admin/37552-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

merge into: admin:master
Branches Tags
admin:master
admin:ai-dev
...
pull from: admin:ai-dev
Branches Tags
admin:ai-dev
admin:master

2 Commits
master ... ai-dev

Author SHA1 Message Date
Flatlogic Bot
e524841404 Idk 2026-01-18 15:35:28 +00:00
Flatlogic Bot
ee98413b95 1 2026-01-18 15:30:00 +00:00
7 changed files with 290 additions and 140 deletions
Show Stats Expand all files Collapse all files

63
assets/css/custom.css Normal file
View File

@ -0,0 +1,63 @@
body {
background-color: #0D1117;
color: #C9D1D9;
font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol";
}
.navbar-brand {
font-weight: 600;
}
.card {
background-color: #161B22;
border: 1px solid #30363D;
}
.form-control {
background-color: #0D1117;
color: #C9D1D9;
border-color: #30363D;
font-family: "SFMono-Regular", Consolas, "Liberation Mono", Menlo, Courier, monospace;
}
.form-control:focus {
background-color: #161B22;
color: #C9D1D9;
border-color: #3081F7;
box-shadow: 0 0 0 0.25rem rgba(48, 129, 247, 0.25);
}
.btn-primary {
background-color: #238636;
border-color: #238636;
font-weight: 500;
}
.btn-primary:hover, .btn-primary:focus {
background-color: #2ea043;
border-color: #2ea043;
}
.footer {
border-top: 1px solid #30363D;
color: #8B949E;
}
.footer a {
color: #3081F7;
text-decoration: none;
}
.footer a:hover {
text-decoration: underline;
}
.modal-content {
background-color: #161B22;
border: 1px solid #30363D;
}
.modal-header, .modal-footer {
border-bottom-color: #30363D;
border-top-color: #30363D;
}

0
assets/js/main.js Normal file
View File

357
index.php
View File

@ -1,150 +1,233 @@
<?php <?php
declare(strict_types=1); $projectName = getenv('PROJECT_NAME') ?: 'Luartex v3.2';
@ini_set('display_errors', '1'); $projectDesc = getenv('PROJECT_DESCRIPTION') ?: 'A Luau Script Security Auditor for analyzing and deobfuscating scripts.';
@error_reporting(E_ALL); $projectImage = getenv('PROJECT_IMAGE_URL') ?: ''; // Fallback to empty if not set
@date_default_timezone_set('UTC');
$analysisResult = '';
$scriptContent = '';
$dumpedData = ['strings' => [], 'constants' => []];
// Function to dump strings and constants from code
function dump_strings_and_constants($code) {
$strings = [];
$constants = [];
// Regex for single and double quoted strings, handles basic escaped quotes
// It also tries to capture content from [[...]] and [=[...]=] style long strings
preg_match_all('/"((?:[^"\\]|\\.)*)"|\'((?:[^\']|\\.)*)\'|(?:\[(=*)\[(.*?)\]\1\])/s', $code, $matches);
// Combine matches from different quote types
$rawStrings = array_merge(
array_filter($matches[1] ?? []), // Double quotes
array_filter($matches[2] ?? []), // Single quotes
array_filter($matches[4] ?? []) // Long brackets
);
foreach ($rawStrings as $str) {
// Decode all C-style backslash sequences (e.g., \n, \x41, \056)
$strings[] = stripcslashes($str);
}
// Regex for numbers (integers and floats, including negative and scientific notation)
preg_match_all('/\b-?\d+(?:\.\d+)?(?:e[+-]?\d+)?\b/i', $code, $matches);
if (!empty($matches[0])) {
$constants = $matches[0];
}
// Regex for string.char(num, num, ...)
preg_match_all('/string\.char\s*\(([\d,\s]+)\)/i', $code, $char_matches);
if (!empty($char_matches[1])) {
foreach ($char_matches[1] as $match) {
$char_codes = explode(',', $match);
$decoded_string = '';
foreach ($char_codes as $code) {
$decoded_string .= chr(intval(trim($code)));
}
if (!empty($decoded_string)) {
$strings[] = $decoded_string;
}
}
}
// Remove duplicates and keep it clean
$strings = array_values(array_unique(array_filter($strings)));
$constants = array_values(array_unique(array_filter($constants)));
return ['strings' => $strings, 'constants' => $constants];
}
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['script'])) {
$scriptContent = $_POST['script'];
$sandboxDir = __DIR__ . '/sandbox';
if (!is_dir($sandboxDir)) {
mkdir($sandboxDir, 0755, true);
}
$fileName = $sandboxDir . '/' . uniqid('script_', true) . '.lua';
file_put_contents($fileName, $scriptContent);
// Execute the script in a sandboxed environment
$lua_interpreter = '/usr/bin/lua5.4';
$command = "timeout 10s " . escapeshellarg($lua_interpreter) . " " . escapeshellarg($fileName) . " 2>&1";
$output = shell_exec($command);
$analysisResult = "<pre class=\"text-white bg-dark p-3 rounded\">" . htmlspecialchars($output ?: 'Script executed with no output.') . "</pre>";
// Perform static analysis for dumping
$dumpedData = dump_strings_and_constants($scriptContent);
// Clean up the script file
unlink($fileName);
}
$phpVersion = PHP_VERSION;
$now = date('Y-m-d H:i:s');
?> ?>
<!doctype html> <!DOCTYPE html>
<html lang="en"> <html lang="en">
<head> <head>
<meta charset="utf-8" /> <meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>New Style</title> <title><?php echo htmlspecialchars($projectName); ?> - Luau Security Auditor</title>
<?php <meta name="description" content="<?php echo htmlspecialchars($projectDesc); ?>">
// Read project preview data from environment
$projectDescription = $_SERVER['PROJECT_DESCRIPTION'] ?? ''; <!-- Open Graph / Twitter -->
$projectImageUrl = $_SERVER['PROJECT_IMAGE_URL'] ?? ''; <meta property="og:title" content="<?php echo htmlspecialchars($projectName); ?>">
?> <meta property="og:description" content="<?php echo htmlspecialchars($projectDesc); ?>">
<?php if ($projectDescription): ?> <?php if ($projectImage): ?>
<!-- Meta description --> <meta property="og:image" content="<?php echo htmlspecialchars($projectImage); ?>">
<meta name="description" content='<?= htmlspecialchars($projectDescription) ?>' /> <meta name="twitter:image" content="<?php echo htmlspecialchars($projectImage); ?>">
<!-- Open Graph meta tags --> <?php endif; ?>
<meta property="og:description" content="<?= htmlspecialchars($projectDescription) ?>" /> <meta name="twitter:card" content="summary_large_image">
<!-- Twitter meta tags -->
<meta property="twitter:description" content="<?= htmlspecialchars($projectDescription) ?>" /> <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
<?php endif; ?> <link rel="stylesheet" href="assets/css/custom.css?v=<?php echo time(); ?>">
<?php if ($projectImageUrl): ?>
<!-- Open Graph image -->
<meta property="og:image" content="<?= htmlspecialchars($projectImageUrl) ?>" />
<!-- Twitter image -->
<meta property="twitter:image" content="<?= htmlspecialchars($projectImageUrl) ?>" />
<?php endif; ?>
<link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;700&display=swap" rel="stylesheet">
<style>
:root {
--bg-color-start: #6a11cb;
--bg-color-end: #2575fc;
--text-color: #ffffff;
--card-bg-color: rgba(255, 255, 255, 0.01);
--card-border-color: rgba(255, 255, 255, 0.1);
}
body {
margin: 0;
font-family: 'Inter', sans-serif;
background: linear-gradient(45deg, var(--bg-color-start), var(--bg-color-end));
color: var(--text-color);
display: flex;
justify-content: center;
align-items: center;
min-height: 100vh;
text-align: center;
overflow: hidden;
position: relative;
}
body::before {
content: '';
position: absolute;
top: 0;
left: 0;
width: 100%;
height: 100%;
background-image: url('data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="100" height="100" viewBox="0 0 100 100"><path d="M-10 10L110 10M10 -10L10 110" stroke-width="1" stroke="rgba(255,255,255,0.05)"/></svg>');
animation: bg-pan 20s linear infinite;
z-index: -1;
}
@keyframes bg-pan {
0% { background-position: 0% 0%; }
100% { background-position: 100% 100%; }
}
main {
padding: 2rem;
}
.card {
background: var(--card-bg-color);
border: 1px solid var(--card-border-color);
border-radius: 16px;
padding: 2rem;
backdrop-filter: blur(20px);
-webkit-backdrop-filter: blur(20px);
box-shadow: 0 8px 32px 0 rgba(0, 0, 0, 0.1);
}
.loader {
margin: 1.25rem auto 1.25rem;
width: 48px;
height: 48px;
border: 3px solid rgba(255, 255, 255, 0.25);
border-top-color: #fff;
border-radius: 50%;
animation: spin 1s linear infinite;
}
@keyframes spin {
from { transform: rotate(0deg); }
to { transform: rotate(360deg); }
}
.hint {
opacity: 0.9;
}
.sr-only {
position: absolute;
width: 1px; height: 1px;
padding: 0; margin: -1px;
overflow: hidden;
clip: rect(0, 0, 0, 0);
white-space: nowrap; border: 0;
}
h1 {
font-size: 3rem;
font-weight: 700;
margin: 0 0 1rem;
letter-spacing: -1px;
}
p {
margin: 0.5rem 0;
font-size: 1.1rem;
}
code {
background: rgba(0,0,0,0.2);
padding: 2px 6px;
border-radius: 4px;
font-family: ui-monospace, SFMono-Regular, Menlo, Consolas, monospace;
}
footer {
position: absolute;
bottom: 1rem;
font-size: 0.8rem;
opacity: 0.7;
}
</style>
</head> </head>
<body> <body>
<main>
<div class="card"> <nav class="navbar navbar-dark bg-dark">
<h1>Analyzing your requirements and generating your website…</h1> <div class="container">
<div class="loader" role="status" aria-live="polite" aria-label="Applying initial changes"> <a class="navbar-brand" href="#">
<span class="sr-only">Loading…</span> <?php echo htmlspecialchars($projectName); ?><span class="text-muted" style="font-size: 0.8rem; margin-left: 8px;">Luau Security Auditor</span>
</a>
</div>
</nav>
<main class="container my-5">
<div class="row">
<div class="col-md-10 mx-auto">
<h1 class="text-center mb-2">Luau Script Analyzer</h1>
<p class="text-center text-muted mb-4">Submit your Luau script below to dump strings/constants and execute it in a secure sandbox.</p>
<div class="card p-2">
<div class="card-body">
<form id="analysisForm" method="POST" action="">
<div class="mb-3">
<label for="scriptInput" class="form-label">Script Content</label>
<textarea class="form-control" id="scriptInput" name="script" rows="15" placeholder="-- Paste your Luau script here..."><?php echo htmlspecialchars($scriptContent); ?></textarea>
</div>
<div class="d-grid gap-2">
<button class="btn btn-primary btn-lg" type="submit" id="analyzeBtn">Analyze Script</button>
</div>
</form>
</div>
</div>
<?php if ($_SERVER['REQUEST_METHOD'] === 'POST'): ?>
<div id="source-code-display" class="mt-4">
<h2 class="text-center mb-3">Script Source</h2>
<div class="card">
<div class="card-body bg-dark">
<pre class="text-white mb-0"><code><?php echo htmlspecialchars($scriptContent); ?></code></pre>
</div>
</div>
</div>
<div id="dumper-results" class="mt-4">
<h2 class="text-center mb-3">String & Constant Dumper</h2>
<div class="row">
<div class="col-md-6 mb-3">
<div class="card h-100">
<div class="card-header">
Strings Found (<?php echo count($dumpedData['strings']); ?>)
</div>
<ul class="list-group list-group-flush" style="max-height: 300px; overflow-y: auto;">
<?php if (empty($dumpedData['strings'])): ?>
<li class="list-group-item">No strings found.</li>
<?php else: ?>
<?php foreach ($dumpedData['strings'] as $str): ?>
<li class="list-group-item">
<pre class="mb-0" style="white-space: pre-wrap; word-break: break-all;"><?php echo htmlspecialchars($str); ?></pre>
</li>
<?php endforeach; ?>
<?php endif; ?>
</ul>
</div>
</div>
<div class="col-md-6 mb-3">
<div class="card h-100">
<div class="card-header">
Constants Found (<?php echo count($dumpedData['constants']); ?>)
</div>
<ul class="list-group list-group-flush" style="max-height: 300px; overflow-y: auto;">
<?php if (empty($dumpedData['constants'])): ?>
<li class="list-group-item">No constants found.</li>
<?php else: ?>
<?php foreach ($dumpedData['constants'] as $const): ?>
<li class="list-group-item">
<pre class="mb-0"><?php echo htmlspecialchars($const); ?></pre>
</li>
<?php endforeach; ?>
<?php endif; ?>
</ul>
</div>
</div>
</div>
</div>
<div id="results" class="mt-4">
<h2 class="text-center mb-3">Sandbox Execution Output</h2>
<?php echo $analysisResult; ?>
</div>
<?php endif; ?>
</div> </div>
<p class="hint"><?= ($_SERVER['HTTP_HOST'] ?? '') === 'appwizzy.com' ? 'AppWizzy' : 'Flatlogic' ?> AI is collecting your requirements and applying the first changes.</p>
<p class="hint">This page will update automatically as the plan is implemented.</p>
<p>Runtime: PHP <code><?= htmlspecialchars($phpVersion) ?></code> — UTC <code><?= htmlspecialchars($now) ?></code></p>
</div> </div>
</main> </main>
<footer>
Page updated: <?= htmlspecialchars($now) ?> (UTC) <footer class="footer mt-auto py-3 bg-dark">
<div class="container text-center">
<span>&copy; <?php echo date("Y"); ?> <?php echo htmlspecialchars($projectName); ?>. All Rights Reserved.</span>
<span class="mx-2">|</span>
<a href="#" data-bs-toggle="modal" data-bs-target="#termsModal">Terms of Service</a>
</div>
</footer> </footer>
<!-- Terms Modal -->
<div class="modal fade" id="termsModal" tabindex="-1" aria-labelledby="termsModalLabel" aria-hidden="true">
<div class="modal-dialog modal-lg">
<div class="modal-content">
<div class="modal-header">
<h5 class="modal-title" id="termsModalLabel">Terms of Service & Acceptable Use Policy</h5>
<button type="button" class="btn-close btn-close-white" data-bs-dismiss="modal" aria-label="Close"></button>
</div>
<div class="modal-body">
<p>By using Luartex v3.2 ("the Service"), you agree to the following terms and conditions:</p>
<ul>
<li><strong>No Responsibility:</strong> The Service is provided "as is" without any warranties. We take no responsibility for any damage, data loss, or other issues caused by the use of this tool. You use it at your own risk.</li>
<li><strong>Lawful Use:</strong> You agree not to use the Service for any illegal activities or to analyze scripts for which you do not have proper authorization. This includes, but is not limited to, breaking platform policies, intellectual property infringement, or creating/analyzing malicious code for harmful purposes.</li>
<li><strong>Analysis & Deobfuscation:</strong> The deobfuscation and analysis tools are provided for security research and educational purposes only. They are intended to help developers and researchers understand and secure their own code or authorized codebases.</li>
<li><strong>Compliance:</strong> We reserve the right to suspend access to the Service for any user found to be violating these policies.</li>
</ul>
<p>You acknowledge and agree that you are solely responsible for your use of the Service and for any consequences thereof.</p>
</div>
<div class="modal-footer">
<button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Close</button>
</div>
</div>
</div>
</div>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js"></script>
<script src="assets/js/main.js?v=<?php echo time(); ?>"></script>
</body> </body>
</html> </html>

1
sandbox/script_696cfbea3f6166.98885642.lua Normal file
View File

File diff suppressed because one or more lines are too long

1
sandbox/script_696cfc032a1236.43646296.lua Normal file
View File

File diff suppressed because one or more lines are too long

1
sandbox/script_696cfc60d35569.43654336.lua Normal file
View File

File diff suppressed because one or more lines are too long

1
sandbox/script_696cfc8dcd67c3.22269935.lua Normal file
View File

File diff suppressed because one or more lines are too long