I am attempting to make it so that when a GUI is put into workspace that it is found and to ban the player. But how do you detect a new gui being put in workspace by a exploiter?
Ive seen multiple exploits like “Eclipse Hub” (Exploiting Panel with cmds) do this, want to make sure it cant be easily done in my game.
There are topics like it but none of them have solutions, atleast from what i can tell.
A game called “ER:LC” can detect players putting “Eclipse Hub” into the games workspace, then bans them. I havent seen other games do this. Any Ideas?
As far as I know, gaining access to CoreGui is not possible, even with a ServerScript. However, a game can monitor the workspace for any new child additions and obtain the client information to ban malicious users. To protect the Core Client, developers would need to delve into client scripts with techniques like using 2 - 3 scripts detecting others scripts within their scripts to frustrate or render the exploits ineffective.
This code establishes a connection to the workspace and prints the name of any child added.
For enhanced protection, you can implement a blacklist system using a table. However, keep in mind that GUI elements are typically placed in either PlayerGui or CoreGui, where direct access is restricted.
You cannot detect GUIs that was put in CoreGUI, since its locked to plugin+ level and only available to exploiter. Modern exploits such as synapse got syn.protect_gui function which protects the screengui from FindFirstChild attacks, making it completely undetectable. You must find a tricky detection way yourself or secure your serverside functions.