我需要任何可以解码“Luraph Obfuscator"的人 [英] I need anyone that can, decode "Luraph Obfuscator"

问题描述

我为脚本支付了一位不受信任的开发人员的费用.而且我还以为他骗了我.他确实给我发了代码，但他混淆了脚本.这是一个使用 Lua 的名为Roblox"的游戏，代码将在下面.据我所知，通过运行它，它可能会起作用.但是我需要更改脚本才能使其工作.有谁知道解码混淆?

https://pastebin.com/B8SZmZGE

 <代码>本地ilIillllII1i1lliliI =断言本地II1ll1iliIIIIillIli =选择本地lIlillIlIi11I1lIIi11I = tonumber本地i1li1IIIII1IIilIil1 =拆包本地iIl1IIlI11i1il1ilII = PCALL本地lIlI1IiiIlIl1i11ll1Il = setfenv本地iIIlilIlllIliiIili1 = setmetatable本地ii1Iiill11ii1IIIill =键入本地lIll1I1ll1lliilII1Il1 = getfenv本地IiIi1llliiIIllllI1i =的toString本地Ii1IIill1ilI1lilIiI =错误本地iilli1lIi11lllIli1l = string.sub本地lIlI1li1ll1lliliIlI = string.byte本地lIli1Ill1liIlilIIIiiI = string.char本地I1ii1iIIl1lI1Iii1iI =函数string.rep本地iiiIiI11IIllIiliI1I = string.gsub本地illlIIIllliill1l1ll = string.match本地iIi1l1liili1I11l1II = 1个本地函数lIll1iillI1ll1iiIiIll(IIiiiIiiIllIl1i1i1I，iIililIlliIII11illi)局部i1iiI1I1iII1iiIiil1IIiiiIiiIllIl1i1i1I = iiiIiI11IIllIiliI1I(iilli1lIi11lllIli1l(IIiiiIiiIllIl1i1i1I，5)， .."，功能(llii1Ii11lI1llilill)如果lIlI1li1ll1lliliIlI(llii1Ii11lI1llilill，2)== 71然后i1iiI1I1iII1iiIiil1 = lIlillIlIi11I1lIIi11I(iilli1lIi11lllIli1l(llii1Ii11lI1llilill, 1, 1)) 返回

解决方案

基本上它使用字节码 (144229988) 但它有一个自定义解释器和一个自定义字节码 vm 使其具有这样的字节码:LPH|3EE5491D2B1A00192574A22B510A02002GE5E7E9E42GE5F53GE5F53GE5CD3GE5FDE42GE5C13GE5F934B71

因此，您需要将变量和函数重命名为 variable1、variable2 之类的名称，以便您能够阅读它.然后找到像

这样的垃圾代码部分

function 1iiii1i1i(i1i1ijj1jijij)本地 1j1j1jj1j1jijijij = (((10*2)/2)-3/9)结尾1iiii1i1i(90, 0)

这些完全没用，旨在欺骗反编译器循环随机数函数.检查是否有类似的东西: iIi1l1liili1I11l1II = iIi1l1liili1I11l1II + 4 return Ii1IiI1I111I1II1IIi * 16777216 + iIII1iIiI1l1IlIlii * 65511ll * 65511ll * 65511ll * IIli111

这些是垃圾代码，只需在其余代码中寻找它(使用ctrl+F)，看看它是否有用.如果是，则检查该用途是否有用途等等，直到您发现它是否是虚拟机的一部分.问题是它可能会多次加载另一个加载字符串，直到反编译它需要很长时间.因此，如果您真的需要不和谐的来源，请与我联系，我可以联系您(turtsis#2785)或花几个小时

使用 Lua 美化器可以使其更容易理解.

如:[http://blackmiaool.com/lua-beautify/][1] (https://github.com/blackmiaool/lua-beautify)

I paid an untrusted developer for a script. And as I thought he scammed me. He did send me code, but he obfuscated the script. It is for a game called "Roblox" that uses Lua, the code will be down below. As from I can tell by running it, it might work. But I would need to change the script for it to work. Does anyone know to to decode the obfuscation?

https://pastebin.com/B8SZmZGE

local ilIillllII1i1lliliI = assert local II1ll1iliIIIIillIli = select local lIlillIlIi11I1lIIi11I = tonumber local i1li1IIIII1IIilIil1 = unpack local iIl1IIlI11i1il1ilII = pcall local lIlI1IiiIlIl1i11ll1Il = setfenv local iIIlilIlllIliiIili1 = setmetatable local ii1Iiill11ii1IIIill = type local lIll1I1ll1lliilII1Il1 = getfenv local IiIi1llliiIIllllI1i = tostring local Ii1IIill1ilI1lilIiI = error local iilli1lIi11lllIli1l = string.sub local lIlI1li1ll1lliliIlI = string.byte local lIli1Ill1liIlilIIIiiI = string.char local I1ii1iIIl1lI1Iii1iI = string.rep local iiiIiI11IIllIiliI1I = string.gsub local illlIIIllliill1l1ll = string.match local iIi1l1liili1I11l1II = 1 local function lIll1iillI1ll1iiIiIll(IIiiiIiiIllIl1i1i1I, iIililIlliIII11illi) local i1iiI1I1iII1iiIiil1 IIiiiIiiIllIl1i1i1I = iiiIiI11IIllIiliI1I(iilli1lIi11lllIli1l(IIiiiIiiIllIl1i1i1I, 5), "..", function(llii1Ii11lI1llilill) if lIlI1li1ll1lliliIlI(llii1Ii11lI1llilill, 2) == 71 then i1iiI1I1iII1iiIiil1 = lIlillIlIi11I1lIIi11I(iilli1lIi11lllIli1l(llii1Ii11lI1llilill, 1, 1)) return

解决方案

Basically it uses bytecode (144229988) but it has a custom interpreter and a custom bytecode vm to make it have a bytecode like this: LPH|3EE5491D2B1A00192574A22B510A02002GE5E7E9E42GE5F53GE5F53GE5CD3GE5FDE42GE5C13GE5F934B71

So you will need to rename the variables and functions into something like variable1, variable2 so that you are able to read it. Then find parts that are junk code like

function 1iiii1i1i(i1i1ijj1jijij)
local 1j1j1jj1j1jijijij = (((10*2)/2)-3/9)
end
1iiii1i1i(90, 0)

Which are completely useless and are meant to trick decompilers into looping random number functions. to check if stuff like: iIi1l1liili1I11l1II = iIi1l1liili1I11l1II + 4 return Ii1IiI1I111I1II1IIi * 16777216 + iIII1iIiI1l1IlIIlii * 65536 + IIill111lli111ll1li * 256

These are junk code just look for it in the rest of the code (using ctrl+F) and look if it has a use. If it does, then check if that use has a use and so on until you find if it is part of the vm. The thing is though is that it might loadstring another loadstring for many times until it will take VERY LONG to decompile this. So if you really need the source contact me on discord and I can hook you up (turtsis#2785) or put a couple of hours into this

Using a Lua beautfier can make it easier to understand.

Such as: [http://blackmiaool.com/lua-beautify/][1] (https://github.com/blackmiaool/lua-beautify)

这篇关于我需要任何可以解码“Luraph Obfuscator"的人的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！