Hacking: possible to unpack APK file and read DECOMPILED LUA source code ?

Solar2D General Questions/Discussion
#1

Hi,

I read on the net that it’s easy to unpack an APK file, then find COMPILED LUAC files, then use luadec to decompile theses files, and so having FULL access to the LUA original source files of the project !!!

So if i put my corona game on the google play store, then it’s possible for a hacker to READ not only ressource and executable files of my project, but also the real DECOMPILED LUA files ??

Please, is it true ?

If i have something like that in my code :
 

local KEY\_HASH = "hack3rs\_sucks!" local MY\_DATA\_TO\_PROTECT = "money:$400" local CRYPT\_RESULT = crypto.digest( crypto.sha256, KEY\_HASH..MY\_DATA\_TO\_PROTECT)

So a hacker can “easily” READ my decompiled code, so know my KEY_HASH variable and then is able to RECREATE it’s own CRYPT_RESULT ?
Please, yes or no ?

if yes, so there is no need to use crypto.sha256 or something like that, if it’s possible to read my original LUA source code, right ?

#2

Yes, this is basically true for all APKs from all sources.

#3

and with a jailbreaked iphone, is it possible to access to the decompiled LUA files too on iOS ?

thx

#4

Jailbroken iPhones?  I don’t know.   I suppose so.  If someone wants to crack your game they will.  Period.

You’ve got to not worry about this.  It is something you can’t stop or resolve.  Anyone who tells you otherwise is full of it.

I’ve had everything I’ve ever made cracked or copied at some point:

  • Both my physical books copied and converted PDFs within a month. 1, 2
  • My games on GooglePlay and Amazon.
  • I even had a couple of bozos steal and re-sell my templates on chupamobile

This is the nature of the world we live in. Losers with no morals or ethics will steal to make money because they are scum with excuses.  (You can tell I love them.)

That said, what can you do?  Just make good games, update them regularly, or don’t do it for profit.  Do it for the fun instead.  

Note: If you’re new it is my FIRM opinion, you should not think about making money, but do it to learn and have fun.

Save making money for when you’re experienced.

#5

Yes, this is basically true for all APKs from all sources.

#6

and with a jailbreaked iphone, is it possible to access to the decompiled LUA files too on iOS ?

thx

#7

Jailbroken iPhones?  I don’t know.   I suppose so.  If someone wants to crack your game they will.  Period.

You’ve got to not worry about this.  It is something you can’t stop or resolve.  Anyone who tells you otherwise is full of it.

I’ve had everything I’ve ever made cracked or copied at some point:

  • Both my physical books copied and converted PDFs within a month. 1, 2
  • My games on GooglePlay and Amazon.
  • I even had a couple of bozos steal and re-sell my templates on chupamobile

This is the nature of the world we live in. Losers with no morals or ethics will steal to make money because they are scum with excuses.  (You can tell I love them.)

That said, what can you do?  Just make good games, update them regularly, or don’t do it for profit.  Do it for the fun instead.  

Note: If you’re new it is my FIRM opinion, you should not think about making money, but do it to learn and have fun.

Save making money for when you’re experienced.