shoutout aidan9382
Hello, dropping some stuff to help keep exploiters away from your game. 99% sure these have both been reported to the developers of AWP, however none have been patched.
These should not be taken as is, and proper testing and implementation should be done to ensure this works in your case. This should not be used as an alternative to any other counter-exploit measures you have.
If you plan on just copy and pasting the code below, expecting it to be a complete prevention of exploiters, please reconsider and take time to understand what this code is doing. As mentioned, this should not be used in place of any other anti-exploit measures, and these are very much still required.
Most of this post is directed towards AWP users, with some bonus Infinite Yield and Dex Explorer detections. 
The Infinite Yield and Dex detection targets all executors, not just AWP.
AWP injection detection:
-- 9382
-- on-inject detection targetted at the awp executor (targets getfenv timing flaws)
-- >when I'm so undetectable a LocalScript can detect me :muscle:
if game:GetService("RunService"):IsStudio() then
return
end
-- ratio stats:
-- avg 12.5, avg range 11.5-13.5, 98% ~17.5
-- awp averages about 31, so the difference is more than enough
-- we use a ratio so that slow pcs arent punished for being slow,
-- instead comparing execution time between a base test and getfenv
-- GETIMPORT gets slower after running getfenv, so this matters a lot
local getfenv = getfenv
local tick = tick
local violations = 0
while task.wait(0.2) do
local t1 = tick()
for i = 1, 1e4 do
getfenv()
end
local t2 = tick()
for i = 1, 1e4 do
-- do nothing lol
end
local t3 = tick()
local ratio = (t2-t1)/(t3-t2)
if ratio > 25 then
-- dont punish lag spikes, require 8 fails in a row
violations = violations + 1
if violations >= 8 then
-- insert funny code here (while true do end, etc. etc.)
warn("awp detected with decent confidence (r8: "..ratio.."), killing detection loop")
break
end
else
violations = 0
end
end
Hook detection: (Not sure how many this works on, works on AWP tho, DO NOT USE THIS TO ABUSE THE EXPLOIT ENVIRONMENT! THIS SHOULD PURELY BE USED FOR DETECTION PURPOSES)
-- this can also be done using BindableEvents, and other stuff
-- __tostring fires on non-string index so when ran through
-- the function used in the hook, it will run the code through their hook
local Check = true
local env = {}
local Remote = Instance.new("RemoteEvent")
local Proxy = newproxy(true)
getmetatable(Proxy).__tostring = function()
for Level = 1, 20 do
-- loop through 20 levels to check if any contain getgenv (executor only function)
local s, fenv = pcall(getfenv, Level)
-- getgenv is present only in an executors environment
if s and fenv and fenv.getgenv then
print(string.format("Found an exploit environment at level %s", tostring(Level)))
end
end
return ""
end
while Check do
-- __tostring fired as proxy is userdata and not a string, so our metatable where
-- we change __tostring will fire, allowing us to get their environment
Remote:FireServer({[Proxy] = {}})
task.wait()
end
Infinite Yield detection:
-- 9382
-- gc detection for the generic infinite yield script
-- NOTE: This won't work on any executors with a functioning cloneref
-- (if they're running a script version with cloneref that is)
-- WARNING: This CAN false-flag if any of your client scripts use and store NetworkClient
-- They probably don't, but just be aware of that, and test properly
if not game:IsLoaded() then
game.Loaded:Wait()
end
task.wait(3)
local t = setmetatable({}, {__mode="v"})
while task.wait() do
t[1] = {}
t[2] = game:GetService("NetworkClient")
while t[1] ~= nil do
-- encourage the gc to move faster by adding a 4kb string
t[3] = string.rep("ab", 1024*2)
t[3] = nil
task.wait()
end
if t[2] ~= nil then
-- insert funny code here
warn("inf yield detected - invalid gc behaviour")
break
end
end
Dex Explorer detection:
-- 9382
-- gc detection for the generic dex explorer script
-- NOTE: This won't work on any executors with a functioning cloneref
-- (if they're running a script version with cloneref that is)
-- WARNING: This CAN false-flag if any of your client scripts for some reason:
-- A) Gets and stores all of game:GetDescendants()
-- B) Gets and stores random objects under game.Chat
-- They probably don't, but just be aware of that, and test properly
if not game:IsLoaded() then
game.Loaded:Wait()
end
task.wait(3)
local name = tostring(math.random())
local Chat = game:GetService("Chat")
Instance.new("BoolValue", Chat).Name = name -- make it and forget about it
local t = setmetatable({}, {__mode="v"})
while task.wait() do
t[1] = {}
t[2] = Chat:FindFirstChild(name)
while t[1] ~= nil do
-- encourage the gc to move faster by adding a 4kb string
t[3] = string.rep("ab", 1024*2)
t[3] = nil
task.wait()
end
if t[2] ~= nil then
-- insert funny code here
warn("dex detected - invalid gc behaviour")
break
end
end
Hopefully more detections coming soon. Infinite Yield and Dex detection may be buggy - use these at your own risk as they could possibly false flag (read the comments)
Enjoy!
