Anti-Backdoor / Anti Remote Code Execution script

I haven’t made a community resource before so I’ll start with this, a “unique” anti backdoor script.

I haven’t seen this method used before, but it deletes suspicious remotes (namely remotes added during runtime, which should always be avoidable)

It also deletes a certain script that people use to execute code.

local LoadStringModuleCheck = true -- RISK LEVEL IF MADE FALSE: High or Critical
local RuntimeRemoteAddedCheck = true -- RISK LEVEL IF MADE FALSE: Mid or High

local IsStudio = game:GetService("RunService"):IsStudio()

if not IsStudio then
	if RuntimeRemoteAddedCheck then
			if descendant:IsA("RemoteEvent") or descendant:IsA("RemoteFunction") then
			It's pretty much impossible to detect
			if a selected remote is a chat remote
			since people can just fake a chat rem
			It doesn't matter though because chat
			remotes can't be destroyed, you'll ju
			st have to deal with endless warn mes
			sages hence why this script will only
			work in non studio as to not spam the
			output. Feel free to remove the check
			but it will make it harder to debug e
	if LoadStringModuleCheck then
		for _, v in pairs(game:GetDescendants()) do
			if v.Name == "Loadstring" and v:IsA("ModuleScript") then
			if descendant.Name == "Loadstring" and descendant:IsA("ModuleScript") then
			I know you can just rename the
			loadstring module to whatever,
			but I haven't seen anyone do t
			hat before.

The first check is for runtime remotes, which like I said earlier should and (probably) is always avoidable.

The second check is for a loadstring module which is used to remotely execute code.

I made some comments in the code explaining stuff more in depth. Feel free to ask questions here too.


Is this a local script or a server script? Plus, exploits are client sided, and are usually not replicated to the server unless it has something to do with deleting something inside there character.

Server script, and this isn’t about exploiting, it’s about backdoors. Look up Roblox backdoors if you don’t know what I mean.

1 Like

This is kind of unnecessary if you don’t have any backdoors on your game… But I guess it works if you accidentally used a bad plugin.

Well, the point is to add it no matter what so if somebody tries to hide a backdoor from you, this will stop it from working, like how an antivirus on computers works.

1 Like

If someone tries to hide a backdoor from you they’ll delete the anti-backdoor script :joy:

This should be a plugin, not a script ran at runtime. Why keep the backdoor in the game if you can destroy it before its published?

Backdoors come in different shapes and sizes. You can use stuff like require() or LinkedSource or pretty much anything to hide a backdoor. But runtime is when the backdoor is used, so you can detect all backdoors.

I know security through obscurity isn’t the best, but this script is small and since scripts from a backdoor can’t detect the source of a script, there is no surefire way to tell if a script is an anti backdoor, and if it deletes scripts by name, you can just change the name to something random every time.

That’s why you scan require calls. There isn’t a ton people can do to hide backdoors that isn’t detectable.

Scanning require calls is not as easy as you think.

The main disadvantage is false positives, if it’s in a plugin looking through all the scripts.

You could make a plugin to add code at the beginning of a script that redefines require and LinkedSource but there’s so many ways to bypass that, like for starters just redefine them. I’m not saying this is foolproof at all, this was kinda just an excuse to help the community and add a resource, but yeah.

I did this as a unique way to detect backdoors during runtime because to my knowledge nobody has done this before. I am by no means saying this is a good way, you’re probably right about the runtime stuff. Infact you don’t need an anti backdoor, because Roblox prints all requires.

1 Like

Did you know that people use frameworks like Knit & AeroGameFramework?

These frameworks create remotes for you, so you don’t have to leave the coding environment to setup the whole network infrastructure yourself.

The method of runtime detection is interesting, but instead of deleting all new remotes, I would rather log them for developer approval. You could save them in a DataStore and let the developer whitelist remotes themselves.


You’re right, I didn’t think about that stuff as I rarely check out stuff made by the community. This was lazily made lol. I’ll think about trying to make this better or adding a non-runtime counterpart. I’ll implement what you said and some other things tomorrow. Thank you for your insight.

1 Like

Plus, if there was a backdoor, they’ll have access to the server… So that means they can just delete the anti-backdoor script??? Or most don’t even insert scripts they usually just disable them…

I’m sorry, I don’t get what you mean by insert scripts and disabling. Inserting scripts and disabling them are two very different things. A backdoor is only targeted towards you specifically for popular games and even then you could just change some properties when the game starts so there’s no way to find out what script is the anti backdoor script.

1 Like

Pretty Interesting Keep it up!