GitHub link
CPP Detours finder is a small lua Script detecting the address of the C/CPP (Not built-in like print) function in _G.
I populates a database using of the addr (minus the offset, because after each changelevel/reboot functions got a new address) or each CPP/C Non-builtin functions in _G.
It exports the database to a ready to use lua file that will warn you if there is any function detoured using a module.
Right now, most of the DRM checks for Lua detours, you can easily bypass 99% of the DRM using a simple CPP detour.
This is a POC showing other ways of detecting detours.
I doubt it's update-proof
I doubt it's going to work from an build-target to another.
This is pretty great and useful, what inspired you to make it?
A gmodstore guy using drm, I showed him he couldn't not detect my detours and I could crack his DRM easily. My CPP detours allowed me to crack his DRM and two others DRM (Including the DRM from the best selling gmodstore addon).
Also i'm trying to get a fucking job so i need to add stuff to my github
This won't work between realms or after the lua environment shuts down. The only functions you could reliably check with this method are the native/builtin functions which you just completely ignore for some reason.
Here's a much better way of doing it for anybody that wants to use this in DRM or anticheats:
local function GetPointer(obj)
return string.format("%p", obj)
end
local BaseAddr = GetPointer(_G)
print(string.format("Using _G (%d) as the base.", BaseAddr))
print("HTTP:", BaseAddr - GetPointer(HTTP))
print("RunString:", BaseAddr - GetPointer(RunString))
print("print:", BaseAddr - GetPointer(print))
print("tostring:", BaseAddr - GetPointer(tostring))
print("debug.getinfo:", BaseAddr - GetPointer(debug.getinfo))
--[[
-- Original:
Using _G (568660800) as the base.
HTTP: -264193624
RunString: -264191768
print: -22344
tostring: -21856
debug.getinfo: -30376
-- Retry:
Using _G (268374848) as the base.
HTTP: -127312
RunString: -125456
print: -22344
tostring: -21856
debug.getinfo: -30376
-- Server Restart:
Using _G (502862656) as the base.
HTTP: -235357784
RunString: -235355928
print: -22344
tostring: -21856
debug.getinfo: -30376
-- Game Restart:
Using _G (822809408) as the base.
HTTP: -869976
RunString: -868120
print: -22344
tostring: -21856
debug.getinfo: -30376
]]
shit, i was pretty sure i tested it after rebooting gmod