I was wondering: how do you use getfenv to load modules? This is a method used by some loaders, and I was quite curious about it.
Using ‘getfenv’ to load modules?
Okay so as incapaxx has already noted
getfenv is for getting an environment and that
They were from backdoors. The script writer would obfuscate their code. Don't do it. It adds unnecessary complexity and unnecessary overhead. --// incapaxx
I agree with both of incapaxx's statements. Now on how what they are doing works and why they are doing it.
They are likely using the byte value for a corresponding string to make it look confusing. Example
local a = "\98\99\100" print(a)
This results in the output of "bcd". The
\ is the escaping character and following it with any number makes an escape sequence like "\n" which is new lie or "\t" which is tab.
The malicious users are taking abuse of this feature to in a way obsfucate / hide the logic of what they're trying to do. An example would look like this.
getfenv()["\114\101\113\117\105\114\101"](1234.5 * 2)
Why are they using
getfenv? Well they need reference to the environment since they are "obsfucating" their
require call into a string that looks unreadable.
This actually can be evaluated to
getfenv()["require"](1234.5 * 2) which can finally be evaluated to
All they are doing is making it harder for you to tell what they are doing, such as requiring a malicious model.
I suggest removing ANY code in your game that has similar characteristics to what we are discussing as you are putting your games security at risk. What they are doing likely requires a private module that inserts a remote event into a private service and uses a custom
loadstring function to evaluate and run their code on the server which is very dangerous.