Also, if it doesn’t change anything deleting it, why can he even see the script object in the first place?
If you put it in ServerScriptService he will not see it.
Workspace is what is replicated from the game-model to the client. Meaning if you have a script in Workspace then roblox perceives it as information that should be sent to the client.
Server scripts run on the server though, so regardless if it is in workspace or not they cannot manipulate the code but they can remove the un-necessary object from their client since it has no affect on “their version of the game”.
1 Like
From my testing (and I am not an expert in exploiting or Script replication) - I have found that scripts inside characters that are deleted do replicate from the client to the server. This means that technically an exploiter may be able to delete essential scripts inside their character. (Server Scripts in workspace still function if deleted locally). This is purely just from testing in studio - I have not used exploits/real server to test it so idk
It could be used for just instance functionality. There are many times when you need to parent an instance to a script, so they most likely replicate the object so that way a local script can access ServerScript.Child or something, but I’m not an expert. I do not believe that exploiters can even read the code of a server script in workspace, but I haven’t looked into that.
There are places that you can put scripts so that they don’t replicate to the client and so the client cannot even see them (such as ServerScriptService)
1 Like
dark dex user can do it.
its a server sided one but basic dex cannot.
note : dark dex is only for synapse "created by the annoying sir meme kid "
Yeah but I’ve learnt recently that it doesn’t change anything with any client-side exploit as the bytecode is never sent to the client, so if a localscript is deleted it’s just deleting like the representation of the script because everything in the workspace must replicate to the client to it’s just there although the code doesn’t replicate because of server script’s (Script) default behaviour of not sending the bytecode to the client.
1 Like
when i was an kid i used to exploit on roblox. back then 2016
there was basic but really harmful scripts btw. like drop hats “its still not patched lmao”
crash server , server pinger etc.
but yeah my old acc banned for that and i changed my acc due to this.
im no longer exploiting.
but i remember sum stuff abt it