Can exploiters exploit Module Scripts?

This is probably a dumb question, but when it comes to exploiters, I always want to be 100% sure.

What can exploiters do with Module Scripts?

Can they exploit them just like they can do with Local Scripts?

Or is it like server scripts, where the exploiters can’t exploit them in anyway unless there’s a backdoor in their game?

4 Likes

Hm, well.

If you have a certain setting in your game thats controlled by module scripts, YES. But, If it’s placed in ServerScriptService, they can’t access it.

2 Likes

if youre talking about saveinstancing(), yes, they can take modules if they are not protected in serverscriptservice/serverstorage

Module scripts turn in to whatever it was executed from, requiring it from local it’s a local module where requiring from server its a server module

If you require a module that was meant to be ran on server if it hits a line of code that was meant only for server it will error and break the thread

1 Like

If it’s in Replicated Storage, they can. If it’s in Server Storage then no they can’t.

I recommend you put Important game modules/modules you know can only be used by the server in Server Storage, and put non important modules in Replicated Storage.

3 Likes

I think the question is a bit ambiguous because what exactly does it mean to “exploit a script?” If you’re referring to what an exploiter can do to local scripts, then the answer is “yes, but only if the module is required by a local script.” But if it’s on the server, then “no, unless it’s part of processing remote events, in which case proper sanity checks need to be put in place like all other remote events.”

Basically any script that’s in ServerStorage or ServerScriptService CANNOT be accessed in game. Now, If it’s in ReplicatedStorage, they can easily get to it,

I’m making Chat Commands using Module Scripts in the ChatModules Folder so I can use the RegisterProcessCommandsFunction, which I believe you can’t do anywhere else besides the Chat Modules folder. (correct me if I’m wrong)

Will exploiters be able to exploit the Module Scripts I’m making inside the Chat Modules Folder?

If you want a visualization, I’m asking if exploiters can exploit this:

image

Anything not stored on the server can be exploited, I recommend putting everything in ServerStorage, it may require you to change a lot of code but it’s worth it to avoid exploiters getting in there.

Yes they can. This is because the client can access these modules. Although their called on the server, so you should be all good with filtering enabled and stuff. So their changes wont apply for everyone else and the server. So they can modify it, but it’ll only apply locally.

4 Likes

How would I be able to prevent them from modifying the scripts then?

Sadly, not possible.

But keep in mind, their changes will NOT apply for everyone else. So if you have a filtering script, but an exploiter edits it to be with a swear word, it’ll only display that swear word for the exploiter. Not the rest of the server. Because the ChatModules folder is called by on the server.

But if it’s in the ClientChatModules then you’re out of luck.

1 Like

Ah, so as long as the module scripts are in the ChatModules Folder, then the exploiters won’t be able to exploit the module scripts in that specific folder?

yes.

They’re still able to modify the scripts, it just that the exploiter’s changes wont apply for everyone else.

1 Like