I’m surprised this topic made 61 replies.
One Thing.
Never trust the client or even TRY to protect it.
Use Server-Side instead.
Simple short quote.
1 Like
never trust the client or even try to protect it guys it’s not safe! server side is the best option
1 Like
Thanks @XoifailTheGod for help
@XoifailTheGod please don’t sue me for plagiarizing your stuff
To the average user detecting popular exploits like dex, esp’s or aimbots may seem impossible, but to be honest, once you know how an exploit script works it’s quite easy to patch. Some of the less popular but effective methods of patching dex are to check if there is a reference to an instance you just created. Although dex isn’t the problem here there are countless ways to look at the internals of an experience via exploits, although dex is a simpler way that’s why it’s commonly used by less experienced exploiters.
I read the thread. I was simply replying to your nonfactual claims.
No. You said:
Which is basically the same thing. You were implying that. How else would someone interpret it?
I read it lol. You’re just not willing to listen to other people’s points just like in the other thread you made that got taken down.
You missed my point.
You said that that there are tons of ways to secure the client.
My point is that you can’t secure the client at all.
Ironic that you are doing the exact same thing right now.
I read the thread. Don’t accuse me of things I didn’t do.
I’m going to step away and mute this thread because its useless to argue at this point.
2 Likes
Giving up on clientsided anti exploit is the worst advice, It doesn’t mean he’s saying “trust the client”, It can be bypassed obviously, but giving up on it just because it can be bypassed? NO.
Thats the equivalent of saying Give up on your account! it can be hacked.
False. There are many ways to secure the client. This includes adding tamper detections, patching bypasses, and more.
4 Likes
Maybe, if only we can listen to ChildAdded on server! (By that, i meant like Clients adding anything under their character.)
Or better listen for parts edited by client on workspace!
Client-sided anti-exploits are only useful if the exploiter just attaches a generic admin gui and nohing else, typically game-targeted scripts are the ones to have a script that disables kick function and localscripts.
Incorrect there are ways to secure the client you just don’t know how to do it.
I would like to say that from my knowledge anything on the client can be bypassed somehow
you can get the images id added in coregui by using
while task.wait() do
game:GetService("ContentProvider"):PreloadAsync({game.CoreGui}, function(CoreGuiID, _nil)
print(CoreGuiId) -- id of image added in core gui
end)
end
but this way is unsafe and unreliable
anything with game.CoreGui doesn’t work.
yeah but oddly this one seems to work
1 Like
better delete it before roblox patches it quick, now that i think of it, is it possible to detect other stuff besides images?
I think its fine to share, its been said here before, many times.
Offtopic but does StarterGui:SetCoreGuiEnabled (or any similar startergui coregui functions) work with client-attached guis? if so why don’t we just refresh the coregui?
I don’t think so but there is a lot of other methods on detecting guis on coregui such as textbox detection
This was patched on synapse. it no longer works.
This can easily be bypassed by exploiters if they… dont click on any textboxes 
1 Like
That’s true, it can be bypassed but there are many measures you can take that can make it extremely difficult. And my point is that it’s a learning experience and you shouldn’t be afraid to experiment with the client ect
Many exploits already patched this by either parenting to gethui or protecting the gui.
1 Like