Jump to content

[ Source ] GG Decompiler Tool Source Code by Dj-jom2x


Dj-jom2x
 Share

Recommended Posts

6 minutes ago, Enyby said:

You can use dump. Usually it is enough for restore script flow.

I meant the approach that is used in the script from this topic (hooking functions).
And yes, that "dump source" feature from your script is really helpful, considering that it works on compiled scripts, keep up the good work.

Edited by CmP
Link to comment
Share on other sites

  • Administrators

This script not good written. Bad style and too many duplicate code. But idea good enough.

This is not dump code of function. It is only log some calls from it. No more.

In script compiler can be added more friendly output for tables.  Or constant decode. It is simple.

More important  - script compiler able work with any new functions. This script - no.

_______________________________________________
added 2 minutes later
if function_hook ~= nil then os.exit() end

This line in script stop run script under this script.

Or this:

if type(gg.searchNmber) == 'table' then os.exit() end

 

Link to comment
Share on other sites

I created obfuscator and dumping it is no good.. because its a real obfuscator that really re code the code it self.. not just loop load stuff. so getting the full source both tools mine and enby is not reliable. try this ?

btw downloading this script i edited all the search so it doesn't work.. because its dragonstar vip.. i wont spread the real searches...

 

password: 67890

 

@Enyby   im talking about dumping the whole source of code like dumping on load to get the original file ? Snooper still works and your gg logger too .. but dumping the whole file is possible but its obfuscated not the real one, im showing a demo for obfuscator that has scramble features that only works on gg. .. btw i cant send anymore msg so ireply thru here. I think this tisnquyen user is mad ?

test3.lua.67890.vip

Edited by Dj-jom2x
enby i mean the whole source code.
Link to comment
Share on other sites

  • Administrators
gg.getRanges()
gg.setRanges(4)
gg.clearResults()
gg.searchNumber("0", 16)
gg.searchNumber("0", 16)
gg.getResults(200)
gg.setRanges(262207)
gg.editAll("-999.451155", 16)
gg.toast("ANTENNA GOD by Rad7t & Glen/Activatedctivated")
Quote

ON/OFF ??Antenna Hack??

 

_______________________________________________
added 4 minutes later
"ON/OFF ??Jump Hack??")
gg.clearResults()
gg.searchNumber("0", 16)
gg.getResults(8)
gg.addListItems(table(3f54317d): {
	[1] = table(219b5872): {
	[address] = 851443712
	[flags] = 16
	[freezeType] = 0
	[freeze] = true
	[value] = 2
}
	[2] = table(3e4394c3): {
	[address] = 851443752
	[flags] = 16
	[freezeType] = 0
	[freeze] = true
	[value] = 800
}
	[3] = table(2bebf140): {
	[address] = 851443756
	[flags] = 16
	[freezeType] = 0
	[freeze] = true
	[value] = 800
}
	[4] = table(2e776879): {
	[address] = 851443760
	[flags] = 16
	[freezeType] = 0
	[freeze] = true
	[value] = -60
}
	[5] = table(314289be): {
	[address] = 851443764
	[flags] = 16
	[value] = 0.0
}
	[6] = table(640ba1f): {
	[address] = 851443768
	[flags] = 16
	[value] = 0.0
}
	[7] = table(353ee16c): {
	[address] = 851443772
	[flags] = 16
	[value] = 0.0
}
	[8] = table(19fd1335): {
	[address] = 851443776
	[flags] = 16
	[value] = 0.0
}
})
gg.toast("You Tube = Dragon Star")

And so on.

In log written all calls. Does not matter how you encrypt it. But I can decode fully code with different var names of course. But I too lazy for this. But this possible you doing nothing complicated. All call load can be decoded. All your encode string can be decoded. Question of time.

Link to comment
Share on other sites

34 minutes ago, Enyby said:

gg.getRanges()
gg.setRanges(4)
gg.clearResults()
gg.searchNumber("0", 16)
gg.searchNumber("0", 16)
gg.getResults(200)
gg.setRanges(262207)
gg.editAll("-999.451155", 16)
gg.toast("ANTENNA GOD by Rad7t & Glen/Activatedctivated")

 

_______________________________________________
added 4 minutes later

"ON/OFF ??Jump Hack??")
gg.clearResults()
gg.searchNumber("0", 16)
gg.getResults(8)
gg.addListItems(table(3f54317d): {
	[1] = table(219b5872): {
	[address] = 851443712
	[flags] = 16
	[freezeType] = 0
	[freeze] = true
	[value] = 2
}
	[2] = table(3e4394c3): {
	[address] = 851443752
	[flags] = 16
	[freezeType] = 0
	[freeze] = true
	[value] = 800
}
	[3] = table(2bebf140): {
	[address] = 851443756
	[flags] = 16
	[freezeType] = 0
	[freeze] = true
	[value] = 800
}
	[4] = table(2e776879): {
	[address] = 851443760
	[flags] = 16
	[freezeType] = 0
	[freeze] = true
	[value] = -60
}
	[5] = table(314289be): {
	[address] = 851443764
	[flags] = 16
	[value] = 0.0
}
	[6] = table(640ba1f): {
	[address] = 851443768
	[flags] = 16
	[value] = 0.0
}
	[7] = table(353ee16c): {
	[address] = 851443772
	[flags] = 16
	[value] = 0.0
}
	[8] = table(19fd1335): {
	[address] = 851443776
	[flags] = 16
	[value] = 0.0
}
})
gg.toast("You Tube = Dragon Star")

And so on.

In log written all calls. Does not matter how you encrypt it. But I can decode fully code with different var names of course. But I too lazy for this. But this possible you doing nothing complicated. All call load can be decoded. All your encode string can be decoded. Question of time.

 and thats my goal .. and yes load still works.. but after that they have to reconstruct it.. which you said "kinda lazy to do it" or its "time consuming".. and thats really my goal.. so they will use gg logger instead or snooper and recreate it.. but if more logical stuff needed they have to reconstruct the obs code and compare it to complete it which is time consuming. but if its normal stuff its fine.. im trying to confuse leechers. and making them confuse is my main goal. and only true coders will understand whats happening. this is not hiding a code .. this is making it hard to read for leechers. not everyone is @Enyby  tho ? others wish they do ?

Link to comment
Share on other sites

  • Administrators

I'm lazy because I do not have time for this and because it's time to nowhere. You can write a script that will automatically decode your changes.
In fact, even a dump load is enough to get some information.

_G["WZLQGOXKJPPDLTNFYDBMSETPPXTLYI"] = pcall;
_G["LQJYLGJGKHJDNMXKPLQLHOVNFKVFRP"] = function (x)    
    return  pcall(load(x))
end;
function LOOTIGNGENVHDRCHIOEDJTASOGW( )
    BINKNBGHBUZROHXVMMZLHDSKQZ = gg.prompt({"Password:"},{"12345"})
    if BINKNBGHBUZROHXVMMZLHDSKQZ and tonumber(BINKNBGHBUZROHXVMMZLHDSKQZ[1]) then
        return BINKNBGHBUZROHXVMMZLHDSKQZ[1]
    else  
        return os.clock()
    end
end;
_G["ITSAOLYGTMOAANRZTWDMSLWUKF"] = LOOTIGNGENVHDRCHIOEDJTASOGW();

This is your bootloader, which asks for the password.

The second load loads the already changed script.

But why bother with all this, if you can just make a log of all the calls. You can change the algorithm. But you can not bypass the log.
Only the fact of launching under the logger, and that is not a fact. This is really difficult and you need to know the details of the implementation.

Link to comment
Share on other sites

  • Administrators

And about scripts - a complex script for beginners is not understandable, in itself. Even if there is nothing specifically confused. You can open my script for asphalt 8 and try to understand what's there for what. Or the IVovo script for Mage and Minions.

Link to comment
Share on other sites

On 6/30/2018 at 2:36 PM, Enyby said:

I'm lazy because I do not have time for this and because it's time to nowhere. You can write a script that will automatically decode your changes.
In fact, even a dump load is enough to get some information.


_G["WZLQGOXKJPPDLTNFYDBMSETPPXTLYI"] = pcall;
_G["LQJYLGJGKHJDNMXKPLQLHOVNFKVFRP"] = function (x)    
    return  pcall(load(x))
end;
function LOOTIGNGENVHDRCHIOEDJTASOGW( )
    BINKNBGHBUZROHXVMMZLHDSKQZ = gg.prompt({"Password:"},{"12345"})
    if BINKNBGHBUZROHXVMMZLHDSKQZ and tonumber(BINKNBGHBUZROHXVMMZLHDSKQZ[1]) then
        return BINKNBGHBUZROHXVMMZLHDSKQZ[1]
    else  
        return os.clock()
    end
end;
_G["ITSAOLYGTMOAANRZTWDMSLWUKF"] = LOOTIGNGENVHDRCHIOEDJTASOGW();

This is your bootloader, which asks for the password.

The second load loads the already changed script.

But why bother with all this, if you can just make a log of all the calls. You can change the algorithm. But you can not bypass the log.
Only the fact of launching under the logger, and that is not a fact. This is really difficult and you need to know the details of the implementation.

you reliaze its a obfuscator right? what does obfuscator do again?. Obfuscator is not meant its not decompilable it just scramble it self + recoded it self to be undreadable if you know confuserx on .net you know what i mean.. and i must get atleast an ? for that ? since all obfuscator made in gg is not really a real obfuscator. its just a loop load non sense... a little support from forum admin @Enyby is good sometimes ?. you already state it needs time.. which leechers dont have. so stop showing your skill.. im not competing.

 

and from all those who uses our script gg logger and gg Snooper..

 

theres a big difference between logging and decompiling.. when you log it doesn't mean you got it ?.. you can only see gg calls inside the function not the whole if else while for k,v and other logical stuff thats included inside the script. 

 

and atleast give some ? for an effort.. dear leechers don't hate because you dont understand how it works.. learn learn lua from now and stop complaining.. its open source you already have dynamic hook included. and for the record i only have 2 weeks of lua learning background and made 1 stuff each week Decompiler and Obfuscator. and some game script that i never release but i posted on YouTube. anyway.. because the features is too low im shy to release it.. like this mobile legends map hack and toram online hack.

 

Edited by Dj-jom2x
Link to comment
Share on other sites

  • Administrators

Usually log will be enough. Most of scripts is plain list of gg calls.

Your obfuscated code easly can be deobfuskated if you change decoded stuff. First dump load. Second build version without load and encode. Next step - simplify. Add print return in your encode function. Print all params and return. Or save to file. It is allow build replace list. After that make replace in all place and format code. Now you can get script in state closed to initial source. Maybe with variables with different names. It is enough for restore work flow.

Link to comment
Share on other sites

  • 1 month later...
  • 1 month later...
  • 1 month later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.