For the Anti Flight, will this include detecting laggy players? How about in-game teleports, which are placed by the creator?
( Do forgive me for asking these questions, since I don’t have access to Studio right now. )
I’m sorry to say this but… This is a client anticheat. This is VERY easily exploitable. From what i know exploiters can just do cheatblocker.Whateverurclientscriptnameis.Enabled = false.
This can very easily be spoofed and removed. If you’re using client anticheats, you’re trusting client too much. A client cannot be fully trusted, you have to use server anticheat aswell as a second guard incase the client anticheat is spoofed.
I somewhat appreciate the solutions the community is coming, but this cannot be used for productive work if there is no additional guards in a situation the client anticheat is down.
It’s not my intention to criticize it in a negative way, however, the client script’s name is “CLINET”. People should not use this since it can be easily circumvented, and it is understandable why people believe client anti-cheats are also circumvented as easily as this one if they have the same detection logic.
A straightforward metamethod hook like this one might get around the WalkSpeed and JumpPower/JumpHeight detections because this AC lacks spoofing protections:
local FakeHum = Instance.new("Humanoid")
local Old; Old = hookmetamethod(game, "__index", newcclosure(function(self, Index)
local caller = getcallingscript()
if self:IsA("Humanoid") and caller and Old(caller, "Name"):find("CLINET") then
return Old(FakeHum, Index); --> Spoof attribute for use solely with the AntiCheat
end
return Old(self, Index); --> Return correct values
end))
(Alternatively, because there is no handshake and no deletion protection, attackers may just execute CLINET.Enabled = false instead.)
But this sort of detection could pick up the bypass:
local OldWalkSpeed = LocalPlayersHumanoidOrSmth.WalkSpeed
LocalPlayersHumanoidOrSmth.WalkSpeed = 16.0000000000000001
if LocalPlayersHumanoidOrSmth.WalkSpeed == OldWalkSpeed then
--Detected, do whatever you need
end
LocalPlayersHumanoidOrSmth.WalkSpeed = 16
local OldNC; OldNC = hookmetamethod(game, "__namecall", newcclosure(function(self, ...)
local method = getnamecallmethod()
if self.ClassName == "RemoteEvent" and self.Name:find("Ban") and rawequal(method, "FireServer") then
return nil --> Prevents firing the Ban Remote
end
return OldNC(self, ...) --> Return old __namecall Result
end))
And to spoof the Enabled part:
local OldNewIndex; OldNewIndex = hookmetamethod(game, "__newindex", newcclosure(function(self, Index, Value)
local callingscript = getcallingscript()
if callingscript then
if
self:IsA("LocalScript")
and (callingscript.Name:find("CLINET") or callingscript.Name:find("CBDetect"))
and (self.Name:find("CLINET") or self.Name:find("CBDetect"))
and rawequal(Index, "Enabled")
then
return nil
end
end
return OldNewIndex(self, Index, Value)
end))
If you wanna detect basic walkspeed hooks by a noob exploiter just do
local OldSpeed = Humanoid.WalkSpeed
Humanoid:GetPropertyChangedSignal("WalkSpeed"):Connect(function()
if Humanoid.WalkSpeed == OldSpeed then while true do end end
end)
also it’s better to crash than kick also this anti-hook can also be bypassed but if you update the connection every once in awhile you should be good
What do you mean “how do you know that”? It’s in the exploit documentation.
To answer to your edit, the following functions are: hookmetamethod(object, metamethod, newfunction): oldfunction: spoofs the game’s metamethod metamethod and replaces it with “newfunction”. Though unlike the getrawmetatable hooks it also replaces the memory address of the new function by the one of the old function.
getcallingscript(): caller: Returns the script that called the function
newcclosure(function): cclosure: returns a C-Closure based on the L-Closure provided
Though to get more info on these I suggest you go on the official documentation as the above may be wrong and/or out of date.
exploiter uses a injector that give a useful private function to exploits, advanced exploiter user is powerful than you think, they could make any ways to bypass it
I know they have access to get connections but you can sorta bypass it by disconnecting the connection and remaking it although it can still be bypassed it’s still better than making one connection and calling it a day