Can exploiters interfere and edit a LocalScript, etc

I’m currently working on my selling system when in the sell menu when you click the sell button it sends an event to the server. The only thing I’m worried about is if the exploiter can go in the code and switch a value in the actual LocalScript. The script sends the price depending on what the TextLabel says with an if statement. Can the exploiter go into the script and change “TheNumber” in the :FireServer(“TheNumber”)

I know a solution to this where I just check to see the TextLabel name from the server but I’m very curious how much an exploiter can do.

1 Like

Yes, exploiters can read your Local Scripts since it being replicated to the client, but I would not worry about it since its rare.

Thanks, but what I’m trying to ask is: Can they edit the script?

No, because if the exploiter downloads your scripts, they would need to reverse engineer the code.

Yes they certainly can! They can disable them, copy them, and make clones of them. Every local script is client sided, and the player has complete control over them. The best way you can protect against this is have many remote events.

4 Likes

I don’t think so, but they can inject their own, and it would be the same thing. That’s why we never trust in the client.

2 Likes

The thing is, server sided scripts can see server created localscripts, but not client created localscripts

1 Like

They actually can do this. They can read the source.

They can’t view server-sided scripts, but they can view every single localscript that’s in a client-sided parent. If a localscript isn’t, it just won’t replicate to the client.

No exploiters can only see your localscripts, they cannot edit them. Edit: Exploiters can see your localscripts because they run on the client.

most exploiters are unable to change scripts but it doesn’t really matter because they can read the complied bytecode anyways so

edit: localscripts, not server scripts

“most exploiters” are all exploiters. If you backdoored the game and are using an FE executor, you MIGHT be able to find a way. Other than that I don’t think you can.

@iSyriux They can view them if there is a backdoor in the game.
@rc8s Actually contrary to popular belief exploiters can actually view and edit your localscripts using metables, they can hook onto values and change them

They can view your local scripts, but they cannot edit them. I don’t see how this would work? Many games would break?

Nope, since its local it wouldnt break the changes dont replicated but the exploiters can hook onto metatables and change different things

Say you have a hitbox for the player and you try to prevent exploiters from expanding it, an exploiter can hook onto the metatable locally that is trackign if the hitbox is changed and change the value to like a value that they wont get kicked @rc8s

1 Like

Then that is changing things on the client? How would this be a problem, FE should stop this. The only way I see is a server side executor (FE backdoor executor)

it’s not a problem if you don’t handle anything on the client

1 Like

Fe only stops exploiters trying to change things server sided, Roblox cant track everyone locally that would probably take too much resources and not sure how that would work

I am pretty sure the owner of this post is asking if them ‘changing’ the localscripts will affect anything on the server or do any damage to the game. I am not sure how it is a bad thing if they do is what I am asking.

There is a lot of uncertainty in the answers. So yes, exploiters can edit a LocalScript. How? They can change its constants, its globals, etc. Clients never get the source, only bytecode. The don’t really need the source. That is why exploiters have to go through the process of decompilation so they decompile the bytecode back into a rough equivalent of Luau source. Your issue is trusting the client here, the client should never determine the price of an item. That should be all the server.

2 Likes