So i'm making a lua script obfuscator, and i have the script in a string, i would like to call string.dump on it but it only accepts functions so i would like to know if their is any alternative, i would not like to post my code as i don't want anyone making a deobfuscator for my obfuscator so yeah, thanks for any help i get!
snippet of code:
local someVar = loadstringtwo.."("..asserttwothing.."("..concattwo.." ("..newasciitablevar..","..nilstringtwo..")))()";
local someScript = string.dump(someVar);
I can't understand what is your mean and purposes, but maybe code below will answered your question
local someScript = string.dump(load(someVar));
Related
This question here seems to tangentially touch upon it but I cannot get it to work. Here is my LUA file:
function conky_myeval()
local myTable = { " Old London :normal:size=7", "Ethnocentric :normal:size=7"}
var1 = myTable[ math.random( #myTable)]
return var1
end
and the related conky part:
${font ${lua conky_myeval}} Hello World!
Thank you for any assistance and I apologize if this has been asked before; The most similar I found I posted above.
I've found it easier to have a lua script pass conky a string that can be parsed by a lua_parse object that then generates the intended object rather than trying to pass a value to the intended object.
In the case of random fonts, I'd do something like the following, which worked when tested.
Lua file:
function conky_myfont()
local myTable = {"DejaVu Serif:normal:size=12", "MuseJazz Text:normal:size=12"}
var1 = myTable[ math.random( #myTable)]
return "${font "..var1.."}"
end
Conky part:
${lua_parse conky_myfont}Hello World!${font}
due to using nginx lua (kong gateway)
would like to replace
from
{"body":"\r\n \"username\": \"sampleUser\",\r\n \"password\": \"samplePassword\",\r\n"}
to
{"body":"\r\n \"username\": \"sampleUser\",\r\n \"password\": \"***REDACTED***\",\r\n"}
from
username=sampleUser&password=samplePassword
to
username=sampleUser&password=***REDACTED***
from
"password" : "krghfkghkfghf"
to
"password" : "***REDACTED***"
i did try on sample https://stackoverflow.com/a/16638937/712063
local function replacePass(configstr, newpass)
return configstr:gsub("(%[\"password\"%]%s*=%s*)%b\"\"", "%1\"" .. newpass .. "\"")
end
it does not work, any recommended reference ?
maybe something like this:
local t = {
[[{"body":"\r\n \"username\": \"sampleUser\",\r\n \"password\": \"samplePassword\",\r\n"} ]],
[[username=sampleUser&password=samplePassword]],
[["password" : "krghfkghkfghf"]]
}
local newpass ="***REDACTED***"
for k,example in pairs(t) do
res = example:gsub('(password[\\" :]+)(.-)([\\"]+)',"%1"..newpass.."%3")
res = res:gsub("(password=).+","%1"..newpass)
print(res)
end
out:
{"body":"\r\n \"username\": \"sampleUser\",\r\n \"password\": \"***REDACTED***\",\r\n"}
username=sampleUser&password=***REDACTED***
"password" : "***REDACTED***"
There's several things wrong with that at first sight.
1. You only check for =
In your test data you seem to have cases with key = value as well as key : value but your pattern only checks for =; replace that with [=:] for a simple fix.
2. You can't balance quotation marks
I don't know how you expect this to work, but [[%b""]] just finds the shortest possible string between two " characters, just as [[".-"]] would. If that's your intention, then there's nothing wrong with writing it using %b though.
3. Just don't
As I don't know the context, I can't say if this really is a bad idea or not, but it does seem like a very brittle solution. If this is an option, I would recommend considering the alternative and going with something more robust.
As for what a better alternative could look like, I can't say without knowledge of your requirements. Maybe normalizing the data into a Lua table and replacing the password key in a uniform way? This would make sure that the data is either sanitized, or errors during parsing.
Beyond that, it would help if you told us how it doesn't work. It's easy to miss bugs when reading someone elses code, but knowing how the code misbehaves can help a lot with actually spotting the problem.
EDIT:
4. You didn't even remove the brackets
You didn't even remove the [] from that other stack overflow answer. Obviously that doesn't work without any modifications.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 2 years ago.
Improve this question
I have a(nother) string of lua code that's obfuscated. I'm wondering if it's possible to deobfuscate it, or to figure out how it was obfuscated, as I've never encountered anything like it before. This string of code is supposedly the main module for a malicious serverside script executor. Knowing what's inside will help us patch the exploit on our platform. I'm told that it would be easy to decipher by getting the constants, because it's VM based obfuscation, we just need a bit of help getting pointed in the right direction.
The code is rather large, so it's in this pastebin.
pastebin com/dtfzBPZk
Deobfuscating this one looks like it will be a slightly more manual process. As usual, the first things you should do are rename variables to have saner names, and add whitespace and indentation to the code. You can see a start to this at https://pastebin.com/eRTGAbTH. Once you do that, you'll see a pattern of functions like this:
(function(...)
local SynapseXen_116 = "hi xen doesn't work on sk8r please help"
local SynapseXen_092 = SynapseXen_100(38909278, 3932326132)
local SynapseXen_069 = {...}
for SynapseXen_109, SynapseXen_043 in pairs(
SynapseXen_069
) do
local SynapseXen_119
local SynapseXen_097 = type(SynapseXen_043)
if SynapseXen_097 == "number" then
SynapseXen_119 = SynapseXen_043
elseif SynapseXen_097 == "string" then
SynapseXen_119 = SynapseXen_043:len()
elseif SynapseXen_097 == "table" then
SynapseXen_119 = SynapseXen_100(4264903821, 30110892)
end
SynapseXen_092 = SynapseXen_092 + SynapseXen_119
end
SynapseXen_140[1171393165] =
SynapseXen_bit_bxor(
SynapseXen_bit_bxor(2179831066, SynapseXen_092),
SynapseXen_bit_bxor(2132161653, SynapseXen_082)
) -
string.len(SynapseXen_116) -
SynapseXen_139 -
#{
2716917292,
2960928816,
2092744992,
3945961999,
2156388474,
2523828292,
534526172
}
return SynapseXen_140[1171393165]
end)({}, {}, 14275, 107, "iIIllIIlIIilillilI", "i", 5327, 3211, 14382, 14643)
Now you can start to eliminate red herrings. For example, any time you see #{ a bunch of stuff in here }, you can just count the elements in the list, and replace the whole thing with the count. In this case, there's one of those near the end we can replace with the number 7. Next, look at SynapseXen_116. The only place it's used is for its length, so you can substitute that in as well. Now, After that, notice that this is declaring a function and then immediately invoking it, so you can substitute in its arguments. Continue going down that path until you uncover the heart of the Lua-in-Lua VM, and from there, it should be easy to plug in the Base64 at the end, and see what bytecode it decodes to.
Actually I am writting a programming language in Lua. It was quite fun. I've wrote a bit of standard library (stack op and simple io). Then I've thought about labels. It would look like in assembly. While and for loop aren't funny in any bit so programming in that language can be quite challenging. Here are some requirements for this system:
Label stack (or array, dictionary) must be accessible from global context.
Jump instruction handler will be in separate file.
This is how my label-handling function look like:
function handleLabel(name,currentLine)
end
I have no idea how to implement this kind of magic. First I've thought about that:
LabelLineIDS = {}
Labels = {}
Labelamount = 1;
function handleLabel(name,currentLine)
LabelLineIDS[Labelamount]=currentline
Labels[Labelamount]=name
Labelamount=Labelamount+1
end
-- In file "jump.lua":
local function has_value (tab, val)
for index, value in ipairs(tab) do
if value == val then
return index
end
end
print ("Error: Label not defined.") -- Bail out.
os.exit(1)
end
local function _onlabel()
local labelName = globalparams --Globalparams variable contain parameters to each function, at the moment
--this will contain label name. It _can_ be nil.
return LabelLineIDS[has_value(Labels, labelName)]
end
CurrLine = _onlabel() --Currline - current line that get's parsed.
--1 command per one line.
But I'm unsure is this well written or even work. Can you give me idea how to parse labels in my programming language (and write jump functions)? Or if my code is pretty ok at the moment, can you help me to improve it?
Using line counter in my parser I've decided to implement gotos like we can see in BASIC. Thanks everyone for help.
I'm trying to get a handle on how OOP is done in Lua, and I thought I had a simple way to do it but it isn't working and I'm just not seeing the reason. Here's what I'm trying:
Person = { };
function Person:newPerson(inName)
print(inName);
p = { };
p.myName = inName;
function p:sayHello()
print ("Hello, my name is " .. self.myName);
end
return p;
end
Frank = Person.newPerson("Frank");
Frank:sayHello();
FYI, I'm working with the Corona SDK, although I am assuming that doesn't make a difference (except that's where print() comes from I believe). In any case, the part that's killing me is that inName is nil as reported by print(inName)... therefore, myName is obviously set to nil so calls to sayHello() fail (although they work fine if I hardcode a value for myName, which leads me to think the basic structure I'm trying is sound, but I've got to be missing something simple). It looks, as far as I can tell, like the value of inName is not being set when newPerson() is called, but I can't for the life of me figure out why; I don't see why it's not just like any other function call.
Any help would be appreciated. Thanks!
Remember that this:
function Person:newPerson(inName)
Is equivalent to this:
function Person.newPerson(self, inName)
Therefore, when you do this:
Person.newPerson("Frank");
You are passing one parameter to a function that expects two. You probably don't want newPerson to be created with :.
Try
Frank = Person:newPerson("Frank");