs, they are 003CEF97, 003D1622, 003D38FC, 003D5D65, 003DC062, 003DD723, 003E291F, 003EBBBD (rebase 0)

Replied to thread : pls deobfuscate?


https://pastebin.com/cCVN7eFh

 

Replied to thread : Deobfuscate.


Thank you for giving us the first 88 characters of the script