Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #pragma once
- #include <Windows.h>
- #include <algorithm>
- #include <string>
- #include <vector>
- #include <iostream>
- #include <sstream>
- #include"RBLOX_Varibles_Scanning.h"
- #include"Bypasses.h"
- #define aslr(x)(x - 0x400000 + (DWORD)GetModuleHandleA(0))
- // int v41;
- int v49 = 1;
- /*
- #define RBLOX_GetField 0x73C460 // CORRECT c
- #define ScriptContextVFTTable 0x6B94B6 // CORRECT HERE C
- #define RARJZ_Bypass 0x7385F7 // NOT RIGHT
- #define RBLOX_GetMetatable 0x73F7B0 // NOT RIGHT
- #define RBLOX_Pushstring 0x73D830 // CORRECT C
- #define RBLOX_Pushvalue 0x740950 // NOT RIGHT
- #define RBLOX_Pcall 0x73D250 // CORRECT C
- #define RBLOX_Setfield 0x73E230 //CORRECT C
- #define RBLOX_Pushnumber 0x73D7A0 // CORRECT c
- #define RBLOX_tolString 0x7418A0 // NOT RIGHT
- #define RBLOX_toBoolean 0x73E790 // CORRECT c
- #define RBLOX_Settop 0x73E230 // CORRECT c
- // #define RBLOX_contextlevel 0x222
- #define RBLOX_Next 0x72F6F0 // CORRECT c
- */
- /*
- GEtfield:
- 1: can't debug
- 2: click sub, f5 in sub and find
- sub_xxxxxx(v5, -1002, "script");
- */
- // Getfield, RarJz Bypass, Pushvalue, pcall, pushnumber and next, and all calling conventions
- #define RBLOX_GetField 0x7451C0 // C
- #define ScriptContextVFTTable 0x6C09E6 //
- #define RARJZ_Bypass 0x73CBE0 // NO
- #define RBLOX_GetMetatable 0x743DE0 // C
- #define RBLOX_Pushstring 0x744EE0// C
- #define RBLOX_Pushvalue 0x744FC0 // C
- #define RBLOX_Pcall 0x744910 // C
- #define RBLOX_Setfield 0x7458E0 // C
- #define RBLOX_Pushnumber 0x744E50 // C
- #define RBLOX_tolString 0x745EF0 // C
- #define RBLOX_toBoolean 0x745E30 // C
- #define RBLOX_Settop 0x745CB0 // C
- // #define RBLOX_contextlevel 0x222
- #define RBLOX_Next 0x744790 // C
- /*
- LuaState: *(_DWORD *)(ScriptContext + 56 * v49 + 164) - (ScriptContext + 56 * v49 + 164);
- getfield: 0x73D980
- ScriptContextVFT: 0x6B7126
- GetMetaTable: 0x73DC50
- Pushstring: 0x73ED30
- Pcall: 0x73E760
- setfield:0x73F760
- Pushnumber: 0x73ECA0
- toLstring: 0x73FD80
- toboolean: 0x73FCC0
- Settop: 0x73FB40
- */
- namespace Main_memoryfunction {
- bool Compare(const char* char1, const char* char2, const char* char3) {
- while (*char3) {
- if (*char3 != '?') {
- if (*char1 != *char2) return 0;
- }
- ++char1, ++char2, ++char3;
- }
- return 1;
- }
- DWORD RBLOX_VFTableScan(const char* vftable) {
- MEMORY_BASIC_INFORMATION asd1 = { 0 };
- SYSTEM_INFO asd2 = { 0 };
- GetSystemInfo(&asd2);
- DWORD st = (DWORD)asd2.lpMinimumApplicationAddress;
- DWORD en = (DWORD)asd2.lpMaximumApplicationAddress;
- do {
- while (VirtualQuery((void*)st, &asd1, sizeof(asd1))) {
- if ((asd1.Protect & PAGE_READWRITE) && !(asd1.Protect & PAGE_GUARD)) {
- for (DWORD i = (DWORD)(asd1.BaseAddress); i - (DWORD)(asd1.BaseAddress) < asd1.RegionSize; ++i) {
- if (Compare((const char*)i, vftable, "xxxx"))
- return i;
- }
- }
- st += asd1.RegionSize;
- }
- } while (st < en);
- return 0;
- }
- }
- DWORD unprotect(DWORD addr) {
- BYTE* tAddr = (BYTE *)addr;
- do {
- tAddr += 0x10;
- } while (!(tAddr[0] == 0x55 && tAddr[1] == 0x8B && tAddr[2] == 0xEC));
- DWORD funcSz = tAddr - (BYTE*)addr;
- PVOID nFunc = VirtualAlloc(NULL, funcSz, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
- if (nFunc == NULL)
- return addr;
- memcpy(nFunc, (void*)addr, funcSz);
- DWORD pos = (DWORD)nFunc;
- BOOL valid = false;
- do {
- if (*(BYTE*)pos == 0x72 && *(BYTE*)(pos + 0x2) == 0xA1 && (*(BYTE*)(pos + 0x7)) == 0x8B) {
- memcpy((void*)pos, "\xEB", 1);
- DWORD cNFunc = (DWORD)nFunc;
- do {
- if (*(BYTE*)cNFunc == 0xE8)
- {
- DWORD tFunc = addr + (cNFunc - (DWORD)nFunc);
- DWORD oFunc = (tFunc + *(DWORD*)(tFunc + 1)) + 5;
- if (oFunc % 16 == 0)
- {
- DWORD realCAddr = oFunc - cNFunc - 5;
- *(DWORD*)(cNFunc + 1) = realCAddr;
- }
- cNFunc += 5;
- }
- else
- cNFunc += 1;
- } while (cNFunc - (DWORD)nFunc < funcSz);
- valid = true;
- }
- pos += 1;
- } while (pos < (DWORD)nFunc + funcSz);
- if (!valid) {
- VirtualFree(nFunc, funcSz, MEM_RELEASE);
- return addr;
- }
- return (DWORD)nFunc;
- }
- DWORD ScriptContext_MAIN, RBLOX_LuaState;
- // v41 is ScriptContext
- // int v49 = 1;
- int v50 = 1;
- //int v49 = 1;
- void RBLOX_MainScan() { // LuaState
- DWORD Main_5 = aslr(ScriptContextVFTTable); // THIS
- DWORD VFTTABLE_MAIN = *(DWORD*)(Main_5 + 0x2); // B E G O N E T H 0 T (KingEzz u hab autisim variables)
- ScriptContext_MAIN = Main_memoryfunction::RBLOX_VFTableScan((char*)&VFTTABLE_MAIN);
- // RBLOX_LuaState = (ScriptContext_MAIN + 56 * v49 + 164) ^ *(DWORD *)(ScriptContext_MAIN + 56 * v49 + 164); // Lua_State
- // v50 = (v41 + 56 * v49 + 164) ^ *(_DWORD *)(v41 + 56 * v49 + 164);
- // (ScriptContext + 220) ^ *(DWORD *)(ScriptContext + 220)
- // RBLOX_LuaState = (ScriptContext_MAIN + 56 * v50 + 164) - *(DWORD *)(ScriptContext_MAIN + 56 * v50 + 164);
- RBLOX_LuaState = (ScriptContext_MAIN + 56 * 1 + 164) - *(DWORD *)(ScriptContext_MAIN + 56 * 1 + 164);
- // v51 = (int)((char *)v39 + 56 * v50 - *((_DWORD *)v39 + 14 * v50 + 41) + 164);
- // *(DWORD *)(ScriptContext + 56 * 1 + 164) - (ScriptContext + 56 * 1 + 164); // 5/30/2018
- // ScriptContext_MAIN + 56 * v50 + 164 - *(DWORD *)(ScriptConext_MAIN + 56 * v50 + 164);
- // v51 = *(DWORD *)(ScriptContext_MAIN + 56 * 1 + 164) - (ScriptContext_MAIN + 56 * 1 + 164);
- }
- /*
- typedef void(__cdecl* alua_getfield)(DWORD L, int x, const char* y);
- alua_getfield lua_getfield = (alua_getfield)unprotect(os(0x7451C0));
- typedef int(__fastcall* alua_setfield)(DWORD ls, int x, const char* y);//changed from void to int
- alua_setfield ulua_setfield = (alua_setfield)unprotect(os(0x7458E0));
- typedef int(__cdecl* alua_call)(DWORD ls, int args, int results);
- alua_call lua_call = (alua_call)unprotect(os(0x743520));
- typedef void(__cdecl* alua_pushvalue)(DWORD ls, int x);
- alua_pushvalue lua_pushvalue = (alua_pushvalue)unprotect(os(0x744FC0));
- typedef bool(__cdecl* alua_toboolean)(DWORD ls, int x);
- alua_toboolean lua_toboolean = (alua_toboolean)unprotect(os(0x745E30));
- typedef const char*(__stdcall* alua_tolstring)(DWORD ls, int x, size_t y);
- alua_tolstring lua_tolstring = (alua_tolstring)unprotect(os(0x745EF0));
- typedef void(__cdecl* alua_pushboolean)(DWORD ls, bool b);
- alua_pushboolean lua_pushboolean = (alua_pushboolean)unprotect(os(0x7449E0));
- typedef void(__cdecl* alua_settop)(DWORD ls, int y);
- alua_settop lua_settop = (alua_settop)unprotect(os(0x745CB0));
- typedef void(__stdcall* alua_pushstring)(DWORD ls, const char* y);
- alua_pushstring lua_pushstring = (alua_pushstring)unprotect(os(0x744EE0));// new check?
- typedef int(__stdcall* alua_pushnumber)(DWORD ls, double n);//changed from void to int
- alua_pushnumber lua_pushnumber = (alua_pushnumber)unprotect(os(0x744E50));
- typedef int(__cdecl* alua_getmetatable)(DWORD ls, int x);
- alua_getmetatable lua_getmetatable = (alua_getmetatable)unprotect(os(0x743DE0));
- typedef int(__cdecl* alua_type)(DWORD a1, int a2);
- alua_type lua_type = (alua_type)unprotect(os(0x746340));
- typedef int(__cdecl* alua_next)(DWORD a1, int a2);
- alua_next lua_next = (alua_next)unprotect(os(0x744790));
- #define aScriptContext os(0x113A3C8)
- #define Identity os(0x173B1D0)
- ScriptContext + 56 * 1 + 164 - *(DWORD *)(ScriptContext + 56 * 1 + 164);
- */
- namespace RBLX_RLUAMAIN {
- typedef void(__stdcall* RBLOX_pushstring_)(int RBLX_State, const char* s); // C
- typedef void(__cdecl* RBLOX_pushvalue_)(int RBLX_State, int idx); // C
- typedef int(__cdecl* RBLOX_getmetatable_)(int RBLX_State, int idx); // C
- typedef void(__cdecl* RBLOX_settop_)(int RBLX_State, int top); // C
- typedef int(__cdecl* RBLOX_toboolean_)(int RBLX_State, int idx); // C
- typedef void(__cdecl* RBLOX_getfield_)(int RBLX_State, int idx, const char* k); // C
- typedef void(__stdcall* RBLOX_pushnumber_)(int RBLX_State, double n); // C
- typedef int(__cdecl* RBLOX_pcall_)(int RBLX_State, int nargs, int nret, int errfunc); // C
- typedef void(__fastcall* RBLOX_setfield_)(int RBLX_State, int idx, const char* k); // C IDK HOW
- typedef const char*(__stdcall* RBLOX_tolstring_)(int RBLX_State, int idx, int asd); // C
- typedef int(__cdecl* RBLOX_next_)(int lua_State, int something); // C
- typedef int*(__cdecl* RBLOX_getcontext_)();
- // im just dumb /shrug
- RBLOX_settop_ RBLOX_settop;
- RBLOX_getfield_ RBLOX_getfield;
- RBLOX_pushstring_ RBLOX_pushstring;
- RBLOX_pushvalue_ RBLOX_pushvalue;
- RBLOX_pcall_ RBLOX_pcall;
- RBLOX_setfield_ RBLOX_setfield;
- RBLOX_pushnumber_ RBLOX_pushnumber;
- RBLOX_tolstring_ RBLOX_tolstring;
- RBLOX_toboolean_ RBLOX_toboolean;
- RBLOX_getmetatable_ RBLOX_getmetatable;
- RBLOX_next_ RBLOX_next;
- RBLOX_getcontext_ RBLOX_getcontext;
- void RBLOX_POP(int RbxState, int n);
- void INTILIZING() {
- RBLOX_getmetatable = (RBLOX_getmetatable_)unprotect(aslr(RBLOX_GetMetatable));
- RBLOX_settop = (RBLOX_settop_)unprotect(aslr(RBLOX_Settop));
- RBLOX_getfield = (RBLOX_getfield_)unprotect(aslr(RBLOX_GetField));
- RBLOX_pushstring = (RBLOX_pushstring_)unprotect(aslr(RBLOX_Pushstring));
- RBLOX_pushvalue = (RBLOX_pushvalue_)unprotect(aslr(RBLOX_Pushvalue));
- RBLOX_pcall = (RBLOX_pcall_)unprotect(aslr(RBLOX_Pcall));
- RBLOX_setfield = (RBLOX_setfield_)unprotect(aslr(RBLOX_Setfield));
- RBLOX_pushnumber = (RBLOX_pushnumber_)unprotect(aslr(RBLOX_Pushnumber));
- RBLOX_tolstring = (RBLOX_tolstring_)unprotect(aslr(RBLOX_tolString));
- RBLOX_toboolean = (RBLOX_toboolean_)unprotect(aslr(RBLOX_toBoolean));
- RBLOX_next = (RBLOX_next_)unprotect(aslr(RBLOX_Next));
- // RBLOX_getcontext = (RBLOX_getcontext_)aslr(RBLOX_contextlevel);
- }
- // BYPASSES
- void jnz(int addr) {
- DWORD o_buff;
- VirtualProtect((void*)addr, 5, PAGE_EXECUTE_READWRITE, &o_buff);
- *(char*)addr = 0x75;
- VirtualProtect((void*)addr, 5, o_buff, &o_buff);
- }
- void jz(int addr) {
- DWORD o_buff;
- VirtualProtect((void*)addr, 5, PAGE_EXECUTE_READWRITE, &o_buff);
- *(char*)addr = 0x74;
- VirtualProtect((void*)addr, 5, o_buff, &o_buff);
- }
- void set() {
- jnz(aslr(RARJZ_Bypass));
- }
- void restore() {
- jz(aslr(RARJZ_Bypass));
- }
- int RBLX_GetMetatable(int RbxState, int idx) {
- set();
- int ret = RBLOX_getmetatable(RbxState, idx);
- restore();
- return ret;
- }
- void RBLX_Settop(int RbxState, int top) {
- set();
- RBLOX_settop(RbxState, top);
- restore();
- }
- void RBLX_Getfield(int RbxState, int idx, const char* k) {
- set();
- RBLOX_getfield(RbxState, idx, k);
- restore();
- }
- void RBLX_pushstring(int RbxState, const char* k) {
- set();
- RBLOX_pushstring(RbxState, k);
- restore();
- }
- void RBLX_pushvalue(int RbxState, int idx) {
- set();
- RBLOX_pushvalue(RbxState, idx);
- restore();
- }
- int RBLX_pcall(int RbxState, int nargs, int nret, int errfunc) {
- set();
- int ret = RBLOX_pcall(RbxState, nargs, nret, errfunc);
- restore();
- return ret;
- }
- void RBLX_pushnumber(int RbxState, double n) {
- set();
- RBLOX_pushnumber(RbxState, n);
- restore();
- }
- const char* RBLX_tostring(int RbxState, int idx) {
- set();
- const char* ret = RBLOX_tolstring(RbxState, idx, 0);
- restore();
- return ret;
- }
- int RBLX_toboolean(int RbxState, int idx) {
- set();
- int ret = RBLOX_toboolean(RbxState, idx);
- restore();
- return ret;
- }
- int RBLX_next(int RbxState, int something) {
- set();
- int ret = RBLOX_next(RbxState, something);
- restore();
- return ret;
- }
- void RBLX_pop(int RbxState, int n) {
- RBLX_Settop(RbxState, -(n)-1);
- }
- void RBLX_pushnil(int RbxState) {
- *(DWORD*)(*(DWORD*)(RbxState + 24) + 8) = 0;
- *(DWORD*)(RbxState + 24) += 16;
- }
- void RBLX_getglobal(int RbxState, const char* k) {
- RBLX_Getfield(RbxState, -10002, k);
- }
- void RBLX_setfield(int RbxState, int idx, const char* k) {
- RBLX_pushvalue(RbxState, idx);
- if (RBLX_GetMetatable(RbxState, -1)) {
- RBLX_Getfield(RbxState, -1, "__newindex");
- RBLX_pushvalue(RbxState, -3);
- RBLX_pushstring(RbxState, k);
- RBLX_pushvalue(RbxState, -6);
- RBLX_pcall(RbxState, 3, 0, 0);
- RBLX_pop(RbxState, 3);
- }
- else {
- RBLX_pop(RbxState, 1);
- set();
- RBLOX_setfield(RbxState, idx, k);
- restore();
- }
- }
- };
- /*
- */
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement