Checking if a hook exists on a client.

How would I check to see if a hook exists on a client? Would I use hook.Call or something?


[editline]14th September 2015[/editline]

if hook.GetTable()[“nameToTest”] then

Alright thanks.

Also, how would you check if a concommand existed(besides ConVarExists)

if concommand.GetTable()[string.lower(“nameToTest”)] then

this one is only made lowercase because that’s how the concommand library adds it to the internal table of commands


One thing to note is that

concommand.GetTable only contains console commands added through

concommand.Add, so C++ cheats won’t be able to be detected that way (I’m assuming you’re creating some sort of anti-cheat). I think a way you can test for C++ cheating console commands is by attempting to add the command yourself. Since concommand.Add fails if the concommand was added through C++, you should be able to do something like this.
[lua]local function CommandExists(command)
if (concommand.GetTable()[command:lower()]) then
return true

local exists = true

concommand.Add(command, function()
    exists = false


if (!exists) then

return exists

I haven’t tested it, but it should work.

Hmm…interesting. And yes, I am (attempting) to code an okay anti cheat. Mostly one to detect simple LUA hacks.

So far what I have is fairly good, all the scripts I’ve thrown at it have been caught.

What I might attempt to do is make it based off hooks(As in get all the hooks currently in the server, and compare it against what hooks the client has, and if the client has differing hooks, it bans em.)

so long as your server is running sv_allowcslua 0

[editline]14th September 2015[/editline]

they could always just override your code though, even overriding player:SendLua()

I’m wondering if checking for functions would be better than hooks.

What do you guys think?

Most cheats make their functions local.

well if i’m wrong you could at least explain, for OP and my sake both, instead of being so passive aggressive

i’m not upset; that would really be better for everyone

I agree, I hate people rating dumb or disagree without explaining why, unless it’s a super obvious reason. In this case I think it’s because you said a clientside script could override ply:SendLua, which is not possible.

I’ve heard people being able to catch and/or block ply:SendLua using a DLL. I guess the best way is to ping the client and see if it responds.

But before this turns into another anti-cheat thread:

  • Admins are the best form of anti-cheat, some are more effective than others, so choose them wisely.
  • The best anti-cheat is your own anti-cheat. Just know that nothing is hacker proof.

It’s possible to block ply:SendLua/BroadcastLua using pure Lua. Something to do with debug.sethook and checking that the source of a sethook call is LuaCmd, and then calling error() afterwards to stop execution of any lua.

Also, yes, it is possible to fully intercept, block or change the contents of any SendLua or BroadcastLua using a binary module.


I used to do this in SH days, ping the client and see if there was a response back, if not flag em. That was before I discovered that

if (PrintTable) then

gave a nice 100% detection rate on clients and was never fixed.

Anticheat type stuff is especially fun because its a game of cat and mouse, you can come up with some ingenious contraptions of you get really creative.

Bypassing sv_allowcslua is not really an issue to bypass, especially with cache modification that doesn’t need allowcslua at all.

huh, i don’t understand your sentence

Bypassing sv_allowcslua 0 is not a problem.

Yeah, when I was going through cheats to find ways the black list them, I came across one(full lua) that would notify the user of SendLua breing sent and then block it, mostly this one: while true do end.