• How to prevent people from stealing your Lua scripts.
    117 replies, posted
[QUOTE=SashaWolf;40446796]I don't use lua in my clientside scripts. I have been writing my clientside stuff in c++ (challenging, more practice with c++, asm, and reversing, useable in other games, faster, more secure from anticheats, more flexibility, less-trodden road #hipster, more stuff to use, more fun). Any clientside server scripts I have made can't be precompiled anyway, so it doesn't matter.[/QUOTE] Then you don't need to obfuscate either. [QUOTE=SashaWolf;40446796] Gmod uses lua, so it is kind of a forced-opensource community. I am a semi-supporter of opensource things. There are many things I would be fine with releasing to the public, but there are other things I want to keep for myself. I don't see anything wrong with that.[/QUOTE] I have scripts that I want to keep to myself as well. Obfuscation is not the way to do that, as I said before. [QUOTE=SashaWolf;40446796] I really don't know about any of those, but it's not as if anyone is forcing you to use them. If you suspect my stuff or anyone elses has malicious code in it, then don't use it. Everything in Sethhack could be found in any of the dozens of hacks out there available for free. As with any piece of software, you take a risk in running it.[/QUOTE] Both scripts from Conna and Seth were sold for money. It's a stab in the back if the script you bought has exploits in it. I've never used either script, but I've heard many complain about them. Understandably when you paid money for something that's ridden with exploits. The chance of backdoors is much lower in open source software. People scrutinize code to look for backdoors. [QUOTE=Acecool;40447093]Just because the community may be "open-source" doesn't mean that you can't retain intellectual property rights, or that you're forced to release your work for public consumption.[/QUOTE] I agree completely. I don't see why you're talking about intellectual property rights and being forced to release scripts. I didn't say nor imply either of those. I'm just saying that people don't trust released scripts that they can't read the source code of. If you're taking the effort to make it unreadable, surely you must be hiding something (that is the suspicion). It has nothing to do with IP or having to release everything. [QUOTE=Acecool;40447093]Obfuscating is only good if it's automated[/QUOTE] Obfuscating is easily reversible and therefore not effective, regardless of whether it's automated. You'll have much better chances with compiled scripts. Once people have your obfuscated code, you're fucked. It will take a couple of minutes to deobfuscate it and remove any code that prevents unauthorized people from running it. [editline]28th April 2013[/editline] [QUOTE=RetTurtl3;40448664]Use a module to encode the data then send it to the clientside. send back to server side then send it back to the clientside. The code is useless anyway if they don't have the server side data and client side code is really messy[/QUOTE] What on earth are you doing? Send encrypted code to the client, back to the server and back to the client? Why not send it to Mars and back? What are you trying to do here?
This is a despicable practice to release code freely with and guaranteed it will be deobfuscated and released before you know it.
Falco is absolutely right, the only reason you should or someone has obfuscated code is if you're / they're hiding something, this could be because of leaking reasons or backdoors, either way you're / they're hiding something and people will know that. On the same note, Sasha is right; there will always be risks running software that you cannot read the source code for yourself, but good luck convincing your consumers that it's because of leaking and not backdoors. Additionally, I don't think this counts as cryptography because : A) You can decrypt it without a key B) The same amount of effort encrypting can be spent to get the source code while reversing it. Also, compiled Lua isn't that easy to reverse, it's still just processed scripts that make sense the the Interpreter; it's also much more practical given the environment that obfuscated Lua would exist in.
[QUOTE=>>oubliette<<;40452546]Falco is absolutely right, the only reason you should or someone has obfuscated code is if you're / they're hiding something[/QUOTE] Yeah, that's kinda the point. [QUOTE=>>oubliette<<;40452546]this could be because of leaking reasons or backdoors.[/QUOTE] I find it much more likely because of leaking reasons. I can't think of many ways you could do destructive things with a lua script alone, short of maybe deleting gmod config files or something. [QUOTE=>>oubliette<<;40452546]either way you're / they're hiding something and people will know that.[/QUOTE] Things are hidden from you all the time. There used to be (and probably still is) an exploit in VAC where servers can grab login info from it and steal client's accounts. How do you know the server you're joining isn't secretly stealing your account information or abusing some exploit to download malicious binaries on your system? There is no legitimate way of seeing things that are run serverside, so you can really never know. [QUOTE=>>oubliette<<;40452546] Additionally, I don't think this counts as cryptography because [/QUOTE] It's not really encryption. Encryption is useless to implement because at some point the script will need to be decrypted and ran with RunString or any similar function, which can be detoured pretty easily. If you all are correct about lua being difficult to decompile (I have not tried nor will I waste my time to prove an argument), then that seems to be the best solution for scripts ran by the CLIENT. As for server scripts ran on the client, this is still useful. [QUOTE=Ylsid;40452540]This is a despicable practice to release code freely with and guaranteed it will be deobfuscated and released before you know it.[/QUOTE] It's much more likely that one would have stuff stolen if they leave their code as it was written than if they obfuscate it or precompile it. Those who want the source code to copy will probably not have the means to steal it because they are filthy skids, and those who have the ability to probably wouldn't bother because they already know how to code. I mean, hell, look at all the threads in the "developers" section where people post code snippets and say something like "dis gm12 luaz doesn work ttt server help plz" or "guyz i wana make a pay 4 traitor lua so ttt how i do it". I see the gmod lua developer community on a small island surrounded by those who either want free code or want to steal other's code and claim it as their own.
[QUOTE=FPtje;40451997]mars and back[/QUOTE] Wtf are you talking about mars and back, kiddo, we're not doing extreme maths, you have no clue in what you're talking about don't say you do, Get a new brain?
[QUOTE=SashaWolf;40455003]Yeah, that's kinda the point. I find it much more likely because of leaking reasons. I can't think of many ways you could do destructive things with a lua script alone, short of maybe deleting gmod config files or something. Things are hidden from you all the time. There used to be (and probably still is) an exploit in VAC where servers can grab login info from it and steal client's accounts. How do you know the server you're joining isn't secretly stealing your account information or abusing some exploit to download malicious binaries on your system? There is no legitimate way of seeing things that are run serverside, so you can really never know. It's not really encryption. Encryption is useless to implement because at some point the script will need to be decrypted and ran with RunString or any similar function, which can be detoured pretty easily. If you all are correct about lua being difficult to decompile (I have not tried nor will I waste my time to prove an argument), then that seems to be the best solution for scripts ran by the CLIENT. As for server scripts ran on the client, this is still useful It's much more likely that one would have stuff stolen if they leave their code as it was written than if they obfuscate it or precompile it. Those who want the source code to copy will probably not have the means to steal it because they are filthy skids, and those who have the ability to probably wouldn't bother because they already know how to code. I mean, hell, look at all the threads in the "developers" section where people post code snippets and say something like "dis gm12 luaz doesn work ttt server help plz" or "guyz i wana make a pay 4 traitor lua so ttt how i do it". I see the gmod lua developer community on a small island surrounded by those who either want free code or want to steal other's code and claim it as their own.[/QUOTE] I was referring to back doors in the code rather than stuff that directly does damage , but regardless of what they're hiding, they're still hiding it. Correct me if I'm wrong but your suggested uses included anti-cheats, cheats and code that you didn't want to be leaked. I understand the first two but not the third; there isn't really a good reason to obfuscate the third which leads me to believe it so obfuscated because of back doors, or what not. With anti cheats; people that try and bypass it will still do eventually, this just slows them down, which isn't enough for the work I'd have to put in. With cheats, run compiled lua; it's simply better. For these reasons I believe this process is fairly redundant, though I for one appreciate your efforts in this tutorial. [editline]29th April 2013[/editline] [QUOTE=RetTurtl3;40459341]Wtf are you talking about mars and back, kiddo, we're not doing extreme maths, you have no clue in what you're talking about don't say you do, Get a new brain?[/QUOTE] Falco comments on your post being pointless and irrelevant by analogising it with a trip into space and you reply with another irrelevant post that has false accusations and general stupidity? Even if you had a argument against what falco said which you clearly don't rating their post dumb pretty much nullifies that. If its dumb explain why, don't just call it dumb and mutter irrelevant utter bullshit.
[QUOTE=>>oubliette<<;40459519]stuffs[/QUOTE] I understand your reasoning, but even you admit there is still a use for it, thus why I thought it would be valid regardless to post for it. Also, I don't like your idea of "it's going to be bypassed eventually anyway". Of course, no system is perfect. The goal is to discourage the large majority of people from wanting to try. Better this than to just flip the table and give up all hope of protecting your code from other people.
You shouldn't be releasing source if you don't want it to be seen. This discussion is stupid.
[QUOTE=Walrus Viking;40459966]You shouldn't be releasing source if you don't want it to be seen[/QUOTE] I can see the uses for a) Small private releases or b) Anti-cheat systems
[QUOTE=Walrus Viking;40459966]You shouldn't be releasing source if you don't want it to be seen. This discussion is stupid.[/QUOTE] I can't help but send (half) the source to my clients if I want them to be able to play my private gamemode on my server.
It's a really interesting issue. Keeping on topic, rather than attacking the idea: Manual obfuscation is silly. Instead, get a dedicated obfuscator to do it for you after you merge all your project files together. You can use squish to do all those things in one go: [url]http://matthewwild.co.uk/projects/squish/home[/url] It will first merge all the files you need together, then obfuscate, along with other options like shorten (which just reduces all the variable names in length). Having this means you can work with readable code, while sending obfuscated code to your clients or the steam workshop. Oh and Lua max file limit be gone! It actually works really well, but again it's a deterrent, not a final solution. Dedicated people can still reverse it. The same is true for compiled scripts, those can be very easily decompiled. In fact, there's no single way to completely stop anyone from getting your code source if they have access to the files that actually run (be it obfuscated scripts or compiled bytecode). Encrypting the source is one way, which would deter most people. Trouble is, the code needs to be unencrypted before running so even then people can still grab your code out of the memory. A little trickier, yes, but not impossible. One final interesting point, you could make it so that your scripts only run on your system by making/customising your own VM! This is probably just about the only way of truly stopping anyone, but it does rely on security through obscurity a little bit. You can change the source of the Lua compiler so that the opcodes do different things from the norm (though you probably only want to rename/move them to maintain functionality). So how does one even do that? Well, simply change lopcode.c and lopcode.h in the Lua source ([url]http://www.lua.org/source/5.2/lopcodes.h.html[/url], [url]http://www.lua.org/source/5.2/lopcodes.c.html[/url]) and swap the order of some of the functions. That'd be my best guess, though it may be a little more tricky and involve re-mapping some functions sin some other way (as you can tell, I've never attempted this, only read about people doing it). Perfectly possible, though. So, you mess with the compiler's source, compile your Lua scripts, and hey presto, you have a compiled Lua script capable of only running on your modified Lua VM! Feel free to send your code to others and laugh as it doesn't run (Until they figure out exactly the mappings you made in the opcode headers! :v:). It does add a lot of security, though, as someone guessing the exact changes you made could take a long time. Now there is one issue you may have picked up on, this won't work in all cases in GMod. Well, yes and no, I'm not too sure how GMod handles the Lua VM, but of course it is distributed with GMod. Issue is, if your code is compiled for a custom version of the VM, your code will ONLY work whenever you use your custom VM, I.E it will work for purely server side scripts and not clientside scripts, because you can't change your clients VM code but you can change your server's VM code! So you could write all your server side code and compile it for your custom VM, leaving your clientside code unprotected. This would be enough security for most gamemodes, since gamemodes rely on serverside code to work, too! I have no idea if this would work in practice, as I've never tried. As far as I can see I don't see why it wouldn't work, but perhaps someone more knowledgeable than I could shed some light on it if I am mistaken. Very interesting topic, though.
[QUOTE=Trumple;40460671]-stuff-[/QUOTE] You wouldn't be able to change op code functionalities from server to client. It would only work for scripts that are solely clientsides, for example, cheats. And with that being said, it would still be rather difficult to change these functionalities. You can't simply "change the headers and recompile". No-one has the complete source but Facepunch Studios. I still wouldn't find changing this very useful. I mean, I'm never going to release my cheats, I don't want skids using them or parts of it being in Hera ( there's more than likely a piece of every Garry's Mod cheat so far in that ) all I need to do to protect my code is not have it lying around for scripts stealers to grab. The only thing that I would [I]agree[/I] to bother using this with ( now ) is with Anti-Cheats that you plan on never releasing and want to protect the source that you send to the clients. This is a pretty reasonable use, but it's still not perfect and it's still not the best thing you can do. For one, this is completely useless if I have to do it by hand, because reversers would spend the same amount of time doing the opposite thing. If I really wanted to reverse something, I would get a nice C# application to do it for me with a click of a button, it wouldn't be that hard. Additionally OP missed out two of the best methods of obfuscation, algorithmic indexing and string encryption with string.char( numbers ).
[QUOTE=>>oubliette<<;40464047]You wouldn't be able to change op code functionalities from server to client. It would only work for scripts that are solely clientsides, for example, cheats. And with that being said, it would still be rather difficult to change these functionalities. You can't simply "change the headers and recompile". No-one has the complete source but Facepunch Studios. [/QUOTE] This is what I was saying: your compiled code would only work where you could use your custom VM you modified. So for a gamemode, you could change the serverside VM (because I doubt you'd be able to change the clientside VM) Is the VM bundled in with the GMod binaries or something? I would imagine it's just in a binary of its own. So yes, you could easily change the Lua source code seeing as Lua is open source, thus enabling a custom VM as above
[QUOTE=Trumple;40464090]This is what I was saying: your compiled code would only work where you could use your custom VM you modified. So for a gamemode, you could change the serverside VM (because I doubt you'd be able to change the clientside VM) Is the VM bundled in with the GMod binaries or something? I would imagine it's just in a binary of its own. So yes, you could easily change the Lua source code seeing as Lua is open source, thus enabling a custom VM as above[/QUOTE] You cannot replace binaries in source games. And how would modifying the serverside VM help anything? The client's VM is on their machine and any code the client runs is run in their VM. Lua is open source, yes. But Lua also has no ability to interact with source engine functions, that is where our version comes in ( basically just Lua with bindings and modifications in various places ). If you download the Lua source in compiles into a static or dynamic library called lua51.dll/lib. We don't have that DLL, we have Garry's lua_shared.dll, it's heavily modified from the original, exactly how isn't known exactly. You would need a DLL to change how the VM works, this would be difficult to make and because you cannot send DLL's to the client, you wouldn't be able to protect your clientside code from the clients this way.
[QUOTE=>>oubliette<<;40464125]You cannot replace binaries in source games. And how would modifying the serverside VM help anything? The client's VM is on their machine and any code the client runs is run in their VM. Lua is open source, yes. But Lua also has no ability to interact with source engine functions, that is where our version comes in ( basically just Lua with bindings and modifications in various places ). If you download the Lua source in compiles into a static or dynamic library called lua51.dll/lib. We don't have that DLL, we have Garry's lua_shared.dll, it's heavily modified from the original, exactly how isn't known exactly. You would need a DLL to change how the VM works, this would be difficult to make and because you cannot send DLL's to the client, you wouldn't be able to protect your clientside code from the clients this way.[/QUOTE] Ah okay, I see. So the limit here is that the Lua dll is already modified, so we can't just make our own. Fair enough. Perhaps in another situation outside of GMod this would be practical.
[QUOTE=RetTurtl3;40459341]Wtf are you talking about mars and back, kiddo, we're not doing extreme maths, you have no clue in what you're talking about don't say you do, Get a new brain?[/QUOTE] I'm pretty sure mine's not the problem here.
Obfuscation your own code is just plain stupid, how do you expect to pinpoint errors and problems in your code when you use shit like this. Garry's Mod is an open source community as mentioned by another member, it's something you have to live with. This doesn't just affect Garry's Mod, there are many other games that utilize LUA which also have this "problem".
[QUOTE=Ruzza;40464840]Obfuscation your own code is just plain stupid, how do you expect to pinpoint errors and problems in your code when you use shit like this. Garry's Mod is an open source community as mentioned by another memory, it's something you have to live with. This doesn't just affect Garry's Mod, there are many other games that utilize LUA which also have this "problem".[/QUOTE] What you can do is design your software properly so the client only has the information it needs to display things on the HUD and make the menu's. Any code that's run on the client can be stolen by the client. Regardless of how much you obfuscate it, compile it fuck it over in any other way. Serverside scripts can be kept secret if no exploits exists to get server files.
[QUOTE=FPtje;40465586]What you can do is design your software properly so the client only has the information it needs to display things on the HUD and make the menu's. Any code that's run on the client can be stolen by the client. Regardless of how much you obfuscate it, compile it fuck it over in any other way. Serverside scripts can be kept secret if no exploits exists to get server files.[/QUOTE] Well yes, I suppose this is fine for private gamemodes and such. Releasing your code and not wanting people to have access to the source is an issue in literally every software branch that deals with clientside code. There's no true way of stopping anyone, it just acts as a deterrent I think is the main point here. It's an interesting topic, and is one that applies in the real world too, take always-online DRM on SimCity as an example. People still get around it! Interesting stuff though
TBH anyone that manages to unminify your code probably deserves it. Especially if you help them out with a few choice tips from [url=http://thc.org/root/phun/unmaintain.html]this guide[/url] such as defining 26 (a-z) upvalues at the top of your file and using them instead of locals. (Implement your own stack system if you need more.) [editline]29th April 2013[/editline] [lua]local a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z;local A;surface.SetFont("DefaultFixed")s,t=surface.GetTextSize("100%")c=false;j=6;local B,C=ScrH(),ScrW()local function D(c)return c.r,c.g,c.b,c.a end;local E,newbar,barprep={}do local function F(g)return string.format("%3i%%",g)end;local G=108;local H=18;local I=B-20;local J=(H-t)/2+1;local K=(H-8-t)/2+1;local L=(s-16)/2;local M=(H-16)/2;local function p(N)g=N:g()if g==-1 then return end;x,y=0,I;w,h=G,H;surface.SetDrawColor(0,0,0,150)surface.DrawRect(x,y,w+s,h)surface.SetTextColor(255,255,255,255)surface.SetFont("DefaultFixed")x=s;i=N.i;if i and false then surface.SetDrawColor(255,255,255,255)surface.SetTexture(i)surface.DrawTexturedRect(L,y+M,16,16)end;x=x+4;y=y+4;h=h-8;w=w-8;if g~=0 then surface.SetDrawColor(D(N.c))surface.DrawRect(x,y,g,h)end;z=N.tf and N:tf()or N.w;x=x+(w-z)/2;surface.SetTextPos(x,y+K)surface.DrawText(N.t)I=I-H-5 end;function newbar(O,P,Q,R,S)surface.SetFont("DefaultFixed")w=surface.GetTextSize(P)E[#E+1]={i=O and surface.GetTextureID(O),y=I,p=p,c=Q,t=P,S=S,g=R,w=w}end;function barprep()I=B-20 end end;newbar("gui/silkicons/heart","Health: 100",Color(255,0,0),function(N)N.h=A:Health()h=math.min(N.h,100)return N.h==100 and-1 or h end,function(N)N.t="Health: "..N.h;return N.w end)a={}newbar("gui/silkicons/package","Ammo",Color(0,0,255),function(N)w=A:GetActiveWeapon()N.a,N.b,N.m=nil;if not IsValid(w)then return-1 end;f=w:GetClass()l=w:Clip1()m=a[f]if not m or l>m then a[f]=l;m=l end;if m<1 then return-1 end;N.a,N.m,N.b=l,m,A:GetAmmoCount(w:GetPrimaryAmmoType())return l/m*100 end,function(N)if N.a~=nil then f=N.a.."/"..N.m.." ("..N.b..")"end;N.t=f;return surface.GetTextSize(f)end)local T,addbox,boxprep={}do local H=20;local G,J=surface.GetTextSize("12345678901234567890123456789012345678901234567890")local I=10;local L=(s-16)/2;local M=(H-16)/2;local U=(H-J)/2;local function p(N)t=N:t()if t==-1 then return end;x,y=0,I;w,h=G,H;surface.SetDrawColor(0,0,0,150)surface.DrawRect(x,y,w+s,h)x=s;i=N.i;if i then surface.SetDrawColor(255,255,255,255)surface.SetTexture(i)surface.DrawTexturedRect(L,y+M,16,16)end;surface.SetFont("DefaultFixed")surface.SetTextColor(255,255,255,255)surface.SetTextPos(x+(w-surface.GetTextSize(t))/2,y+U)surface.DrawText(t)I=I+H+2 end;function addbox(O,V)T[#T+1]={i=O and surface.GetTextureID(O),t=V,p=p}end;function boxprep()I=10 end end;addbox("gui/silkicons/user",function(N)return"Name: "..A:Name():sub(1,43)end)do local W,X=surface.GetTextureID("gui/silkicons/male"),surface.GetTextureID("gui/silkicons/female")addbox("gui/silkicons/male",function(N)t=A._Gender or"???"if t~=N.o then if t=="Female"then N.i=X else N.i=W end;N.o=t end;return"Gender: "..t end)end;addbox("gui/silkicons/group",function(N)t=A:GetNWString("Clan")if t==""then return-1 end;return"Clan: "..t end)local addhint,painthints;do local Y="TabLarge"surface.SetFont(Y)w,h=surface.GetTextSize("M")local Z={}local _=h+10;local a0=B-_-5;local a1=1;local a2=5;local U=5;local a3=7;local function p(N,a4)if a0<0 then return end;w,h=N.w+j+a3,_;x,y=N.x,a0;if not N.b then x=x-2;m=C-w;if x<=m then N.b=a4+a2;N.k=true;x=m end elseif N.b<a4 then x=x+1;N.k=false;if x==C then return false end else o=(N.b-a4)/a2*_;surface.SetDrawColor(200,200,200,255)surface.DrawRect(C-j,a0+_-o,j,o)end;N.x=x;surface.SetDrawColor(0,0,0,220)surface.DrawRect(x,y,w,h)if N.k then if N.s then surface.PlaySound(N.s)N.s=nil end;if N.c then N.e=N.e or a4+0.5;e=N.e-a4;if e<=0.25 then surface.SetDrawColor(D(N.c))surface.DrawRect(x,y,w,h)if e<=0 then N.e=a4+0.5;N.f=N.f and N.f+1 or 1;if N.f==2 then N.c=nil end end end end end;surface.SetTextPos(x+a3,y+U)surface.DrawText(N.t)end;function painthints()surface.SetDrawColor(0,0,0,150)surface.DrawRect(C-j,0,j,B)a0=B/2+_;local a4=RealTime()surface.SetFont(Y)surface.SetTextColor(255,255,255,255)for a5,a6 in pairs(Z)do if p(a6,a4)==false then Z[a5]=nil else a0=a0-_-5 end end end;function addhint(a7,a8,a9)surface.SetFont(Y)Z[a1]={c=a7,t=a8,x=C,w=surface.GetTextSize(a8)+j,i=a1,s=a9}a1=a1+1 end;concommand.Add("addhint",function(p,c,a)addhint(Color(255,0,0,120),a[1],"buttons/button10.wav")end)end;local function aa()A=A or LocalPlayer()w,h=C,B;surface.SetDrawColor(0,0,0,150)surface.DrawRect(0,0,s,h)barprep()for a5,ab in ipairs(E)do ab:p()end;boxprep()for a5,ac in ipairs(T)do ac:p()end;painthints()end;local function ad(ae)if ae=="CHudHealth"or ae=="CHudBattery"or ae=="CHudSuitPower"or ae=="CHudAmmo"or ae=="CHudSecondaryAmmo"then return false end end;local function af()c=true end;local function ag()c=false end;hook.Add("HUDPaint","TestHud",aa)hook.Add("HUDShouldDraw","TestHud",ad)[/lua]
[QUOTE=Lexic;40465875] [lua]local a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z;local A;surface.SetFont("DefaultFixed")s,t=surface.GetTextSize("100%")c=false;j=6;local B,C=ScrH(),ScrW()local function D(c)return c.r,c.g,c.b,c.a end;local E,newbar,barprep={}do local function F(g)return string.format("%3i%%",g)end;local G=108;local H=18;local I=B-20;local J=(H-t)/2+1;local K=(H-8-t)/2+1;local L=(s-16)/2;local M=(H-16)/2;local function p(N)g=N:g()if g==-1 then return end;x,y=0,I;w,h=G,H;surface.SetDrawColor(0,0,0,150)surface.DrawRect(x,y,w+s,h)surface.SetTextColor(255,255,255,255)surface.SetFont("DefaultFixed")x=s;i=N.i;if i and false then surface.SetDrawColor(255,255,255,255)surface.SetTexture(i)surface.DrawTexturedRect(L,y+M,16,16)end;x=x+4;y=y+4;h=h-8;w=w-8;if g~=0 then surface.SetDrawColor(D(N.c))surface.DrawRect(x,y,g,h)end;z=N.tf and N:tf()or N.w;x=x+(w-z)/2;surface.SetTextPos(x,y+K)surface.DrawText(N.t)I=I-H-5 end;function newbar(O,P,Q,R,S)surface.SetFont("DefaultFixed")w=surface.GetTextSize(P)E[#E+1]={i=O and surface.GetTextureID(O),y=I,p=p,c=Q,t=P,S=S,g=R,w=w}end;function barprep()I=B-20 end end;newbar("gui/silkicons/heart","Health: 100",Color(255,0,0),function(N)N.h=A:Health()h=math.min(N.h,100)return N.h==100 and-1 or h end,function(N)N.t="Health: "..N.h;return N.w end)a={}newbar("gui/silkicons/package","Ammo",Color(0,0,255),function(N)w=A:GetActiveWeapon()N.a,N.b,N.m=nil;if not IsValid(w)then return-1 end;f=w:GetClass()l=w:Clip1()m=a[f]if not m or l>m then a[f]=l;m=l end;if m<1 then return-1 end;N.a,N.m,N.b=l,m,A:GetAmmoCount(w:GetPrimaryAmmoType())return l/m*100 end,function(N)if N.a~=nil then f=N.a.."/"..N.m.." ("..N.b..")"end;N.t=f;return surface.GetTextSize(f)end)local T,addbox,boxprep={}do local H=20;local G,J=surface.GetTextSize("12345678901234567890123456789012345678901234567890")local I=10;local L=(s-16)/2;local M=(H-16)/2;local U=(H-J)/2;local function p(N)t=N:t()if t==-1 then return end;x,y=0,I;w,h=G,H;surface.SetDrawColor(0,0,0,150)surface.DrawRect(x,y,w+s,h)x=s;i=N.i;if i then surface.SetDrawColor(255,255,255,255)surface.SetTexture(i)surface.DrawTexturedRect(L,y+M,16,16)end;surface.SetFont("DefaultFixed")surface.SetTextColor(255,255,255,255)surface.SetTextPos(x+(w-surface.GetTextSize(t))/2,y+U)surface.DrawText(t)I=I+H+2 end;function addbox(O,V)T[#T+1]={i=O and surface.GetTextureID(O),t=V,p=p}end;function boxprep()I=10 end end;addbox("gui/silkicons/user",function(N)return"Name: "..A:Name():sub(1,43)end)do local W,X=surface.GetTextureID("gui/silkicons/male"),surface.GetTextureID("gui/silkicons/female")addbox("gui/silkicons/male",function(N)t=A._Gender or"???"if t~=N.o then if t=="Female"then N.i=X else N.i=W end;N.o=t end;return"Gender: "..t end)end;addbox("gui/silkicons/group",function(N)t=A:GetNWString("Clan")if t==""then return-1 end;return"Clan: "..t end)local addhint,painthints;do local Y="TabLarge"surface.SetFont(Y)w,h=surface.GetTextSize("M")local Z={}local _=h+10;local a0=B-_-5;local a1=1;local a2=5;local U=5;local a3=7;local function p(N,a4)if a0<0 then return end;w,h=N.w+j+a3,_;x,y=N.x,a0;if not N.b then x=x-2;m=C-w;if x<=m then N.b=a4+a2;N.k=true;x=m end elseif N.b<a4 then x=x+1;N.k=false;if x==C then return false end else o=(N.b-a4)/a2*_;surface.SetDrawColor(200,200,200,255)surface.DrawRect(C-j,a0+_-o,j,o)end;N.x=x;surface.SetDrawColor(0,0,0,220)surface.DrawRect(x,y,w,h)if N.k then if N.s then surface.PlaySound(N.s)N.s=nil end;if N.c then N.e=N.e or a4+0.5;e=N.e-a4;if e<=0.25 then surface.SetDrawColor(D(N.c))surface.DrawRect(x,y,w,h)if e<=0 then N.e=a4+0.5;N.f=N.f and N.f+1 or 1;if N.f==2 then N.c=nil end end end end end;surface.SetTextPos(x+a3,y+U)surface.DrawText(N.t)end;function painthints()surface.SetDrawColor(0,0,0,150)surface.DrawRect(C-j,0,j,B)a0=B/2+_;local a4=RealTime()surface.SetFont(Y)surface.SetTextColor(255,255,255,255)for a5,a6 in pairs(Z)do if p(a6,a4)==false then Z[a5]=nil else a0=a0-_-5 end end end;function addhint(a7,a8,a9)surface.SetFont(Y)Z[a1]={c=a7,t=a8,x=C,w=surface.GetTextSize(a8)+j,i=a1,s=a9}a1=a1+1 end;concommand.Add("addhint",function(p,c,a)addhint(Color(255,0,0,120),a[1],"buttons/button10.wav")end)end;local function aa()A=A or LocalPlayer()w,h=C,B;surface.SetDrawColor(0,0,0,150)surface.DrawRect(0,0,s,h)barprep()for a5,ab in ipairs(E)do ab:p()end;boxprep()for a5,ac in ipairs(T)do ac:p()end;painthints()end;local function ad(ae)if ae=="CHudHealth"or ae=="CHudBattery"or ae=="CHudSuitPower"or ae=="CHudAmmo"or ae=="CHudSecondaryAmmo"then return false end end;local function af()c=true end;local function ag()c=false end;hook.Add("HUDPaint","TestHud",aa)hook.Add("HUDShouldDraw","TestHud",ad)[/lua][/QUOTE] Hi ';' Welcome to Lua.
[QUOTE=Lexic;40465875] [lua]-- Lots of code --[/lua] [/QUOTE] I am suprized to see that this code is about 390 lines if formatted properly, and still can be made worse
The way I see it. Just open source it on something like github (You don't have to tell everyone you did). If someone tries to steal some part of it, you can prove that they did. This is like patents. They stop innovation because everyone is attacking everyone else. What is really so wrong about someone seeing your code and improving on it in different code?
[QUOTE=vexx21322;40466656]The way I see it. Just open source it on something like github (You don't have to tell everyone you did). If someone tries to steal some part of it, you can prove that they did. This is like patents. They stop innovation because everyone is attacking everyone else. What is really so wrong about someone seeing your code and improving on it in different code?[/QUOTE] I think the key is learning to live with it. It's not the end of the word if people get ahold of your code, so long as you're properly credited. Rips are obvious, it just depends what the people who steal them do with it. One argument on the other hand: Uniqueness is good. If every server ran the same game modes, perhaps with small edits, it would all get a bit dull very quickly. The fact that there are competing private gamemodes out there encourages development. It's all too easy to get a public gamemode, whack open a server, and become part of the hundreds of others out there. Privatisation does have it's pros in the context of GMod and similar games
[QUOTE=SeveredSkull;40466151]Hi ';' Welcome to Lua.[/QUOTE] Semicolon's are used in Lua all the time.
[QUOTE=vexx21322;40466656]The way I see it. Just open source it on something like github (You don't have to tell everyone you did). If someone tries to steal some part of it, you can prove that they did. This is like patents. They stop innovation because everyone is attacking everyone else. What is really so wrong about someone seeing your code and improving on it in different code?[/QUOTE] Assembla and bitbucket offer private repositories for free. I use bitbucket for Falco's Private Small Scripts.
[QUOTE=FPtje;40441395]I'm way more interested in making sure your clientside scripts don't get stolen when you join the wrong server.[/QUOTE] I know I'm late, but what is this you're speaking of?
[QUOTE=t h e;40469283]I know I'm late, but what is this you're speaking of?[/QUOTE] A server could potentially use the file.* functions to read the contents of your /lua folder and then send them to the server. A lot of servers use this as a form of anti-cheat - the advantage been you then steal the source code for their hack and can better defend against it.
How do I use squishy? I downloaded it, but I'm not sure what to do from here.
i think the real question here is "does anyone in the current gmod community make anything worth stealing anymore?" and the answer is no, so stop worrying about it [editline]29th April 2013[/editline] it would be a more impressive feat to not write shit code versus obfuscating your junk so kids can't steal it and potentially actually learn from it
Sorry, you need to Log In to post a reply to this thread.