lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index] 

On Apr 15, 2012, at 1:01 PM, Peter Cawley wrote:

> On Sun, Apr 15, 2012 at 5:19 PM, Jay Carlson <nop@nop.com> wrote:
>> FWIW, my guess is there are multiple sophisticated Lua bytecode
>> reverse-engineering tools in current use, but that they are not public.
> 
> Out of interest, could you elaborate on why you believe this to be the
> situation?

There are public reverse-engineering tools of varying degrees of sophistication for all kinds of obscure execution environments; I'm thinking of some of the one-off Hitachi microcontrollers. Lua has been used lots of places, and with that it only needs a small probability somebody will do it for any individual case. Some people somewhere have probably decided the fastest path from point A to B is to understand and modify Lua code instead of the hosting C environment (which they also already have a zillion tools for). 

Tools for cheating in multiplayer online games come to mind. Let's look at the analysis phase. Getting debug probes into an environment may happen well after startup, or you may be limited to post-mortem memory snapshots. Even if you can execute arbitrary Lua chunks and examine the results, exploring the globals in the environment will get Lua bytecode instead of source. Once you have bytecode you obviously disassemble it; I would guess some people got tired of staring at that and built better tools for visualization, even if not capable of full round-trip bytecode->lua->bytecode engineering.

Game cheating is amateur hour. Professionals have done some pretty amazing things in modchips and smartcard exploitation, so I'm extrapolating. 

It's not really my kind of thing though. My own aspirations are more limited: some way of ripping out the goddamn unreadable Rift font and putting in an option for something more legible like Mistral or Lucida Blackletter. One would not have to settle for relative improvement at that point, and actually go for something designed for screen readability like Lucida Sans (UI font in a couple of major 3d games), Droid Sans (roughly metric compatible), or DejaVu Sans (and the last two are freely redistributable, hint hint). I might have gotten as far as taking apart the PAK files and jailing the patcher before getting bored and learning to live with the eyestrain. Hypothetically. [1]

Jay

[1]: I would like to maintain a figleaf of deniability on any possible ToS violation.