Well they are doing that with a LocalScript right? Server can’t detect actions done by local scripts. There isn’t an event fired when a notification is created but I think the notification is just a Gui so you would just need to check for instances addition to the Core Gui (I’m not sure where notifications guis are parented) and rate limit the addition but this should be done on a LocalScript which the exploiters can delete so the only solution would be a blockchain anticheat (using other clients to detect cheats on others)
the server crashing script is server so its probably a remote
Again you’re not clear: is the server crashing for remotes? Because notifications are local
i found the remote for the script its called “StartShutdown” and they use the gui to fire the remote
im guessing he has a servershutdown script for it
Well then make a rate limit system from the server.
EventFired.OnServerEvent:Connect(finction(player)
player:Kick()
end
so do i copy the code? and what is a rate limit system, sorry im dumb
Since you explained the rate limit isn’t needed. Obviously you must change EventFired with the event that the exploit fires
yeah i know, so i do this
local EventFired = game.ReplicatedStorage.StartShutdown
EventFired.OnServerEvent:Connect(function(player)
player:Kick()
end
1 Like
it was in core Gui which is nearly impossible to patch idk why Roblox did that,
Studio settings → Show Core GUI / Show Hidden Objects in Explorer
Should allow you to go manually look for it yourself.
All of these backdoors and viruses are caused by malicious plugins and free models, examine each freemodel and plugin you use.
2 Likes
what im saying is that, the script is inserted into coregui ingame not in studio it isnt a backdoor. its a script from youtube. but the script is inserted into core gui by just doing this “TestGUI.Parent = game.CoreGui”
therefor the Gui cannot show up on studio because it’s injected through an executor
Oh, so someone has made an ‘exploit’ specifically for your friends game?
Exploits are unable to create server-sided instances such as a RemoteEvent which suggests there is a backdoor in-game creating this RemoteEvent.
Alternately, they may be using a backdoor to create server-sided instances. Both ways are backdoors. I suggest you look through scripts in-game you do not recognise.
1 Like
Yeah, its targeted to a remote that starts a game shutdown for a new update
the remote is supposed to create a server shutdown, he has a servershutdown script. thats why its able to crash the server
Maybe instead of trying to find this script which only exists on the exploiters client anyway you secure your remotes. I wouldn’t just have a remote sitting somewhere that shutsdown the game if fired
yeah ill tell him to change the name of the remote to some random letters that no one would recognize
If the RemoteEvent is actually his then I suggest that he secures it using checks to make sure it cannot be fired by exploiters.
1 Like
No, simply dont have the remote existing in the first place, this is insecurity by flaw of design.
1 Like
ill make a script that will genarate a uid to secure as good as possible