|
| 01 Mar 2017 08:32 PM |
When I run this in a server script with loadstring disabled:
loadstring(Instance.new("Part",game.Workspace))()
The part still spawns. I do get an error in the output saying that loadstring() is not available.
When I run the same code with loadstring enabled, the part still spawns, but with this error message instead:
Workspace.Script:1: bad argument #1 to 'loadstring' (string expected, got Object)
What's going on here? Why did loadstring work without it being enabled? I tested it on a server as well, so this is really confusing me. Can server scripts run loadstring() without it being enabled?
Thanks.
~MightyDantheman~ |
|
|
| Report Abuse |
|
|
|
| 01 Mar 2017 08:35 PM |
loadstring("Instance.new("Part",game.Workspace)")()
You forgot the " 's or ' 's |
|
|
| Report Abuse |
|
|
|
| 01 Mar 2017 08:39 PM |
Oh okay. But why did loadstring() work without those and without loadstring() being enabled? Is that just a glitch?
~MightyDantheman~ |
|
|
| Report Abuse |
|
|
|
| 01 Mar 2017 08:42 PM |
| the loadstring part didn't work, it creates the part in workspace regardless, it just can't loadstring it. |
|
|
| Report Abuse |
|
|
|
| 01 Mar 2017 08:44 PM |
loadstring("Instance.new("Part",game.Workspace)")()
Incorrect; you have to either escape the quotes or use long strings
|
|
|
| Report Abuse |
|
|
|
| 01 Mar 2017 08:45 PM |
Oh okay. I'm trying to figure out how to encrypt a script without loadstring() having to be enabled due to exploiters (or so the warning says when you enable it). I was going to use byte-code, but don't I need loadstring() for that?
~MightyDantheman~ |
|
|
| Report Abuse |
|
|
|
| 01 Mar 2017 08:48 PM |
http://wiki.roblox.com/index.php?title=Global_namespace/Basic_functions#loadstring
|
|
|
| Report Abuse |
|
|
|
| 01 Mar 2017 08:58 PM |
Okay, but is there a way to encrypt my script and be able to run it without loadstring() or will that be required?
~MightyDantheman~ |
|
|
| Report Abuse |
|
|
|
| 01 Mar 2017 09:00 PM |
I was just showing him he forgot the "'s, I wasn't intending to make sure the string format was accurate.
loadstring([==[Instance.new("Part",game.Workspace)]==])() |
|
|
| Report Abuse |
|
|
Tochigi
|
  |
| Joined: 15 May 2010 |
| Total Posts: 355 |
|
|
| 01 Mar 2017 09:06 PM |
correct me if i'm wrong, but this should work loadstring("Instance.new(\"Part\",game.Workspace)")()
|
|
|
| Report Abuse |
|
|
|
| 01 Mar 2017 09:09 PM |
Or this: loadstring([[Instance.new("Part",game.Workspace)]])()
But anyways, will I not be able to run an encrypted script without loadstring()?
I know that if I do use loadstring(), I'll have to decrypt it before it loads it. But I'd really like to avoid loadstring() if possible.
~MightyDantheman~ |
|
|
| Report Abuse |
|
|
chimmihc
|
  |
| Joined: 01 Sep 2014 |
| Total Posts: 17143 |
|
|
| 01 Mar 2017 09:15 PM |
| You can't encrypt a script. |
|
|
| Report Abuse |
|
|
|
| 01 Mar 2017 09:26 PM |
Do you mean in general or without loadstring()?
Because you can easily encrypt a script, but you'll need loadstring() to run any of the code after you decrypt it.
~MightyDantheman~ |
|
|
| Report Abuse |
|
|
chimmihc
|
  |
| Joined: 01 Sep 2014 |
| Total Posts: 17143 |
|
|
| 01 Mar 2017 09:54 PM |
I mean at all.
Nothing you can do with loadstring would be considered encryption.
The clients don't have access to the source of scripts anyway, so it would be pointless. |
|
|
| Report Abuse |
|
|
|
| 01 Mar 2017 10:50 PM |
That's not the point. If I'm making a model that requires something (such as checking if the owner of the game owns something), I don't want the average person to just be able to go into the script and change it or rescript it. You can easily use byte-code to encrypt a script, then have a quick little function decrypt it inside the loadstring().
~MightyDantheman~ |
|
|
| Report Abuse |
|
|
|
| 01 Mar 2017 11:29 PM |
Your loadstring worked because of how Lua evaluates things. To give a more clear example, running this code: loadstring(workspace.Base.Position) has to actually fetch the position before seeing that it's an incompatible type. So you did
local p = Instance.new("Part", workspace) loadstring(p)
... effectively.
More importantly, don't try to encrypt your scripts. Roblox does not allow clients to read server script sources even if you put them in a stupid place like workspace AND stupidly don't use FE, and if someone manages to steal your place file it won't matter what you do.
In general, you shouldn't have loadstring enabled, especially if you are using it to rely on user input. That just makes your game more vulnerable. And encrypting your scripts just makes it harder to continue work. |
|
|
| Report Abuse |
|
|
|
| 01 Mar 2017 11:30 PM |
| -_- Oh you are trying to make models annoying? That is very bad practice and the problem is that in the end you have to call loadstring, so they can just print it then. |
|
|
| Report Abuse |
|
|
|
| 02 Mar 2017 12:02 AM |
I'm just trying to encrypt a script so that only paid users can use it. I know it'll easily be cracked, but the people that are using it don't know how. Besides, it's about time to be able to sell models and scripts to multiple people without having to worry too much about leaks.
~MightyDantheman~ |
|
|
| Report Abuse |
|
|
|
| 02 Mar 2017 12:23 AM |
Just to prove my point of encryption, using an encrypter/decrypter that I made awhile back, I encrypted:
print("Hello world!")
With the ID of '1', of which became this (if it doesn't get filtered):
qsjou)#Ifmmp!xpsme"#*
You can check it out here, but it was kinda just a test so sorry for the quality (and using offset instead of percentage):
https://www.roblox.com/library/614949817/R-Crypt
~MightyDantheman~ |
|
|
| Report Abuse |
|
|
cntkillme
|
  |
| Joined: 07 Apr 2008 |
| Total Posts: 44956 |
|
|
| 02 Mar 2017 12:54 AM |
Nice, a crappy cipher that won't make a difference because you have to "decrypt" it when you actually want to load it.
And also that you can also call loadstring on the server (provided it's enabled) so it's useless to begin with unless you're sharing your place. |
|
|
| Report Abuse |
|
|
|
| 02 Mar 2017 12:58 AM |
cnt, did you read everything? I want to encrypt my script for use in models so that only people who bought a certain item can use it in their game. Anyways, I know that this isn't possible without loadstring(), so there's no point anyways.
~MightyDantheman~ |
|
|
| Report Abuse |
|
|
cntkillme
|
  |
| Joined: 07 Apr 2008 |
| Total Posts: 44956 |
|
|
| 02 Mar 2017 01:02 AM |
| why not just require-by-id? you wouldn't need to enable loadstring or share your code |
|
|
| Report Abuse |
|
|
|
| 02 Mar 2017 01:04 AM |
Because requiring requires the ModuleScript to be unlocked. They can just copy the id of the require and search for it. If there was a way to do this without them getting access to the source, that would be perfect.
~MightyDantheman~ |
|
|
| Report Abuse |
|
|
|
| 02 Mar 2017 01:05 AM |
Well, I should clarify, it is required to be unlocked for others to require it, which is necessary.
~MightyDantheman~ |
|
|
| Report Abuse |
|
|
cntkillme
|
  |
| Joined: 07 Apr 2008 |
| Total Posts: 44956 |
|
|
| 02 Mar 2017 01:05 AM |
| No, you can require-by-ID even when it's copylocked |
|
|
| Report Abuse |
|
|