FiveMCipherFinder 2.5.0

Finds Cipher in lua scripts.

FivemCipherFinder (v2.5.0)

Visitors

• Installation
• Usage
• Troubleshooting
• Contributing
• Todo
• Contact

FivemCipherFinder is a tool designed to assist in the removal of Ciphers from your scripts. It is a console-based tool that can be used by anyone, regardless of their coding experience. The main purpose of FivemCipherFinder is to find and identify Ciphers in your script files.

Installation

To install FivemCipherFinder, follow these steps:

1. Make sure you have Python 3.8 or above installed on your system. If not, you can download the latest version of Python from the official website here.

2. Open your command prompt or terminal and run the following command to install FivemCipherFinder using pip:

   pip install FivemCipherFinder
   

   Alternatively, you can download the latest release of FivemCipherFinder from the GitHub repository here and unpack it manually.

   Note: If you are using a Windows-based system, make sure you have added Python to your environment variables. You can test this by typing python --version into your command prompt or terminal. If Python is not recognized, you may need to add it to your system's PATH variable. You can find instructions on how to do this here.

3. Once installed, you can use the find-cipher command in your server's resources directory to start using FivemCipherFinder.

Usage

To use FivemCipherFinder, you can run the find-cipher command with various options. Here are the available options:

• -p|--path: Redirect the search from the current path . to another one.
• -x|--exclude: Exclude paths that you don't want to scan.
• -n|--no-log: Prevents the creation of a log file.
• -v|--verbose: Show the found ciphers in the console as soon as they are found.
• --v2: Enable the gibberish search mode, which can detect ciphers like local fjdlsajfdsancu = ....
• --no-del: Don't remove the training file.
• --plug-dir: Specify a Plugin directory. See the plugins directory for further information. Keep in mind, that the Script needs to be able to access the choosen directory.
• -w|--no-wizard: Don't run the eraser wizard after the program ran.

Example Command: find-cipher -v --plug-dir ~/cipherfinderPlugins

You can run the find-cipher command in your server's resources folder, or you can specify a different folder by providing the path as an argument. For example:

find-cipher -p ~/FiveM/server-data/resources

If you are having trouble with returning ciphers in your script, you can try using the --v2 flag to enable the gibberish search mode. For example:

find-cipher . --v2 cars,mlos

In the above example, the directories cars and mlos are excluded from the search to prevent false positives. Make sure to add a backslash \ before curly and square brackets to avoid errors in the terminal.

FivemCipherFinder logs the found ciphers in a file named CipherLog-HH-MM-SS.txt, making it easy to review the results.

Keep in mind

• The CipherFinder can't find 100% of maybe placed ciphers.
• Should you use a Code Formatter, it's possible when you use the Eraser function, that your scripts can fail to start because of syntax errors.
• Cipher spreader can hide everywhere, consider reinstalling yarn and webpack, also make sure you changed your default ports like ssh and rdp.

Troubleshooting

If you encounter any issues with FivemCipherFinder, here are some troubleshooting steps you can follow:

1. Read the error or warning message carefully to understand the problem.

2. If you are installing FivemCipherFinder using pip and encounter the error code externally-managed-environment, try adding the --break-system-packages flag to the pip command. This is a change in pip's internals in newer versions.

3. On Windows, make sure that your Python scripts folder is added to your system's PATH variable. If the folder is missing, it will be shown as a warning during the pip installation. You can find instructions on how to add something to the PATH variable here.

Known False Positives

• EasyAdmin
• Encrypted/obfuscated scripts

Contributing

If you would like to contribute to FivemCipherFinder, you can open a pull request with your changes. The project has checks in place to ensure that the pull request passes without any issues. You can use the manual installation guide provided in the Installation section to set up the project locally.

Todo

• Detect cipher spreader
• Add deobfuscator for detected ciphers
• Find randomly generated character variable names

Contact

If you have any questions or need assistance with FivemCipherFinder, you can reach out on Discord:

• Discord: exersalza / exersalza[>'-']>#1337 | [DE/EN]

Feel free to contact me for any inquiries or support related to FivemCipherFinder.