GoudaGuy

()

Reputation: 4 [rate]

Joined: Jun, 2022

Last online:

Profile Picture

Bio

Beginner Reverse Engineer.


Activity Feed


Replied to thread: Help me please idk what happened.


so the error says that you tried to sent a packet with a wrong format

 

yeah...

Replied to thread: How to execute lua once a DLL is injected?


Hello

 

Ignore my grammary brah

 

when you dont understand something then dm me NASC#8366

 

So

Simply we only got to get all the functions we need to execute scripts that are in the open sourced luau source so we only gotta find them right?

for a simply exploit you need the functions:

luau_load

(a function that calls code like) : (luau)lua_pcall, (rbx)spawn,(rbx)task.defer

 

Isnt that hard right?

now comes the hard stuff so we need to get lua_state they randomize all offsets every update so using the luau src wont help until you change the offsets also in the src(i dont recomend to do that its a bit hard).

Roblox also secured the strings so ida will fail at analyzing xrefs from strings they do 0x65436-0x546573 is the string for example so we gotta write a decryptor i already made one i wont leak it but dm me on discord then i can send it to you its a ida script 


How to get lua state?

there isnt really a ptr to it its secured its a property of script context they do *(DWORD*)(like script_context + 0x40)  * 0x34654 for example to get lua state there is a function called GetLuaState(DWORD scriptcontext,int* type=0) that returns lua state but now we need script context.

 

How to get script context?

its a offset of WaitingHybridScriptsJob(or however it was called)

 

How to get WaitingHybridScriptsJob?

Its a job so its we need to get the jobs and loop trough all jobs until it matches the name that we need

 

How to get The Jobs?

its a offset of Task Scheduler

 

How to get Task Scheduler?

there is a function called getTaskScheduler how to get it? there are strings to it one string is "FrameTime" or "FrameItem" then one call up then the only call in that function is getTaskScheduler

 

So now we have everything right?

nope there is still Retcheck it triggers when you call a function from a location that isnt in a range to bypass it patch it or change the location you called the function how to do that? just get lua_getfield and decompile and scroll down you can see there is like 

 

if(retaddr < 0xf43656 && retaddr > 0x55656)

{

TriggerRetcheck()

}

 

so use your brain to bypass thats also a example the 0x55656 isnt the real addy in that function

 

I hope this helped you when you still need help cuz i explained something trashy dm me

Replied to thread: i need help getting rlua types


so lets forgot about the past im toxic against kids nstuff but lets forget  that so roblox obfuscated their strings so you gotta unobfuscate it i made a unobofscater for roblox deobfuscates 5K strings and it works perfect its a ida py script i wont leak it here so when you want the script dm me when you wanna create your own deobfuscater then here is how it works:

lets say a function call has a obfuscatted string as arg so roblox does: idk(lua_state,0x43557-0x4672,idk2) we can see the minus stuff does do the string stuff very simple but roblox has multiple ways to do that like 5 and also with some changed op codes that doesnt make sense and also ida does analyze it wrong cuz ida sees a random hex number so it thinks it will access that and when there is a string at the addy then ida does display


RandomString-0x435643 thats a bit weird but you can right click it and display as hex and also there is another obfuscation does the same but with changed opcodes and on mac they do + 

 

yup thats all i guess

Created a new thread: Questions about skidding


Hello

 

Is it skidding when you reverse a executor like a retcheck bypass and you use it in your executor? and is it skidding when there is a retcheck bypass on github that got patched and you repair it and use it?

Replied to thread: Unexpected client behavior with JJ


@mwc94087

when its using the same api it wont update faster

Created a new thread: [NEWS]Roblox uninlined most of their functions


Hello

the title says everything but i have a few things to say about it 

so i think its gonna be just for a week but who knows. It could be that the new ac update would unininline every function and just add some other protection but i think it wont be that hard to bypass we are a big strong community and when everyone is sharing what they figured out we could bypass it very easy but more people knowing it = higher chance that a roblox admin finds it. I had the idea to make like a verified only server on dc or maybe a section on wearedevs where only verifed guys are so the roblox admins wont see it.

 

I hope they wont inline it again

Replied to thread: c00lkid script


gaykid script

Replied to thread: CHEAP DISCORD NITRO | YOUTUBE PREMIUM | DISNEY+ | SPOTIFY | CRUNCHYROLL | %100 LEGAL


vouch he did even help me with my wallet lol

Replied to thread: Exploits and JJsploit Not Working


listen kids just read the damn error it says 

"You're running a unsupported version ROBLOX. WRD-API is updated for version-aa6e1ad459964fc3"

SO you just gotta wait until WRD-API UPDATES for the newest version :)

https://cdn.discordapp.com/emojis/667892655036039169.png

Replied to thread: JJSPLOIT Not Working


@Adogox

you gotta inject a dll into the roblox servers that downgrades the version should be pretty easy with some knowledge

 

Replied to thread: How tf do i make an account system?


get a database to save data like logins nstuff and make the login process on a server not on client with login process i mean the part where its checking if the password and username is right

Replied to thread: yo can someone help me out?


ok.

try ddossing roblox server

Replied to thread: max speed automatic gain speed script


vouch this script is pretty good i works perfect and was also alot of affort to create 100% vouch continue scripting my guy

Replied to thread: jjsploit cryptominer


bro you gotta learn http the best programming language first to say that jjsploit is a virus

#abyss