I Need help (Lua Obfuscator)

@_realnickk

I'm not gonna lie, that's completely true. Most obfuscators are honestly just ib2 replicas with some minor modifications. To be honest all obfuscators are the same nothing new, nothing fun to see or try and deobfuscate. It's kinda just old and lame, but not most people have creativity or competence to make their own obfuscation method.

@_realnickk

I'm actually in the middle of working on a minor lua obfuscator, I'm making a custom compiler so people can use things like classes and namespaces and switch because my friend Atari needs it, I might ask people for some suggestions on what they want the compiler to have. I might also open source it so people can better understand how they can make their own compiler for lua rather than using one that lacks amazing hot features.

All that aside, I'd make my own obfuscation method, but to be honest I wouldn't know where to start.

The usual definition for obfuscation is to make something harder to read/understand  by a human. Most people just use complex control structures, and maybe some simple string encryption.

@_realnickk

I'll surely consider it.

@_realnickk

Yes, I was gonna add goto because I like it, and I want to do a few things that luau does but doesn't interpret it or whatever, for example I think type annotations should have a better reason for being used. My obfuscator uses type annotation shuffling as an anti beautification method aswell as to throw people off `local string: string = 2`

Since luau doesn't parse them as it should in my opinion I use it to throw people off. I think parsing them properly and error when the type annotation isn't proper should error. 

This ^ probably made 0 sense, but hey I'm not an expert in explanations yk.

Also, I wanted to point out my obfuscator won't use lbi in a way, my friend joeisgod had an idea to spread the instructions through the script which is what I'm doing -> Credits to JoeIsGod :wink:

extorius obfuscator

@_realnickk

You know the VmConcept.lua script I made, and how the vm.program table holds all of the instructions. Well, take those instructions and spread them through the script along with complex control structures (control flow whatever) and a whole bunch of just fake and ugly code, along with a vm ofc. Once the instructions are spreaded out you can add fake instructions etc... Doesn't matter. People would have to instead look for the instructions manually, and to prevent hooking (regEx) you could always do some random things. To be honest I see it as a very good way obfuscation. Maybe used some math for number mutation, encryption for strings, custom stuff who knows. No large chunks of bytecode just hanging around in one spot, no having to deserialize it or whatever. Just convert the bytecode to instructions put them in a script spread them out and add junk code along with a hot vm. Maybe add some table constructor mutation to prevent readable and easily callable tables. Stack encryption whatever. You get the point.

It is although just an idea, and might not be a full set secure obfuscation method, but I see little potential.

@Cyros yes but as long as it doesnt contain the government launch codes you should be fine 👍

@89215 yknow who wants a couple thousand?

me.

@_realnickk

I may have interpreted what you said incorrectly, but from what I'm thinking is this could work.

local instruction_pointer = 1
local instructions = {
    { opcode = "LOADBOOL", args = { 0, 1, 0 } },
    { opcode = "TEST", args = { 0, 0, 1 } },
    { opcode = "JMP", args = { 1 } },
    { opcode = "LOADBOOL", args = { 0, 0, 0 } },
    { opcode = "TEST", args = { 0, 0, 0 } },
    { opcode = "JMP", args = { 1 } },
    { opcode = "JMP", args = { -3 } },
    { opcode = "RETURN", args = { 0, 1 } },
}

-- Real code loop that replaces JMP and TEST instructions
while instruction_pointer <= #instructions do
    local instruction = instructions[instruction_pointer]
    if instruction.opcode == "LOADBOOL" then
        -- load a boolean value onto the stack
    elseif instruction.opcode == "TEST" then
        -- test the top value on the stack and change the instruction pointer
        -- based on the result
        local a, b, c = unpack(instruction.args)
        if stack[a] == b then
            instruction_pointer = instruction_pointer + c
        end
    elseif instruction.opcode == "JMP" then
        -- jump to the specified location
        instruction_pointer = instruction_pointer + instruction.args[1]
    elseif instruction.opcode == "RETURN" then
        -- return from the function
        break
    end
    instruction_pointer = instruction_pointer + 1
end

What this does is replace the jmp and test instructions with a while loop that iterates over the instruction array. The idea is to use a loop rather than jmp and test to inerpret the instruction set and run the program. This isn't like a full thing just a quick thing that I could come up with.

Hm, I'm sorry for the misinterpretation. I'll have to rethink.

Ahhh, I see now.

Instead of relying on an instruction pointer, you use control flow to emulate the scripts behavior. Doing this makes the code harder to understand, debug and as you said hook bytecode-level.Then you can use some control flow mutation or whatever they call it these days to make harder/complex obfuscated scripts. This should make people have a harder time to follow how the script works, along with require someone to emulate the scripts behaviour in their head rather than reading it. I like the idea.