Idk if this counts, but you can literally use actors, to prevent function tampering and namecall tampering, the way it works is that It basically creates another lua VM for scripts, inside the actor, you can abuse this to prevent spoofs and hooks, getconnections, etc.
For example, if you print Player.Kick in a normal global state, and compare it to an actor state, you’ll see that It has a different memory address.
HOW TO PREVENT DECOMPILERS: There are 2 ways to prevent decompilers, 1 is making a huge table that has other tables inside of it, make it extremely long as possible, and make each table have a string for example: “AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA”, this will literally crash decompilers, you can then make a variable for each table and do it 5 times, in case they managed to get past the anti decompile, the second method is very simple, make a new script instance, and set It’s RunContext to client, then use that script for the anti cheat.
Anyway, now you can do your Humanoid walkspeed check, inside a while true do!
Actors (in anticheats) are really complicated to manage which is why mainstream ones won’t use them.
This is inefficient, as there are other methods to prevent decompilers. I have one for Electron but @Unlimited_Objects made it, so I would have to get his permission to add it in the topic.
Also wasn’t there a method to detect game tampering (namecall,index,newindex), with a similar method to this?, abusing the C stack overflow error, could you please include it, if possible?
-- Made by Fate
local AntiHook = function(Func)
if (Func) then
local Check;
Check = function(int)
if int < 16379 then
Check(int + 1);
else
Func(workspace,"Name");
end
end
local a, b = pcall(Check, 1);
return not a and b:find('stack overflow')
else
return true
end
end
local LocalPlayer = game.Players.LocalPlayer
local Index;
while wait(.1) do
xpcall(function()
return game["AAAAAAA"]
end, function()
Index = debug.info(2, "f");
end)
if (AntiHook(Index)) then
LocalPlayer:Kick("Exploit");
break;
end
end
Not really, since devs don’t have hookfunction or hookmetamethod functions, It’s simply not possible at all, however you can detect badly made remote spies with metatables iirc.
Oh man, I still love seeing posts like these.
These are pretty clever methods I gotta be honest, but I sure want to see a disclaimer saying that all of these methods can be bypassed as what do you know? Exploiters have full control over their clients.
No matter what developer does, they can access everything, even down to the C code. “Let’s be productive!” You want to be productive? Create server-sided more trustworthy and actual safe anti-cheats that can mostly work even with the constantly changing executors and exploits.
I’ll admit, as a first line of defense these are pretty clever methods, and even though I love s-kids trying to figure out why their Infinite Yield ;fly me is not working because of methods like these, but a better disclaimer must be put on posts like these for newer developers that think these methods can save them on the long run. Always prefer server-sided anti-cheats over methods like these that has a higher chance of being patched when being posted on a public forum like this.
That is 100% true, everything is bypassable, but if you keep trying to bypass, there will be a point which will make it very hard to bypass, for example @daily3014TheGod 's Valkyrie AntiCheat and L.A.T!
This is why I said “Even down to the C code”, I saw his anti-cheat and his anti-cheat is one of the most advanced client-sided anti-cheats I’ve ever seen, I have to admit.
But unfortunately, you can only do so much against people that have full access to the environment that you’re trying to patch exploits in. A developer can only do so much where an exploiter has full access to the Client. This is why even the engineers say that you shouldn’t trust the client. Even with Hyperion they still continue to support this claim. Why? Because they know the inevitable.
I’m not against client-sided anti-cheats, in fact, I support them in cases where you have a strong server-sided anti-cheat and you want to also add a client-sided anti-cheat to keep the s-kids or inexperienced exploiters away. It can be very efficient and it’s even used in games such as Jailbreak, Arsenal, and many more. Even I added a similar client-sided anti-cheat to my game, but with a strong server-sided anti-cheat to back it up when it inevitably gets bypassed. The only reason why I made these replies is I want a disclaimer for newer developers that come across this thread, thinking adding these client-sided anti-cheats will be more than enough to keep exploiters away from their games.
Your SafeCFakeNamecall doesnt even work lol since game.GetFullName and game[“GetFullName\0”] returns the same function
all they need to hook is that getfullname like normal
