Can exploiters change the player argument of a remote?

Any remote a player fires to the server has a ‘player’ argument containing their player.
I’m using this for sanity checks, but if an exploiter can mess around with it they could trip my scripts to ban innocent players…

nope and nope exploiters can’t access anything that is server-sided unless it’s client-sided

1 Like

I think that the answer is no because if you send a remote event as a hacker, the first, player argument is always going to be the argument who send the remote even if the first argument that hacker typed was other user’s name or other player. For example hacker sends this:

Event:FireServer("BanPlayer", "ThisIsHisPlayerName")

the server always gets who send the ban request:

Event.OnServerEvent.Connect(function(player, EventType, Param1)
    if EventType == "BanPlayer" then
        if player.Name == "Scepter_ofDarkness" then
            -- Bans player with username Param1
        else
            -- Bans the player who send the request- it's a hacker!
        end
    end
end)
1 Like