Anticheat Methods

TheRealANDRO · March 20, 2024, 7:40pm

Sure. I can modify the debug library and what it returns to suit what this local script needs and my bypass will still continue to work. What are you trying to prove here?

HexadecimalLiker · March 20, 2024, 7:40pm

Where am I in refusal?

When I said this, it also works the other way around. At then end of the day it is just a cat and mouse game, until new vulnerabilities get found, then get patched. At no point in time have I ever said this was false.

HexadecimalLiker · March 20, 2024, 7:42pm

Okay give me an example and I will show you everything that can be detected in it

Also a smarter way of preventing that would be to literally just hook that Sanity function to make it return true since you have access to the source as you said earlier, a simple bytecode decompilation will surely reveal it, lol

TheRealANDRO · March 20, 2024, 7:44pm

See? Not that hard to find bypasses.

Depends on the anti-cheat I’m working with. As you mentioned, I can do a simple bytecode decompilation to reveal the source code and modify the debug.info() function to return whatever the script needs. In your case: “[C]”

HexadecimalLiker · March 20, 2024, 7:45pm

This is not an example, this is just a description of what you are gonna do. Write an example so I can point out what can be detected or not.

daily3014TheGod · March 20, 2024, 7:49pm

these are simple examples that liker gave you. there are many more ways to detect exploiters tampering with global tables. if you want to see an actually good anticheat then check my friend XoifailTheGod’s anticheat out (or you can take a look at my open source anticheat Valkyrie Anti Cheat). if you dont have an executor (i highly doubt you have one) you can just join the discord server and take a look at the “anti-cheat-info” and “anti-cheat-logs” channels

TheRealANDRO · March 20, 2024, 7:50pm

Not easy to give an example here. As I said, it really depends on the script I’m working with. One script might use the debug.info() function to return a specific value for their client-sided anti-cheat. Or maybe a method to prevent hooks, depends on the case here.

TheRealANDRO · March 20, 2024, 7:51pm

Oh, I already saw it. Still doesn’t invalidate my points though.
(Took you long enough to reply btw)

HexadecimalLiker · March 20, 2024, 7:52pm

It really does not.

Let’s apply all of my methods in one imaginary anticheat script, which is hidden. Try to write a hook which spoofs debug.info to make it return “[C]” for one specific function.

daily3014TheGod · March 20, 2024, 7:55pm

what…? the anticheat was never bypassed (same with valkyrie) and probably never will with these temu quality executors. Xoifail has working PoC for detecting every executor on injection except krampus and every executor’s hookmetamethod including krampus.

TheRealANDRO · March 20, 2024, 7:59pm

I didn’t really give an example of one definitive executor, I’m talking about the possibility of bypass, which is possible with the methods I’ve mentioned above.
Though you’re right, the current executors in this industry can’t even properly bypass Hyperion lol.

daily3014TheGod · March 20, 2024, 8:07pm

there are various ways to detect these bypasses. after a point the exploiter will have to write their own bypasses to these detections instead of relying on hooks, setmetatable, getrenv and lets be real… most exploiters wont get far as they still struggle with bypassing adonis lol…

NotRapidV · March 20, 2024, 8:56pm

the best anticheat:

local plr = game.Players[game.Players.LocalPlayer.Name]

while task.wait() do
   task.spawn(function()
     while task.wait() do -- nested loop for double protection
        if plr.Speed > 100 or plr.IsExploiting or plr.HackInjected then 
           plr:Kick("hacker")
        end   
     end
   end)
end

metat3ble · March 20, 2024, 9:51pm

bro I’m dying

script.Disabled = true task.defer(script.Destroy, script)

do atleast this in the start of the script (op methods!!!)

TheRealANDRO · March 20, 2024, 10:17pm

Lol. Well, you’re right. After all, once again I’m not really against client-sided anti-cheats like these. They can work pretty well against skids who cannot do anything without browsing v3rmillion lol

AverageOnionUser · March 21, 2024, 10:46am

Hello rapid please stop leaking top tier sacred anticheat methods given to us by the savior builder man. Thx.

Anyway, Liker, u made very nice topic . I like it.

MrJake092209 · March 30, 2024, 3:53pm

For certain functions you can do game.Clone and game.clone and they won’t be equivalent.
As for the “returned function” argument, the null byte can help protect against __index hook attacks, where they try to check if the property argument of self is “Clone” (and don’t check if there are null bytes and act accordingly).

A much better way of hooking game.Clone is simply doing hookfunction(game.Clone or game.clone, deter)

I didn’t really read that much of the argument that ensued, so I’m not really sure if this was stated already, but there you have it.

imCherry511 · October 26, 2024, 6:28am

Infinite Yield Reborn finna make their script web-based

imCherry511 · October 28, 2024, 10:40am

he’s speaking facts, so many facts.

imCherry511 · October 28, 2024, 10:51am

what about RbxStu the Studio Executor