Detect Celery the new hit uwp exploit [PATCHED]

Current detections are patched! But you can still abuse celery ENV and do funny stuff without having the exploiter execute anything.
Celery is a new generic exploit that biggest marketing point was its bypass on hyperion, too bad it’s so unsecure that it literally attaches itself on PlayerScripts, unlike big exploits that use RuntimeScriptService. Not to mention there are many ways to detect it.
image
Anyways here is the detection.

Made by the same person who was able to switch to 32-client, hamsta. thanks bro.

repeat task.wait() until game:IsLoaded();
local mbus = game:GetService("MessageBusService")

task.spawn(function()
   while task.wait() do
       local _,e = pcall(function()
           mbus:Publish()
       end)
       
       if _ then
           game:GetService("Players").LocalPlayer:Kick("Celery is bad for your health.");
           while true do end
       end
   end
end)

Having a deja vu? That’s the same detection that was used against synapse before! But celery still has it.
You could also abuse it’s HttpGet returns since it has no checks.
Source:
https://v3rmillion.net/showthread.php?tid=1208556
Who would know exploiters would turn against themselves.

3 Likes

Update: To any other devs in here, while celery patches are out, you can still abuse it’s env, along with its httpget returns, have fun with this secure exploit.

And if any of you have coregui detections, celery next patch will have its scripts attached to coregui, so theres that

getting me confused over here, how come has byfron (hyperion) not detect it, im completely lost

it uses the windows client thats why

And if i read the thread right - Devforum & v3r its detectable as of now right? Do you know if they’ll move to coregui anytime soon? , i wouldn’t be surprised

According to the executor dev, (some) detections are patched but he won’t clarify and yes he’ll start attaching his scripts to coregui for now on, lmao. It still has a lot of vulnerabilities, you can detect its environment and run illegal functinos.

Any sources on the power of the executor and its features?

You can find the thread about the exploit itself on v3rm. As far as I know it still missing a lot of key features and also has a debug.setproto() vuln still.

1 Like

I love how this instantly got patched lel

u can still abuse its env tho kek

Whoever uses this in their game should make it spam the players chatting with “hey I’m cheating using celery!” That would be hilarious