Be aware of getrawmetatable, setrawmetatable, hookmetamethod functions
They will fail if a provided object’s metatable was created OUTSIDE the VM, if the metatable was created INSIDE the VM then the function will behave as normal.
Be aware of hooking
Make sure to use newcclosure because they open up detection vectors.
local hook: (...any) -> (...any); hook = hookfunction(math.clamp, function(...: any): ...: any
return hook(...);
end);
-- could be detected by:
xpcall(function(): never
return math.clamp();
end, function(error_message_str: string): ()
if (getfenv(2) ~= getfenv() or debug.info(2, "s") ~= "[C]") then
print("detected");
end;
return
end);
However you do not need to worry about this risk, when hooking because we do it for you automatically if you did not, they still open detections via stack-overflow and such.
However you are safe from more simple checks:
local hook: (...any) -> (...any); hook = hookfunction(tick, function(...: any): ...any
return hook(...);
end);
if (getfenv(tick) ~= getfenv() or debug.info(tick, "f") ~= tick or pcall(setfenv, tick, {}) or debug.info(tick, "s") ~= "[C]") then
print("detected");
end;
-- fails
There is NO ARGUMENT GUARD! it is up to you as the developer to sanitize and check arguments passed to hooks.
Detections
There’s plenty of detections an anti-tamper can use, I have no plans to fix them and I only care about a sandbox escape, if you use a script that has an anti-tamper prepare to be obliterated by it, however we offer you plenty of tools to reverse engineer the anti-tamper from the VM level (ex. hookopcode, many many functions in the debug lib)