Anti dex, Core Gui?

Hey there!

I want to know how to detect when a new GUI / Descendant is added to core GUI’s…
I’ve searched everywhere, all over the internet, this is a problem I’ve faced for months now. I’ve tried lua game.coregui game:GetService("CoreGui") game.DecendantAdded Instance.New

Yes, I know devs can’t access core GUI but they do have the ability to know when a new item is added/Changed. People say that it’s “Impossible” and this is very wrong. I have seen multiple devs/games detect dex, even if it’s through Memory count. If you look through my inventory I have literally Evey anti-cheat on Roblox that’s free yet non-work against dex. I know plugins can access it so would it work if I made a plugin detect core GUI / dex?

Please let me know if you know how to do this, I’ve been stuck on this for months and could use the help. Have a great day!

3 Likes

If memory serves correctly, Dex puts instances in the Core GUI and nil (No parent/parented to nil) and that’s most of why it’s so extremely difficult to detect/fight against. The devs of Synapse would obviously do their best to update it and make it completely undetectable to the extent Roblox as a program (or injecting into Roblox) would allow, so if any anti-dex scripts were made, I wouldn’t be surprised if they worked around them quickly.

I think your best hope would be looking through nil/CoreGui to see if anything is added, since that’s the only real way to track it.

1 Like

Yes, that’s why I used descendant added, which would read everything in core GUI Parent or not, but the problem is it’s lacking permission. Do you know a script that can detect when client MB memory usage changes?

There is not really a point in detecting an explorer. Even if you did manage to do so, it would get bypassed quickly which would result into work for nothing. They can simply serialize your game and save it as XML. If you want to detect memory usage change, you would run into a lot of false positives

Yes it is unfortunate but its possible many people have anti dex that haven’t been bypassed such as strucid’s made by hazzelwood , and many others. I know some exploiters and non have been able to bypass it.

I wouldn’t be too worried about detecting guis being parented inside game.CoreGui, as most exploits don’t even use a LuaSourceContainer when executing their code.
Anyways, they can easily bypass your check.

In general there’s no need to have a client-side anti exploit as it can be removed by them regardless.

They can’t bypass it without dex…

1 Like

They can bypass your script by simply destroying it. All it takes is a little trial and error to find out where the script is located. Finding and destroying it would likely be pretty easy. Exploiters are also able to read anything that is on the client, such as Module and LocalScripts,

Frankly, I wouldn’t worry about your game being stolen. Chances are that you have some server scripts that cause the game to work properly, exploiters can’t access anything inside of ServerScriptService and ServerStorage, nor can they read server scripts.

2 Likes

Yeah but I have a system that changes the name of the scripts/workspace every couple mins/seconds I’m not sure but yes, they wont even know the name of the scripts so its very very unlikely they can delete it with out dex, also im not worried about them stealing games but more like being able to access moderator GUI’s and deleting my Client sided anticheat, Yes I know client anti cheats are unsecure but they have better detection.

1 Like

Doesn’t really matter. You can still get access to an instance and store it as a variable without even using its name.

for i,v in pairs(game.Players.LocalPlayer.PlayerGui:GetDescendants()) do
    if v:IsA('LocalScript') then
        if string.find(v.Source, '.DescendantAdded') then
            print('Script found .DescendantAdded')
        end
    end
end

About your moderator UIs, you should not make them accessible to the client ever, they shouldn’t be inside of StarterGui. That is just disaster waiting to happen, especially if you aren’t doing any server-sided checks. A lot of exploits also have an auto execution feature which allows scripts to execute as soon as the exploit attaches. Not sure how quick they execute but if it’s somehow before your check connections are made, they can easily remove it that way.

There is also a variety of ways people can bypass any mechanism you’ve put into place, such as remote spies.

3 Likes

Dex is stored in CoreGUI not Player GUI that’s why its so hard to make an patch for it.

I know but they can still search for any listeners contained within the script and remove it.

2 Likes

I’m not even going to try to detect remote spy’s… that would take things to another level and it’s rare that people would use this.

Shouldn’t there be a wait(15) or something because I have local scripts in my game.

I’m not saying to check for remote spies, I am saying that even without dex, there are many ways people can find vulnerabilities within the game. Remotes are one of the most common vulnerabilities people exploit.

As for your second post, it was just an example of what someone could put inside of their executor to check for the listeners.

Yes, I know, but I’ve honestly gone too far to stop looking.

1 Like

Honestly, the sole purpose of exploiting is to go undetected. If somehow dex could be detected, they would patch it. I wouldn’t worry about dex, I would more worry about any scripts that come out and patching the scripts and any in-game vulnerabilities. I don’t mean to sound rude but you’re honestly kind of wasting your time by trying to check for it.

If your game gets big, chances are that some scripts will come out, it’s honestly inevitable. I think it is more important to look into fixing issues that people have found instead of trying to fix an issue that doesn’t exist.

Alright even if there’s no way to detect dex (forever) can you detect when client MB Memory changes?

1 Like

I’m not sure if you can detect anything like that but even if you could, it would lead to many false positives as @Jxl_s said above.

I’ve actually made a script that can kind of detect when an object is inserted into CoreGui (or any other locked service). Here’s the script for it, It’s really finicky and false positives on things like the developer panel, but you can edit it if you want to make it fit your needs.

Here’s the model.

Also yes, its a local script, so its not that secure from exploiters disabling it.

3 Likes