I’m currently developing a resource that performs integrity checks on functions and natives within the FiveM and Lua environments. The script generates a SHA256 hash for each function/native and stores them in a table. This process is conducted on a clean installation of the software.
During runtime, the script compares the saved hashes against newly generated ones. If there’s a discrepancy, it indicates potential tampering.
However, I’ve encountered a challenge: the scheduler file differs across various server build numbers, leading to different hashes. Is there a method to identify which build number the scheduler has been updated for? This information would allow me to create separate tables for specific build numbers to ensure the hashes align correctly.
I’m assuming the hash verification is done serversided correct? I came here with absolutely zero answer, but 100% interest in this. I’ve made a post before asking about THIS EXACT THING. I’d be curious about the process…
we can see 2 tags, the leftmost being the latest build of fivem, and the right one being the build where the changes have been introduced in.
Now inside of a server-side resource you can get the current build number of the server, that has been saved in a convar GetConvar("version", "invalid")
this will return the entire build number, including the OS.
Hey @myjigga are you planning on releasing this at all, or are you planning on doing a tutorial? This is something that is near impossible to defeat even if people know how it works…servers can implement a player security level based on certain tamper results and deny some server interactions based on this very thing…would love to see some community contribution to a project like this…
