Jump to content
  • 0

Anti-peeping mechanism


fateonlyzero
 Share

Question

There is a function in the GG script that can hide the GAMEGUARDIAN UI, but when searching, the search progress will be displayed in the upper left corner.
 If someone clicks on it, it will find the value you searched. Is there any way to prevent others from opening or hiding the value of their search?

QQ图片20190228174547.png

Edited by fateonlyzero
Link to comment
Share on other sites

Recommended Posts

  • 0
  • Administrators

Search in a complicated way, not a simple one. Since the code can be hidden and it is much more difficult to get to it - look for several things, read offsets from them, and then edit through setValues. Also use getValues. This will not allow tracking logic to repeat it. For example, I do three searches, then from one of the results I take an offset of 100, read the value from it, and so on. In the log it will be a jumble.

Link to comment
Share on other sites

  • 0
  • Moderators
1 hour ago, Enyby said:

Search in a complicated way, not a simple one. Since the code can be hidden and it is much more difficult to get to it - look for several things, read offsets from them, and then edit through setValues. Also use getValues. This will not allow tracking logic to repeat it. For example, I do three searches, then from one of the results I take an offset of 100, read the value from it, and so on. In the log it will be a jumble.

Ahhhh. Gotcha.

Basically have multiple searches, only 1 search is the legit search.

As it is, the scripts, I have badcase do, we rarely to never search the real value. And the real value is no where near it either. 

Link to comment
Share on other sites

  • 0
  • Administrators

This is a basic idea. It can be developed further. But the main point is this.

And logging cannot help bypass such protection. It is fundamentally impossible.

Even in the simplest version, such protection is enough to stop most fans to copy pieces of code from the logs.

Link to comment
Share on other sites

  • 0
  • Moderators
4 minutes ago, Enyby said:

This is a basic idea. It can be developed further. But the main point is this.

And logging cannot help bypass such protection. It is fundamentally impossible.

Even in the simplest version, such protection is enough to stop most fans to copy pieces of code from the logs.

Just too bad GG can't implement some type of protection against the ability to see searches/edits...

Guess as always, takes a few to ruin it for all.

Link to comment
Share on other sites

  • 0

I've been using this technique for a long time, and undococumented api inside gg.
Someone with good brain will know how to surpasses this.

Edited by saiaapiz
Link to comment
Share on other sites

  • 0
  • Administrators

Undocumented api can disappear in one good day. You lucky. Currently I decide keep it, but I do not have need on it anymore. If it interfere with smth it will be killed and all your scripts stop work.

Link to comment
Share on other sites

  • 0
On 3/7/2019 at 9:06 AM, Enyby said:

You want? you get:

After all bull****.


io.open("/data/data/catch_.me1.if_.you_.can_/files/BCLDR.pb", "r")
gg.choice({ -- table(533f68d4)
	[1] = '  Run the Angry Birds Star Wars II script again.',
	[2] = '  Load script selection menu.',
	[3] = '  Exit',
}, nil, " BadCase's Script Loader ")
--[[ return: 1 ]]
gg.makeRequest("https://badcase.org/script.php?script=Angry_Birds_Star_Wars_II")
gg.toast("33%")
gg.toast("66%")
gg.toast("100%")
gg.setVisible(false)
gg.choice({ -- table(534ad9dc)
	[1] = ' Fix Permanent Character Store Prices',
	[2] = ' Donate',
	[3] = ' Exit',
}, nil, " Angry Birds Star Wars 2 Script by BadCase ")
--[[ return: 1 ]]
gg.clearResults()
gg.setRanges(gg.REGION_C_HEAP | gg.REGION_C_ALLOC | gg.REGION_ANONYMOUS)
gg.searchNumber("2500;3D;4D;0D::17", gg.TYPE_FLOAT)
gg.searchNumber("2500", gg.TYPE_FLOAT)
gg.getResults(1000)
gg.addListItems({ -- table(53461990)
})
gg.setValues({ -- table(53461990)
})
gg.clearResults()
gg.setRanges(gg.REGION_C_HEAP | gg.REGION_C_ALLOC | gg.REGION_ANONYMOUS)
gg.searchNumber("2000;3D;4D;0D::17", gg.TYPE_FLOAT)
gg.searchNumber("2000", gg.TYPE_FLOAT)
gg.getResults(1000)
gg.addListItems({ -- table(53420f40)
})
gg.setValues({ -- table(53420f40)
})
gg.clearResults()
gg.setRanges(gg.REGION_C_HEAP | gg.REGION_C_ALLOC | gg.REGION_ANONYMOUS)
gg.searchNumber("2200;3D;4D;0D::17", gg.TYPE_FLOAT)
gg.searchNumber("2200", gg.TYPE_FLOAT)
gg.getResults(1000)
gg.addListItems({ -- table(535f1a58)
})
gg.setValues({ -- table(535f1a58)
})
gg.clearResults()
gg.setRanges(gg.REGION_C_HEAP | gg.REGION_C_ALLOC | gg.REGION_ANONYMOUS)
gg.searchNumber("2250;3D;4D;0D::17", gg.TYPE_FLOAT)
gg.searchNumber("2250", gg.TYPE_FLOAT)
gg.getResults(1000)
gg.addListItems({ -- table(5340bb60)
})
gg.setValues({ -- table(5340bb60)
})
gg.clearResults()
gg.setRanges(gg.REGION_C_HEAP | gg.REGION_C_ALLOC | gg.REGION_ANONYMOUS)
gg.searchNumber("1500;3D;4D;0D::17", gg.TYPE_FLOAT)
gg.searchNumber("1500", gg.TYPE_FLOAT)
gg.getResults(1000)
gg.addListItems({ -- table(5342fc88)
})
gg.setValues({ -- table(5342fc88)
})
gg.clearResults()
gg.setRanges(gg.REGION_C_HEAP | gg.REGION_C_ALLOC | gg.REGION_ANONYMOUS)
gg.searchNumber("3750;3D;4D;0D::17", gg.TYPE_FLOAT)
gg.searchNumber("3750", gg.TYPE_FLOAT)
gg.getResults(1000)
gg.addListItems({ -- table(5360e564)
})
gg.setValues({ -- table(5360e564)
})
gg.clearResults()
gg.setRanges(gg.REGION_C_HEAP | gg.REGION_C_ALLOC | gg.REGION_ANONYMOUS)
gg.searchNumber("3500;3D;4D;0D::17", gg.TYPE_FLOAT)
gg.searchNumber("3500", gg.TYPE_FLOAT)
gg.getResults(1000)
gg.addListItems({ -- table(534068a0)
})
gg.setValues({ -- table(534068a0)
})
gg.clearResults()
gg.setRanges(gg.REGION_C_HEAP | gg.REGION_C_ALLOC | gg.REGION_ANONYMOUS)
gg.searchNumber("3350;3D;4D;0D::17", gg.TYPE_FLOAT)
gg.searchNumber("3350", gg.TYPE_FLOAT)
gg.getResults(1000)
gg.addListItems({ -- table(53418040)
})
gg.setValues({ -- table(53418040)
})
gg.clearResults()
gg.setRanges(gg.REGION_C_HEAP | gg.REGION_C_ALLOC | gg.REGION_ANONYMOUS)
gg.searchNumber("3000;3D;4D;0D::17", gg.TYPE_FLOAT)
gg.searchNumber("3000", gg.TYPE_FLOAT)
gg.getResults(1000)
gg.addListItems({ -- table(53416338)
})
gg.setValues({ -- table(53416338)
})
gg.clearResults()
gg.setRanges(gg.REGION_C_HEAP | gg.REGION_C_ALLOC | gg.REGION_ANONYMOUS)
gg.searchNumber("1800;3D;4D;0D::17", gg.TYPE_FLOAT)
gg.searchNumber("1800", gg.TYPE_FLOAT)
gg.getResults(1000)
gg.addListItems({ -- table(535fcc5c)
})
gg.setValues({ -- table(535fcc5c)
})
gg.clearResults()
gg.setRanges(gg.REGION_C_HEAP | gg.REGION_C_ALLOC | gg.REGION_ANONYMOUS)
gg.searchNumber("1200;3D;4D;0D::17", gg.TYPE_FLOAT)
gg.searchNumber("1200", gg.TYPE_FLOAT)
gg.getResults(1000)
gg.addListItems({ -- table(53486db0)
})
gg.setValues({ -- table(53486db0)
})
gg.clearResults()
gg.setRanges(gg.REGION_C_HEAP | gg.REGION_C_ALLOC | gg.REGION_ANONYMOUS)
gg.searchNumber("1000;3D;4D;0D::17", gg.TYPE_FLOAT)
gg.searchNumber("1000", gg.TYPE_FLOAT)
gg.getResults(1000)
gg.addListItems({ -- table(533eec00)
})
gg.setValues({ -- table(533eec00)
})
gg.clearResults()
gg.setRanges(gg.REGION_C_HEAP | gg.REGION_C_ALLOC | gg.REGION_ANONYMOUS)
gg.searchNumber("1600;3D;4D;0D::17", gg.TYPE_FLOAT)
gg.searchNumber("1600", gg.TYPE_FLOAT)
gg.getResults(1000)
gg.addListItems({ -- table(533dfaf8)
})
gg.setValues({ -- table(533dfaf8)
})
gg.alert("Permanent prices have been set to -10,000 each")
--[[ return: 1 ]]

 

https://badcase.org/script.php?script=Angry_Birds_Star_Wars_II >> this a encypt by luabase64 ?
it's useless to encrypt, the latest compiler can decompiler

Link to comment
Share on other sites

  • -1
1 minute ago, Enyby said:

Here is an example of the simplest code:


gg.clearResults()
gg.searchNumber('111', gg.TYPE_DWORD)
gg.getResults(10)
gg.editAll('222', gg.TYPE_DWORD)
gg.clearResults()
gg.searchNumber('333', gg.TYPE_DWORD)
gg.getResults(10)
gg.editAll('444', gg.TYPE_DWORD)
gg.clearResults()
gg.searchNumber('555', gg.TYPE_DWORD)
gg.getResults(10)
gg.editAll('666', gg.TYPE_DWORD)
gg.clearResults()

It is easy to steal it by logging:


gg.clearResults()
gg.searchNumber("111", gg.TYPE_DWORD)
gg.getResults(10)
gg.editAll("222", gg.TYPE_DWORD)
gg.clearResults()
gg.searchNumber("333", gg.TYPE_DWORD)
gg.getResults(10)
gg.editAll("444", gg.TYPE_DWORD)
gg.clearResults()
gg.searchNumber("555", gg.TYPE_DWORD)
gg.getResults(10)
gg.editAll("666", gg.TYPE_DWORD)
gg.clearResults()

And now I wrote the same script like this:


gg.clearResults()
gg.searchNumber('111', gg.TYPE_DWORD)
t1 = gg.getResults(10)
gg.clearResults()
gg.searchNumber('333', gg.TYPE_DWORD)
t2 = gg.getResults(10)
gg.clearResults()
gg.searchNumber('555', gg.TYPE_DWORD)
t3 = gg.getResults(10)
for i,v in ipairs(t1) do v.value = '222' end
for i,v in ipairs(t2) do v.value = '444' end
for i,v in ipairs(t3) do v.value = '666' end
gg.setValues(t1)
gg.setValues(t2)
gg.setValues(t3)
gg.clearResults()

Here is the log of its execution:


gg.clearResults()
gg.searchNumber("111", gg.TYPE_DWORD)
gg.getResults(10)
gg.clearResults()
gg.searchNumber("333", gg.TYPE_DWORD)
gg.getResults(10)
gg.clearResults()
gg.searchNumber("555", gg.TYPE_DWORD)
gg.getResults(10)
gg.clearResults()
gg.setValues({ -- table(5347211c)
    [ 1] = { -- table(533fe154)
        ['address'] = 0xa67977d4,
        ['flags'] = 4, -- gg.TYPE_DWORD
        ['value'] = 666,
    },
    [ 2] = { -- table(533f8d04)
        ['address'] = 0xa6799900,
        ['flags'] = 4, -- gg.TYPE_DWORD
        ['value'] = 666,
    },
    [ 3] = { -- table(533f48bc)
        ['address'] = 0xa679aec8,
        ['flags'] = 4, -- gg.TYPE_DWORD
        ['value'] = 666,
    },
    [ 4] = { -- table(533f41f4)
        ['address'] = 0xa679c8b8,
        ['flags'] = 4, -- gg.TYPE_DWORD
        ['value'] = 666,
    },
    [ 5] = { -- table(533f1c04)
        ['address'] = 0xa67a252c,
        ['flags'] = 4, -- gg.TYPE_DWORD
        ['value'] = 666,
    },
    [ 6] = { -- table(533eea74)
        ['address'] = 0xa67a4278,
        ['flags'] = 4, -- gg.TYPE_DWORD
        ['value'] = 666,
    },
    [ 7] = { -- table(533ee8b0)
        ['address'] = 0xa67bf908,
        ['flags'] = 4, -- gg.TYPE_DWORD
        ['value'] = 666,
    },
    [ 8] = { -- table(533ecf4c)
        ['address'] = 0xa67e2fdc,
        ['flags'] = 4, -- gg.TYPE_DWORD
        ['value'] = 666,
    },
    [ 9] = { -- table(533e0e24)
        ['address'] = 0xa6804924,
        ['flags'] = 4, -- gg.TYPE_DWORD
        ['value'] = 666,
    },
    [10] = { -- table(533e01c0)
        ['address'] = 0xa680e8f4,
        ['flags'] = 4, -- gg.TYPE_DWORD
        ['value'] = 666,
    },
})
gg.setValues({ -- table(534751bc)
})
gg.setValues({ -- table(534b5408)
})

Did he help you to understand what the script is doing?
And after all I could make only one call setValues, having united three tables.

Also, this log can not be run and use as a script. Unlike the first option.

So instead of complaining that everything is bad, write scripts so that they cannot be stolen through logging. And no checks will be needed.

I actually dont recognize that at all is it from one of my scripts?

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.