Please explain how an LBI works

Can someone please tell me how an LBI works?

I can already see a long a$$ reply from OpenGamerTips

So basically you get bytecode (from luac or string.dump) and you deserialize it (actually u dont have to but thats what i do) then you do vm stuff with this: Opcode, A, B, C, Bx, sBx

resource: http://luaforge.net/docman/83/98/ANoFrillsIntroToLua51VMInstructions.pdf

my deserializer (probably bad): https://repl.it/@0xH3x0R/LuaBytecodeUtils#Main/Deserialize.lua

an exploit lbi is different from a lua lbi. luau serialized lbi's are just shot through the game to acheive execution

@DeepPain LOL

I understand everything except the opcode part @OpenGamerTips

@xScepterz okay so theres a virtual machine and to execute things on it there has to be opcodes

for example OP_MOVE is 0x0. https://h3x0r.likes-throwing.rocks/gTeD1U.png

So lets say we have a stack that has two values in it ("Hello, " and "World!")

We can see move's actions here: https://h3x0r.likes-throwing.rocks/lVhUVE.png

:= is psuedocode for setting a variable, in this case it would be:

Stack[Instruction.A] = Stack[Instruction.B]

because the R is a Register which is basically a stack.

So if i went like this:

MOVE 1 2 would make the stack look like this:

"Hello,", "Hello,"

instead of

"Hello,", "World!"

@OpenGamerTips also I made a nertivia acc and sent you a friend request

@DeepPain ok

@OpenGamerTips Dude do you know what you're talking about? if roblox used vanilla lua 5.1 bytecode then you would just load vanilla bytecode. Needless to say, this isn't how things work. Roblox has a custom VM and compiler, it's called Luau. Luau has more registers than vanilla lua, has more opcodes, and does a lot of things differently, you can't load vanilla 5.1 bytecode expecting it to work.

The way an LBI works is as follows:
You create a game with a script to interpret vanilla bytecode, and make sure it's disabled.

Then you play your game and open the console, write a script to change the enabled property to true. 

Inject a dll that logs deserialize calls, and run the script.

Now you have the bytecode in a precompiled Luau format!

As for running it, you call the deserialize function with the bytecode, and it'll push a lclosure onto the stack.

Finally you can spawn it and it'll run your LBI.

From that point on you can just load vanilla bytecode into your LBI

@0x90ik i defined a lua 5.1 bytecode interpreter u dont have to get toxic about my post wtf

u probably havent even written an intepreter u prob use rerubi or fione

@OpenGamerTips I've written an interpreter in lua for 5.1 bytecode, I've written a VM and deserializer in C++, I've written a compiler to a custom bytecode format. I don't use rerubi or fione, I don't use LBI's because my brain isn't caved in.