Ever wonder how much command-line logging actually sees or need to exfiltrate content under the radar? Turns out, there’s a pretty significant blind spot: shell functions.

Most CLI logging solutions capture the commands you type. For example: rm sensitive_file.txt gets logged. But they don’t catch what happens when rm isn’t actually the real rm binary anymore.

The Technique

You can override any command in your shell by defining a function with the same name. When you type rm, the shell checks functions first, then aliases, then binaries in $PATH. So if you define an rm() function, it takes precedence.

While poking around in the game files, I realized something hilarious: Supergiant Games literally left god mode in the shipping build of Hades II.

It doesn’t even require process or memory manipulation; it’s a fully functional SafeModeOn() function sitting right there in Debug.lua, just waiting to be called.

What It Does

When enabled, the function flips four flags:

function SafeModeOn()
    SessionState.SafeMode = true
    SessionState.BlockHeroDeath = true
    SessionState.BlockHeroDamage = true
    SessionState.UnlimitedMana = true
    DebugPrint({ Text = "Unlimited health and mana ON" })
end

So you get: