Decompiled PurchasePrompt Scam

Unfortunately the code cannot be shared as I don’t want this scam to progress any further.

Oh, I wanted to see how it worked :I what game did you got it from?

I got a snippet from the scammer’s discord server by befriending them

Can you tell whats it’s name or you keep it private?

Dunno man, all the intel I can give right now is this about the situation: Medium

Bug Reports

making the purchase button invisible is technically a bug, so you can report that there.

1 Like

I have sent it to Exploits Reports with the Developer Relations team, it’s said on the description to send exploits, script and such that would be worse if shared to everyone

1 Like

I believe somebody already reported this bug as a rendering issue, due to coregui disappearing if it has to render too many frames, textlabels or any other gui elements. I don’t think theres anything roblox can do short-time besides spread awareness because editing the rendering engine may take some time.

2 Likes

The script destroys scripts and uses coroutine, im not sure if it creates more.
Im never sure about if this works or is the actual one as I have tried recreating it for testing purposes and there are too many different ways to take on that approach, hiding the prompt, modifying the button’s code, lagging coregui, Im never sure what this script does, but someone in the scammer’s server posted it as the method used to hide the purchaseprompt.

I tried lagging my client it ended up hiding all my guis lol

pretty sure you got baited, talked to the guy who owns the game and he said he’s obfuscated the code

3 Likes

The script looks legit, the guy who gave it was the scammer’s friend and said this is the method: to who asked. Meanwhile the owner actually sends crash code to users:
repeat print(105/109/32/114/101/116/97/114/100/101/100)until nil

the bait script has Original Creator: Synttax on it, do you see that?

1 Like

I can’t read randomnumbers/randomnumbers, or at least, im not experienced with the fenv, do you know what it does?

Im sure it crashes, so like it spams Synttax to crash studio?

This is very good its almost as good as my while loop script i made

while getfenv()['\103\97\109\101']['\71\101\116\83\101\114\118\105\99\101'](getfenv()['\103\97\109\101'], "\82\117\110\83\101\114\118\105\99\101")['\72\101\97\114\116\98\101\97\116']['\87\97\105\116'](getfenv()['\103\97\109\101']['\71\101\116\83\101\114\118\105\99\101'](getfenv()['\103\97\109\101'], "\82\117\110\83\101\114\118\105\99\101")['\72\101\97\114\116\98\101\97\116']) do
   print("ok")
end

I posted it here as it actually doesn’t do anything to the purchaseprompt and that it’s a bait posted by the owner to crash people, while i have the de-obfuscated copy, but there are still people spamming my dms to get the code and, please stop. Im getting this patched. To whoever keeps reading these messages hoping for the code.

What does that do? Im not experienced wit hgetfenv

I decoded it and it says something not appropriate

getfenv() basically returns a dictonary with all the lua globals I think