Lua Decompiler ((exclusive))

A Lua decompiler is a tool used to reverse-engineer compiled Lua bytecode back into human-readable source code. Unlike lower-level languages like C++, Lua is an interpreted language, making the restoration of its original logic more feasible How Decompilation Works The process involves three primary stages: Bytecode Interpretation:

Several tools cater to different Lua versions and specific use cases: lua decompiler

Part 1: Understanding Lua Compilation

Before understanding decompilation, you must understand compilation. Unlike C or C++, Lua is not compiled to machine code. Instead, the standard Lua interpreter compiles source code into bytecode—a series of instructions for a virtual machine (the Lua VM). A Lua decompiler is a tool used to

2.2 Function Prototypes

A compiled Lua binary (a "chunk") is organized into a hierarchy of Prototypes. Each function in the source code corresponds to a prototype containing: Bytecode parser — reads the binary chunk header

Challenge 2: Register vs. Variable Mapping

Lua’s VM uses registers (fast, fixed slots), but source code uses local variables (named, scoped). The compiler maps variables to registers. A decompiler must reconstruct which registers hold which variables at which lines—and assign them unique names (local a, local temp_1). This is a form of live variable analysis.

Step 3: Run the decompiler.

Key components of a Lua decompiler

  1. Bytecode parser — reads the binary chunk header and instructions for the target Lua VM version.
  2. Constant pool extractor — recovers strings, numbers, booleans, and nested function prototypes.
  3. Instruction analyzer — interprets opcodes, operands, and VM semantics (registers, upvalues, stack).
  4. Control-flow reconstructor — converts jumps and labels into high-level control structures (if, while, for, repeat).
  5. Expression rewriter — rebuilds arithmetic, logical and table expressions from register operations.
  6. Variable and scope resolver — maps registers and upvalues back to local variable names and function parameters (usually synthesized).
  7. Pretty-printer — emits idiomatic Lua source with indentation, comments, and reconstructed function signatures.

unluac is considered the gold standard. It is a command-line tool that performs control-flow graph reconstruction.

2. LuaDec (The Legacy Standard)