Начинающий
- Статус
- Оффлайн
- Регистрация
- 13 Фев 2026
- Сообщения
- 295
- Реакции
- 7
Народ, ковыряю Roblox и снова приходится подстраиваться под очередные патчи от Byfron. Делюсь актуальным дампом оффсетов для версии v668. Кто сейчас пишет свои экзекуторы или копается во внутренностях Luau — забирайте базу, сэкономите пару часов на реверсе.
Что внутри:
Технические моменты:
Важное для тех, кто в теме:
Линк на актуальный хедер:
Кто уже пробовал на этой версии пробраться в Luau VM, отпишитесь, нет ли проблем с релокацией у вас?
Что внутри:
- 102 Class Descriptors: все основные объекты, включая Workspace и Players.
- 80+ Luau VM оффсетов: структура lua_State, Closure, Proto, TValue, полноценно промаплено.
- Identity System: ExtraSpace оффсеты для проверки уровня доступа (0-8).
- Runtime Strings: вытянуты через анализ .rdata (обход шифрования .text).
Технические моменты:
Код:
#pragma once
// AresDumper v1.1.0 Executor Offsets
// 2026-04-06
// Mode: MEMORY | Byfron: detected
#pragma once
#include <cstdint>
#include <Windows.h>
#define REBASE(rva) (reinterpret_cast<uintptr_t>(GetModuleHandleA(nullptr))+(rva))
constexpr uintptr_t Byfron_Section_RVA = REBASE(0x88FB000);
constexpr uintptr_t Byfron_Section_Size = 0x252;
constexpr uintptr_t Hyperion_Section_Size = 0x14;
constexpr uintptr_t Hyperion_Section_RVA = REBASE(0x88FA000);
constexpr uintptr_t ClassDesc_UIGridLayout = REBASE(0x5AA3C30);
constexpr uintptr_t ClassDesc_UIListLayout = REBASE(0x5AA3CC0);
constexpr uintptr_t ClassDesc_UIPadding = REBASE(0x5AA3CF0);
constexpr uintptr_t ClassDesc_UIScale = REBASE(0x5AA3D50);
constexpr uintptr_t ClassDesc_UIStroke = REBASE(0x5AA3DE0);
constexpr uintptr_t ClassDesc_UserInputService = REBASE(0x5A95E50);
constexpr uintptr_t ClassDesc_Vector3Value = REBASE(0x5A9B660);
constexpr uintptr_t ClassDesc_VoiceChatService = REBASE(0x5A96540);
constexpr uintptr_t ClassDesc_WeldConstraint = REBASE(0x5AA46E0);
constexpr uintptr_t ClassDesc_Workspace = REBASE(0x5A96720);
constexpr uintptr_t ClassDesc_AnimationController = REBASE(0x5A8EBD0);
constexpr uintptr_t ClassDesc_AnimationTrack = REBASE(0x5A5C740);
constexpr uintptr_t ClassDesc_BasePart = REBASE(0x5A8FB70);
constexpr uintptr_t ClassDesc_BaseScript = REBASE(0x5A9CE20);
constexpr uintptr_t ClassDesc_Beam = REBASE(0x5A8FDC0);
constexpr uintptr_t ClassDesc_BillboardGui = REBASE(0x5A8FDD0);
constexpr uintptr_t ClassDesc_BindableEvent = REBASE(0x5A8FDE0);
constexpr uintptr_t ClassDesc_BindableFunction = REBASE(0x5A97090);
constexpr uintptr_t ClassDesc_BodyForce = REBASE(0x5A9D090);
constexpr uintptr_t ClassDesc_BodyGyro = REBASE(0x5A9D0C0);
constexpr uintptr_t ClassDesc_BodyPosition = REBASE(0x5A8FDF0);
constexpr uintptr_t ClassDesc_BodyVelocity = REBASE(0x5A8FE10);
constexpr uintptr_t ClassDesc_BoolValue = REBASE(0x5A98DE0);
constexpr uintptr_t ClassDesc_CFrameValue = REBASE(0x5A98E70);
constexpr uintptr_t ClassDesc_CollectionService = REBASE(0x5A90320);
constexpr uintptr_t ClassDesc_Color3Value = REBASE(0x5A99130);
constexpr uintptr_t ClassDesc_ContextActionService = REBASE(0x5A90550);
constexpr uintptr_t ClassDesc_DataStoreService = REBASE(0x5A909F0);
constexpr uintptr_t ClassDesc_Debris = REBASE(0x5A90A60);
constexpr uintptr_t ClassDesc_HingeConstraint = REBASE(0x5A9F580);
constexpr uintptr_t ClassDesc_HttpService = REBASE(0x5A91D70);
constexpr uintptr_t ClassDesc_Humanoid = REBASE(0x5A91E20);
constexpr uintptr_t ClassDesc_ImageButton = REBASE(0x5A923C0);
constexpr uintptr_t ClassDesc_ImageLabel = REBASE(0x5A923D0);
constexpr uintptr_t ClassDesc_InsertService = REBASE(0x5A92430);
constexpr uintptr_t ClassDesc_IntValue = REBASE(0x5A99DA0);
constexpr uintptr_t ClassDesc_LocalizationService = REBASE(0x5A92970);
constexpr uintptr_t ClassDesc_LuaSourceContainer = REBASE(0x5AA0090);
constexpr uintptr_t ClassDesc_MarketplaceService = REBASE(0x5A92C00);
constexpr uintptr_t ClassDesc_MemoryStoreService = REBASE(0x5A92F50);
constexpr uintptr_t ClassDesc_NumberValue = REBASE(0x5A9A330);
constexpr uintptr_t ClassDesc_ObjectValue = REBASE(0x5A9A360);
constexpr uintptr_t ClassDesc_ParticleEmitter = REBASE(0x5A933B0);
constexpr uintptr_t ClassDesc_PathfindingService = REBASE(0x5A93560);
constexpr uintptr_t ClassDesc_RemoteEvent = REBASE(0x5A94360);
constexpr uintptr_t ClassDesc_RemoteFunction = REBASE(0x5A980E0);
constexpr uintptr_t ClassDesc_ReplicatedStorage = REBASE(0x5AA1AD0);
constexpr uintptr_t ClassDesc_RunService = REBASE(0x5A944A0);
constexpr uintptr_t ClassDesc_ScreenGui = REBASE(0x5AA1FB0);
constexpr uintptr_t ClassDesc_ScriptContext = REBASE(0x5A94680);
constexpr uintptr_t ClassDesc_ScrollingFrame = REBASE(0x5A94850);
constexpr uintptr_t ClassDesc_ServerScriptService = REBASE(0x5AA2400);
constexpr uintptr_t ClassDesc_ServerStorage = REBASE(0x5AA2430);
constexpr uintptr_t ClassDesc_SoundService = REBASE(0x5A94C30);
constexpr uintptr_t ClassDesc_SpawnLocation = REBASE(0x5AA2970);
constexpr uintptr_t ClassDesc_StarterGui = REBASE(0x5A94D80);
constexpr uintptr_t ClassDesc_StarterPack = REBASE(0x5AA2B80);
constexpr uintptr_t ClassDesc_StarterPlayer = REBASE(0x5AA2BB0);
constexpr uintptr_t ClassDesc_StarterPlayerScripts = REBASE(0x5AA2BE0);
constexpr uintptr_t ClassDesc_StringValue = REBASE(0x5A9B090);
constexpr uintptr_t ClassDesc_SurfaceGui = REBASE(0x5AA2F10);
constexpr uintptr_t ClassDesc_TaskScheduler = REBASE(0x5A8E928);
constexpr uintptr_t ClassDesc_TeleportService = REBASE(0x5A950A0);
constexpr uintptr_t ClassDesc_TextBox = REBASE(0x5A95650);
constexpr uintptr_t ClassDesc_TextButton = REBASE(0x5A956A0);
constexpr uintptr_t ClassDesc_TextChatService = REBASE(0x5A956D0);
constexpr uintptr_t ClassDesc_TextLabel = REBASE(0x5A95770);
constexpr uintptr_t ClassDesc_Trail = REBASE(0x5A958A0);
constexpr uintptr_t ClassDesc_TweenService = REBASE(0x5A95910);
constexpr uintptr_t ClassDesc_UICorner = REBASE(0x5AA3B40);
constexpr uintptr_t LuaO_nilobject = REBASE(0x5872A90);
constexpr uintptr_t luatype_number = REBASE(0x5880A51);
constexpr uintptr_t luatype_nil = REBASE(0x60A9F0F);
constexpr uintptr_t luatype_boolean = REBASE(0x58A6301);
constexpr uintptr_t luatype_vector = REBASE(0x612037C);
constexpr uintptr_t luatype_userdata = REBASE(0x618FEE6);
constexpr uintptr_t luatype_thread = REBASE(0x5873A16);
constexpr uintptr_t luatype_table = REBASE(0x587AEEB);
constexpr uintptr_t luatype_string = REBASE(0x5886126);
constexpr uintptr_t CallInfo__SIZEOF = 0x28;
constexpr uintptr_t CallInfo__base = 0x0;
constexpr uintptr_t CallInfo__flags = 0x20;
constexpr uintptr_t CallInfo__func = 0x8;
constexpr uintptr_t CallInfo__nresults = 0x24;
constexpr uintptr_t CallInfo__top = 0x10;
constexpr uintptr_t CallInfo__savedpc = 0x18;
constexpr uintptr_t Closure__isC = 0x6;
constexpr uintptr_t CClosure__cont = 0x20;
constexpr uintptr_t CClosure__debugname = 0x28;
constexpr uintptr_t CClosure__f = 0x18;
constexpr uintptr_t CClosure__upvals = 0x30;
constexpr uintptr_t Closure__env = 0x10;
constexpr uintptr_t LClosure__uprefs = 0x20;
constexpr uintptr_t Closure__nupvalues = 0x7;
constexpr uintptr_t Closure__preload = 0x9;
constexpr uintptr_t Closure__stacksize = 0x8;
constexpr uintptr_t LClosure__p = 0x18;
constexpr uintptr_t GCheader__tt = 0x0;
constexpr uintptr_t GCheader__marked = 0x1;
constexpr uintptr_t GCheader__memcat = 0x2;
constexpr uintptr_t global_State__ud = 0x20;
constexpr uintptr_t global_State__frealloc = 0x18;
constexpr uintptr_t global_State__mainthread = 0xA8;
constexpr uintptr_t global_State__strt = 0x0;
constexpr uintptr_t global_State__uvhead = 0xB0;
constexpr uintptr_t global_State__totalbytes = 0xD0;
constexpr uintptr_t global_State__gcstate = 0xC8;
constexpr uintptr_t LuaNode__SIZEOF = 0x28;
constexpr uintptr_t LuaNode__val = 0x0;
constexpr uintptr_t LuaNode__next = 0x20;
constexpr uintptr_t LuaNode__key = 0x10;
constexpr uintptr_t Proto__nups = 0x5A;
constexpr uintptr_t Proto__p = 0x18;
constexpr uintptr_t Proto__debugname = 0x48;
constexpr uintptr_t Proto__sizecode = 0x60;
constexpr uintptr_t Proto__sizek = 0x58;
constexpr uintptr_t Proto__upvalues = 0x38;
constexpr uintptr_t Proto__code = 0x10;
constexpr uintptr_t Proto__source = 0x40;
constexpr uintptr_t Proto__abslineinfo = 0x28;
constexpr uintptr_t Proto__sizep = 0x64;
constexpr uintptr_t Proto__locvars = 0x30;
constexpr uintptr_t Proto__maxstacksize = 0x5D;
constexpr uintptr_t Proto__numparams = 0x5B;
constexpr uintptr_t Proto__is_vararg = 0x5C;
constexpr uintptr_t Proto__k = 0x8;
constexpr uintptr_t Proto__lineinfo = 0x20;
constexpr uintptr_t Proto__linedefined = 0x70;
constexpr uintptr_t Proto__gclist = 0x78;
constexpr uintptr_t Proto__typeinfo = 0x80;
constexpr uintptr_t lua_State__stacksize = 0x30;
constexpr uintptr_t lua_State__stack = 0x28;
constexpr uintptr_t lua_State__openupval = 0x50;
constexpr uintptr_t lua_State__namecall = 0x60;
constexpr uintptr_t lua_State__gt = 0x48;
constexpr uintptr_t lua_State__status = 0x37;
constexpr uintptr_t lua_State__top = 0x8;
constexpr uintptr_t lua_State__userdata = 0x68;
constexpr uintptr_t lua_State__global = 0x18;
constexpr uintptr_t lua_State__ci = 0x20;
constexpr uintptr_t lua_State__base = 0x10;
constexpr uintptr_t lua_State__stackstate = 0x34;
constexpr uintptr_t lua_State__activememcat = 0x36;
constexpr uintptr_t lua_State__gclist = 0x58;
constexpr uintptr_t lua_State__singlestep = 0x38;
constexpr uintptr_t lua_State__initializedk = 0x40;
constexpr uintptr_t LUA_OK = 0x0;
constexpr uintptr_t LUA_YIELD = 0x1;
constexpr uintptr_t LUA_ERRSYNTAX = 0x3;
constexpr uintptr_t LUA_ERRRUN = 0x2;
constexpr uintptr_t LUA_ERRMEM = 0x4;
constexpr uintptr_t LUA_ERRERR = 0x5;
constexpr uintptr_t LUA_BREAK = 0x6;
constexpr uintptr_t TString__atom = 0x10;
constexpr uintptr_t TString__data = 0x18;
constexpr uintptr_t TString__len = 0x8;
constexpr uintptr_t TString__hash = 0xC;
constexpr uintptr_t TValue__SIZEOF = 0x10;
constexpr uintptr_t TValue__tt = 0xC;
constexpr uintptr_t TValue__value = 0x0;
constexpr uintptr_t TValue__extra = 0x8;
constexpr uintptr_t Table__lsizenode = 0x4;
constexpr uintptr_t Table__metatable = 0x8;
constexpr uintptr_t Table__node = 0x18;
constexpr uintptr_t Table__readonly = 0x7;
constexpr uintptr_t Table__sizearray = 0x20;
constexpr uintptr_t Table__nodemask8 = 0x5;
constexpr uintptr_t Table__array = 0x10;
constexpr uintptr_t Table__flags = 0x6;
constexpr uintptr_t Table__nextgclist = 0x28;
constexpr uintptr_t LUA_TTABLE = 0x6;
constexpr uintptr_t LUA_TSTRING = 0x5;
constexpr uintptr_t LUA_TPROTO = 0xB;
constexpr uintptr_t LUA_TFUNCTION = 0x7;
constexpr uintptr_t LUA_TDEADKEY = 0xD;
constexpr uintptr_t LUA_TBUFFER = 0xA;
constexpr uintptr_t LUA_TBOOLEAN = 0x1;
constexpr uintptr_t LUA_TNUMBER = 0x3;
constexpr uintptr_t LUA_TLIGHTUSERDATA = 0x2;
constexpr uintptr_t LUA_TNIL = 0x0;
constexpr uintptr_t LUA_TVECTOR = 0x4;
constexpr uintptr_t LUA_TUSERDATA = 0x8;
constexpr uintptr_t LUA_TUPVAL = 0xC;
constexpr uintptr_t LUA_TTHREAD = 0x9;
constexpr uintptr_t UpVal__u_value = 0x18;
constexpr uintptr_t UpVal__u_open_next = 0x18;
constexpr uintptr_t UpVal__v = 0x8;
constexpr uintptr_t UpVal__u_open_touched = 0x20;
constexpr uintptr_t IDENTITY_ROBLOX = 0x2;
constexpr uintptr_t IDENTITY_REPLICATOR = 0x4;
constexpr uintptr_t IDENTITY_FULL = 0x8;
constexpr uintptr_t IDENTITY_COM_SCRIPT = 0x3;
constexpr uintptr_t IDENTITY_CMD_BAR = 0x7;
constexpr uintptr_t IDENTITY_GAME = 0x0;
constexpr uintptr_t IDENTITY_PLAYER = 0x1;
constexpr uintptr_t IDENTITY_PLUGIN = 0x5;
constexpr uintptr_t ExtraSpace__Identity = 0x30;
constexpr uintptr_t ExtraSpace__ContextLevel = 0x38;
constexpr uintptr_t ExtraSpace__Capabilities = 0x48;
constexpr uintptr_t ExtraSpace__ThreadType = 0x3C;
constexpr uintptr_t ExtraSpace__Script = 0x50;
constexpr uintptr_t ExtraSpace__SharedTable = 0x58;
constexpr uintptr_t ExtraSpace__Scheduler = 0x40;
constexpr uintptr_t RblxStr_StarterPlayer = REBASE(0x61C10C0);
constexpr uintptr_t RblxStr_TaskScheduler = REBASE(0x60967C0);
constexpr uintptr_t RblxStr_TweenService = REBASE(0x6096760);
constexpr uintptr_t RblxStr_Workspace = REBASE(0x6096838);
constexpr uintptr_t RblxStr_StarterGui = REBASE(0x6096790);
constexpr uintptr_t RblxStr_ServerStorage = REBASE(0x61C4038);
constexpr uintptr_t RblxStr_CollectionService = REBASE(0x60962C8);
constexpr uintptr_t RblxStr_DataModel = REBASE(0x5DF3A18);
constexpr uintptr_t RblxStr_DataStoreService = REBASE(0x61C28D0);
constexpr uintptr_t RblxStr_ReplicatedStorage = REBASE(0x61C4060);
constexpr uintptr_t RblxStr_ScriptContext = REBASE(0x60A26F8);
constexpr uintptr_t RblxStr_ServerScriptService = REBASE(0x61C1F50);
constexpr uintptr_t RblxStr_RunService = REBASE(0x6096598);
constexpr uintptr_t rt_rawset = REBASE(0x62B9B50);
constexpr uintptr_t rt_require = REBASE(0x61874E4);
constexpr uintptr_t rt_script = REBASE(0x6090E50);
constexpr uintptr_t rt_setmetatable = REBASE(0x62B9BB0);
constexpr uintptr_t rt_shared = REBASE(0x6186B80);
constexpr uintptr_t rt_table_lib = REBASE(0x587AEEB);
constexpr uintptr_t rt_task = REBASE(0x6095698);
constexpr uintptr_t rt_tonumber = REBASE(0x62B9BA0);
constexpr uintptr_t rt_typeof = REBASE(0x619067C);
constexpr uintptr_t rt_utf8 = REBASE(0x6342260);
constexpr uintptr_t rt_warn = REBASE(0x618F900);
constexpr uintptr_t rt_workspace = REBASE(0x60DD428);
constexpr uintptr_t rt_xpcall = REBASE(0x63423F4);
constexpr uintptr_t rt_bit32 = REBASE(0x62B9B10);
constexpr uintptr_t rt_coroutine = REBASE(0x6187F4A);
constexpr uintptr_t rt_error = REBASE(0x5875C44);
constexpr uintptr_t rt_getmetatable = REBASE(0x62B9B88);
constexpr uintptr_t rt_loadstring = REBASE(0x618F918);
constexpr uintptr_t rt_math_lib = REBASE(0x62B97C4);
constexpr uintptr_t rt_pcall = REBASE(0x618F938);
constexpr uintptr_t rt_rawget = REBASE(0x62B9B6C);
constexpr uintptr_t Byfron_TextEncrypted = 0x1;
constexpr uintptr_t GlobPtr_0x01B61CE0 = REBASE(0x1B61CE0);
constexpr uintptr_t GlobPtr_0x01B22390 = REBASE(0x1B22390);
constexpr uintptr_t GlobPtr_0x01B1DFE0 = REBASE(0x1B1DFE0);
constexpr uintptr_t GlobPtr_0x0197D240 = REBASE(0x197D240);
constexpr uintptr_t GlobPtr_0x008E4240 = REBASE(0x8E4240);
constexpr uintptr_t GlobPtr_0x008DDD70 = REBASE(0x8DDD70);
constexpr uintptr_t GlobPtr_0x008DDB70 = REBASE(0x8DDB70);
constexpr uintptr_t GlobPtr_0x008DDA00 = REBASE(0x8DDA00);
constexpr uintptr_t GlobPtr_0x008C3240 = REBASE(0x8C3240);
constexpr uintptr_t lua_settable = REBASE(0x701640);
constexpr uintptr_t sig_luaD_pcall = REBASE(0x6D3D80);
constexpr uintptr_t sig_luaH_getstr = REBASE(0x6FD800);
constexpr uintptr_t sig_luaD_call = REBASE(0x24F1310);
constexpr uintptr_t sig_luaH_get = REBASE(0x6FDC20);
constexpr uintptr_t sig_luaS_newlstr = REBASE(0x54721C0);
constexpr uintptr_t sig_luaF_newLclosure = REBASE(0x226FFB0);
constexpr uintptr_t sig_lua_tostring = REBASE(0x42A82D0);
constexpr uintptr_t luau_load = REBASE(0x6DF030);
constexpr uintptr_t rbx_taskscheduler = REBASE(0xA53C10);
constexpr uintptr_t xref_hot_0x047B6E30 = REBASE(0x47B6E30);
constexpr uintptr_t xref_hot_0x0548A8A0 = REBASE(0x548A8A0);
constexpr uintptr_t xref_hot_0x047DC3B0 = REBASE(0x47DC3B0);
constexpr uintptr_t xref_hot_0x00009320 = REBASE(0x9320);
constexpr uintptr_t xref_hot_0x006D3A50 = REBASE(0x6D3A50);
constexpr uintptr_t xref_hot_0x05450F0C = REBASE(0x5450F0C);
constexpr uintptr_t xref_hot_0x006FC9E0 = REBASE(0x6FC9E0);
constexpr uintptr_t xref_hot_0x006FCF90 = REBASE(0x6FCF90);
constexpr uintptr_t xref_hot_0x0546FBB4 = REBASE(0x546FBB4);
constexpr uintptr_t xref_hot_0x007012C0 = REBASE(0x7012C0);
constexpr uintptr_t xref_hot_0x0070A680 = REBASE(0x70A680);
constexpr uintptr_t xref_hot_0x0070C570 = REBASE(0x70C570);
constexpr uintptr_t xref_hot_0x0072FCE0 = REBASE(0x72FCE0);
constexpr uintptr_t xref_hot_0x00776850 = REBASE(0x776850);
constexpr uintptr_t xref_hot_0x0549C520 = REBASE(0x549C520);
constexpr uintptr_t xref_hot_0x008DC910 = REBASE(0x8DC910);
constexpr uintptr_t xref_hot_0x01B2FE40 = REBASE(0x1B2FE40);
constexpr uintptr_t xref_hot_0x04759FC0 = REBASE(0x4759FC0);
constexpr uintptr_t xref_hot_0x0475A0D0 = REBASE(0x475A0D0);
constexpr uintptr_t xref_hot_0x047CA400 = REBASE(0x47CA400);
constexpr uintptr_t xref_hot_0x047D85B0 = REBASE(0x47D85B0);
constexpr uintptr_t xref_hot_0x047D8BC0 = REBASE(0x47D8BC0);
constexpr uintptr_t xref_hot_0x047D9740 = REBASE(0x47D9740);
constexpr uintptr_t xref_hot_0x047D9930 = REBASE(0x47D9930);
constexpr uintptr_t xref_hot_0x047F2730 = REBASE(0x47F2730);
constexpr uintptr_t xref_hot_0x006D3DE0 = REBASE(0x6D3DE0);
constexpr uintptr_t xref_hot_0x006FD930 = REBASE(0x6FD930);
constexpr uintptr_t xref_hot_0x04178640 = REBASE(0x4178640);
constexpr uintptr_t xref_hot_0x0073EEE0 = REBASE(0x73EEE0);
constexpr uintptr_t xref_hot_0x047BA1C0 = REBASE(0x47BA1C0);
constexpr uintptr_t xref_hot_0x041B0AE0 = REBASE(0x41B0AE0);
constexpr uintptr_t xref_hot_0x042A29A0 = REBASE(0x42A29A0);
constexpr uintptr_t xref_hot_0x047D8A50 = REBASE(0x47D8A50);
constexpr uintptr_t xref_hot_0x042A8140 = REBASE(0x42A8140);
constexpr uintptr_t xref_hot_0x042A8EF0 = REBASE(0x42A8EF0);
constexpr uintptr_t xref_hot_0x046CDDB0 = REBASE(0x46CDDB0);
constexpr uintptr_t xref_hot_0x00709550 = REBASE(0x709550);
constexpr uintptr_t xref_hot_0x046E70B0 = REBASE(0x46E70B0);
constexpr uintptr_t xref_hot_0x048045C0 = REBASE(0x48045C0);
constexpr uintptr_t xref_hot_0x0084A750 = REBASE(0x84A750);
constexpr uintptr_t xref_hot_0x04819350 = REBASE(0x4819350);
constexpr uintptr_t xref_hot_0x046FB490 = REBASE(0x46FB490);
constexpr uintptr_t xref_hot_0x05450F50 = REBASE(0x5450F50);
constexpr uintptr_t xref_hot_0x05451BDC = REBASE(0x5451BDC);
constexpr uintptr_t xref_hot_0x05453068 = REBASE(0x5453068);
constexpr uintptr_t xref_hot_0x00F16580 = REBASE(0xF16580);
constexpr uintptr_t xref_hot_0x00708F30 = REBASE(0x708F30);
constexpr uintptr_t xref_hot_0x04804AC0 = REBASE(0x4804AC0);Важное для тех, кто в теме:
- Обязательно юзайте REBASE() макрос, иначе ASLR вас просто уничтожит при первом же инжекте.
- Все оффсеты актуальны сугубо для v668. После обновления клиента всё улетит в детекты или краши.
- Тестилось на Windows 10/11 x64, проблем с доступом к памяти не возникало.
Class Descriptors: 102
Lua VM Structures: 80
Runtime Strings: 45
Global Pointers: 67
Misc Constants: 112
ИТОГО: 406
Lua VM Structures: 80
Runtime Strings: 45
Global Pointers: 67
Misc Constants: 112
ИТОГО: 406
Линк на актуальный хедер:
Пожалуйста, авторизуйтесь для просмотра ссылки.
Кто уже пробовал на этой версии пробраться в Luau VM, отпишитесь, нет ли проблем с релокацией у вас?
