Sutenzzor
Reputation: 29
How to Deobfuscation Lua Script?
local script= string.dump(
function()
print('Hi')
end
)
buff=""
for v=1,string.len(script) do
buff=buff..'\\'..string.byte(script,v)
end
print(buff)
script turns into byte code, any idea how to reverse it?
Upvotes: 2
Views: 4257
Answers (2)
Lua Tutoring
Reputation: 180
To find the difference between VM bytecode and Lua bytecode, in VM bytecode there would always be a \24 in the front.
In this case, this is VM (virtual machine) bytecode. This obfuscation thing also uses a string.dump function and can be easily reversed.
Here's the modified decompiler version:
local script= string.dump(
function()
print('Hi')
end
)
buff=""
for v=1,string.len(script) do
buff=buff..'\\'..string.byte(script,v)
end
buff = "'"..buff.."'"
print("print("..buff..")")
This version just simply uses the print function to print the string.dump created in the script. The source is clearly visible, and I'm pretty sure this works for all insecure VM obfuscators.
Upvotes: 0
lhf
Reputation: 72312
You cannot reverse bytecode to Lua source but you can list the VM instructions with luac -l.
Upvotes: 5
Related Questions
- How do I de-obfuscate a Lua script?
- How to obfuscate lua code?
- How would I use this?
- lua code deobfuscation
- Deobfuscate Lua scripts?
- Is it possible to deobfuscate this string of Lua Code?
- How to de-obfuscate lua script?
- Lua obfuscation issue
- Lua desobfuscation
- How to Identify malicious code inside lua scripts that may be obfuscated/encrypted