• CPP Detours finder POC
    6 replies, posted
GitHub link CPP Detours finder is a small lua Script detecting the address of the C/CPP (Not built-in like print) function in _G. I populates a database using of the addr (minus the offset, because after each changelevel/reboot functions got a new address) or each CPP/C Non-builtin functions in _G. It exports the database to a ready to use lua file that will warn you if there is any function detoured using a module. Right now, most of the DRM checks for Lua detours, you can easily bypass 99% of the DRM using a simple CPP detour. This is a POC showing other ways of detecting detours. I doubt it's update-proof I doubt it's going to work from an build-target to another.
This is pretty great and useful, what inspired you to make it?
A gmodstore guy using drm, I showed him he couldn't not detect my detours and I could crack his DRM easily. My CPP detours allowed me to crack his DRM and two others DRM (Including the DRM from the best selling gmodstore addon). Also i'm trying to get a fucking job so i need to add stuff to my github
This won't work between realms or after the lua environment shuts down. The only functions you could reliably check with this method are the native/builtin functions which you just completely ignore for some reason. Here's a much better way of doing it for anybody that wants to use this in DRM or anticheats: local function GetPointer(obj)     return string.format("%p", obj) end local BaseAddr = GetPointer(_G) print(string.format("Using _G (%d) as the base.", BaseAddr)) print("HTTP:", BaseAddr - GetPointer(HTTP)) print("RunString:", BaseAddr - GetPointer(RunString)) print("print:", BaseAddr - GetPointer(print)) print("tostring:", BaseAddr - GetPointer(tostring)) print("debug.getinfo:", BaseAddr - GetPointer(debug.getinfo)) --[[     -- Original:     Using _G (568660800) as the base.     HTTP:   -264193624     RunString:  -264191768     print:  -22344     tostring:   -21856     debug.getinfo:  -30376     -- Retry:     Using _G (268374848) as the base.     HTTP:   -127312     RunString:  -125456     print:  -22344     tostring:   -21856     debug.getinfo:  -30376     -- Server Restart:     Using _G (502862656) as the base.     HTTP:   -235357784     RunString:  -235355928     print:  -22344     tostring:   -21856     debug.getinfo:  -30376     -- Game Restart:     Using _G (822809408) as the base.     HTTP:   -869976     RunString:  -868120     print:  -22344     tostring:   -21856     debug.getinfo:  -30376 ]]
shit, i was pretty sure i tested it after rebooting gmod
https://files.facepunch.com/forum/upload/81200/7f70e8ef-411c-4279-8471-40a5ae69259e/image.png https://files.facepunch.com/forum/upload/81200/bcd3bf10-fa71-4715-868a-924f060dc59a/image.png
I can replicate the issue on the client, not on the server. It not meant to work on client tho
Sorry, you need to Log In to post a reply to this thread.