Anti-Stimga exploit script

mew903 · August 26, 2014, 9:51pm

But it’s ran as soon as they enter the game, I don’t think an automated memory scan would have enough time to catch the string to change it.

Anyone who’s smart enough to do that is obviously not using Stigma as their exploit of choice.[/quote]

Because this is in a localscript, and it is a string, it can be edited by the memory as the script being client-sided, taking in edits, unlike if somehow this were to work server-sided. Even though the script is ran as the game loads, it can still be modified. It works the same way if you were to change your in-game name using CE, and only you can see that change, while others can’t.[/quote]

Like I said.

Dummiez · August 26, 2014, 9:59pm

But it’s ran as soon as they enter the game, I don’t think an automated memory scan would have enough time to catch the string to change it.

Anyone who’s smart enough to do that is obviously not using Stigma as their exploit of choice.[/quote]

Because this is in a localscript, and it is a string, it can be edited by the memory as the script being client-sided, taking in edits, unlike if somehow this were to work server-sided. Even though the script is ran as the game loads, it can still be modified. It works the same way if you were to change your in-game name using CE, and only you can see that change, while others can’t.[/quote]

Like I said.

You never know, it’s just like when players started bypassing the anti-speed exploit scripts.

mew903 · August 26, 2014, 10:05pm

But it’s ran as soon as they enter the game, I don’t think an automated memory scan would have enough time to catch the string to change it.

Anyone who’s smart enough to do that is obviously not using Stigma as their exploit of choice.[/quote]

Because this is in a localscript, and it is a string, it can be edited by the memory as the script being client-sided, taking in edits, unlike if somehow this were to work server-sided. Even though the script is ran as the game loads, it can still be modified. It works the same way if you were to change your in-game name using CE, and only you can see that change, while others can’t.[/quote]

Like I said.

You never know, it’s just like when players started bypassing the anti-speed exploit scripts.[/quote]

Well, if the time comes that people find a way around it, it shouldn’t be hard to counter-act.

NateRBLX · August 26, 2014, 10:11pm

Problem with this is anyone can go ahead and edit it to say something else and boot it right back up.

[center]

[/center]

TheLuaWeaver · August 27, 2014, 3:36am

Never forget that having security on the client is the entire reason this mess exists in the first place, and you’re… what’s that called… putting security on the client?

mew903 · August 27, 2014, 4:03am

So what you’re saying is I should add no extra security versus adding some extra security.
Okay buddy.

digpoe · August 27, 2014, 9:29am

[quote] Stigma, is basicly a lua table, were you insert what LocalScript you want (note to big scripts crash your client) but other than that, it’s local scripts you can use to do most things in a game
You can even load other models that is free in any game.
And you can steal the source of any game, using print. [/quote]

It’s not a lua table or anything. It’s a DLL written in C++ which uses Microsoft’s Detours API (>.> stupid Microsoft) and a signature scanner to look for Lua’s methods, and invoke them.

EDIT: In the spoiler is an image of Stigma’s source code, and highlighted is what it uses to find Lua’s methods.

ZacAttackk · August 27, 2014, 11:08am

Do you know if this will help stop sex hacks?

digpoe · August 27, 2014, 11:45am

Probably. Chances are they’re using a similar system to inject a script which causes it to happen.

ZacAttackk · August 27, 2014, 3:08pm

Probably. Chances are they’re using a similar system to inject a script which causes it to happen.[/quote]

Hopefully, because my game is being attacked by hackers and this is a popular one.

digpoe · August 27, 2014, 3:24pm

Probably. Chances are they’re using a similar system to inject a script which causes it to happen.[/quote]

Hopefully, because my game is being attacked by hackers and this is a popular one.[/quote]

I’m pretty sure this ‘sex hack’ probably inserts welds/similar - You should detect if one of these has been created and kick the owner (Could be Part0 or Part1)

Ripull · August 27, 2014, 3:48pm

Zac, you know what you need to do by this stage I assume.

ZacAttackk · August 27, 2014, 5:30pm

Probably. Chances are they’re using a similar system to inject a script which causes it to happen.[/quote]
Hopefully, because my game is being attacked by hackers and this is a popular one.[/quote]

I’m pretty sure this ‘sex hack’ probably inserts welds/similar - You should detect if one of these has been created and kick the owner (Could be Part0 or Part1)[/quote]

What if the hacker inserts it to another player?

digpoe · August 27, 2014, 5:33pm

Probably. Chances are they’re using a similar system to inject a script which causes it to happen.[/quote]
Hopefully, because my game is being attacked by hackers and this is a popular one.[/quote]

I’m pretty sure this ‘sex hack’ probably inserts welds/similar - You should detect if one of these has been created and kick the owner (Could be Part0 or Part1)[/quote]

What if the hacker inserts it to another player?[/quote]

You’ll have to detect which one is the exploiter - the output of the clients may be helpful