"...If destroying it makes it stop running, how can it then retrieve values from the table?"
It isn't the script that retrieves the values, it is the function.
When you create a function closure, it also has its very own environment. Yep. Functions have their own environment.
Don't believe me? Here's an example:
do
local hax = "hi" -- This will be removed after the 'do end' scope ends.
function printhi() -- This won't be removed after the 'do end' scope ends.
print(hax)
end
end
printhi() --> hi
The only thing that can access the variable is the printhi function, as the only place where the variable exists is in the printhi function's environment. Look, if you don't believe me, look on lua.org or test it by yourself.
Even if the script doesn't exist anymore, the function still exists and the table still exists too, but only the function can access it. Since that function's environment isn't replicated (duh, if the function isn't replicated, why would its environment be replicated? _G isn't replicated between the server and the clients), the table doesn't exist on the clients. THe only place it exists is in the server's memory. And only that function can access it. Since there is no way to force the function to give us its environment (small exception here: the exploit posted by NecroBumpist could do it, but it is a Lua exploit (not a ROBLOX exploit, a _LUA_ exploit) and bytecode loading will soon be removed), the table's data can't be accessed. Plus all it contains is bytecode, the source was only present in the script's Source property and that script got garbage collected.
Therefore, the only things that can access the table are: the Lua VM and the function.
Neither of those are going to just give you the data of the table, therefore, the only way to recover it is to look in the memory, and since it isn't replicated on client, the _ONLY_ way to read the data is to go to the ROBLOX HQ, plug a monitor in the right server, download cheat engine and literally run Cheat Engine on a server located at the ROBLOX HQ.
No, I'm serious, that's really the only way. There's no way to get the source, neither the bytecode, from Lua. You must do it by looking in the memory. But that requires using a program that can read the memory (such as Cheat Engine) on the ROBLOX server, since the data isn't replicated on clients.
This method is REALLY secure. Far more than bytecode, I'm even surprised nobody thought of it before. In fact, it is Sorcus that suggested something similar to this. I then improved his idea and decided to make a script using that idea. |