I was wondering: how do you use getfenv to load modules? This is a method used by some loaders, and I was quite curious about it.
Using ‘getfenv’ to load modules?
Okay so as incapaxx has already noted getfenv
is for getting an environment and that
They were from backdoors. The script writer would obfuscate their code. Don't do it. It adds unnecessary complexity and unnecessary overhead. --// incapaxx
I agree with both of incapaxx's statements. Now on how what they are doing works and why they are doing it.
They are likely using the byte value for a corresponding string to make it look confusing. Example
local a = "\98\99\100" print(a)
This results in the output of "bcd". The \
is the escaping character and following it with any number makes an escape sequence like "\n" which is new lie or "\t" which is tab.
The malicious users are taking abuse of this feature to in a way obsfucate / hide the logic of what they're trying to do. An example would look like this.
getfenv()["\114\101\113\117\105\114\101"](1234.5 * 2)
Why are they using getfenv
? Well they need reference to the environment since they are "obsfucating" their require
call into a string that looks unreadable.
This actually can be evaluated to getfenv()["require"](1234.5 * 2)
which can finally be evaluated to getfenv()["require"](2469)
All they are doing is making it harder for you to tell what they are doing, such as requiring a malicious model.
I suggest removing ANY code in your game that has similar characteristics to what we are discussing as you are putting your games security at risk. What they are doing likely requires a private module that inserts a remote event into a private service and uses a custom loadstring
function to evaluate and run their code on the server which is very dangerous.
Locked by User#24403
This question has been locked to preserve its current state and prevent spam and unwanted comments and answers.
Why was this question closed?