So, I made a system that kicks players for errors that are exclusive on an executor.
You see, Traceless Errors leave an empty stacktrace which u can easily detect and terminate the player.
This anticheat method is 100% functional and doesn’t log players for invalid reasons.
LOCAL SCRIPT
local player = game.Players.LocalPlayer
local scriptContext = game:GetService(“ScriptContext”)
local kickRemote = game.ReplicatedStorage.KickRemote
scriptContext.Error:Connect(function(msg, stacktrace, scriptt)
local newst = string.gsub(stacktrace, “line”, “”)
for i = 0,9,1 do
newst = string.gsub(newst, tostring(i), “”)
end
local anticheatsample = string.len(string.gsub(newst, “,”, “”))
if anticheatsample <= 4 then
task.wait()
kickRemote:FireServer()
end
end)
game.ServerScriptService
NO KICKING ON THE CLIENT SINCE IT CAN BE EASILY STOPPED
ServerScript
local kickremote = game.ReplicatedStorage.KickRemote
kickremote.OnServerEvent:Connect(function(plr)
plr:Kick()
end)
What I posted is just a small part of my anticheat , it checks itself on a BoolValue every 30 seconds so if the player somehow manages to disable or destroy it will detect it thanks for the feedback tho. Have a nice day!
But can’t the client just execute an event for everytime a new one is added (even if the name of the LS changed continously), and even then the server can’t detect if it gets deleted, so having it re add on the client would still bring up the same problem.
It is more complex than that, I would happily post my full Anticheat but I have worked too much on it and don’t want to release it to public, I mentioned this can be disabled in my thread, its just to help begginer scripters that can’t figure out how to do this.
And by the way, my anticheat doesn’t allow remote spy or dex to run so I don’t really think there would be any way to know the info u have to fire the remote on for it to run.
I mean, exploiters can insert Core UIs which devs can’t access, so that’s why I’m trying to understand your doings better. Anyways I hope your work doesn’t go to waste, good job nonetheless.
They can check for calls, find out which remote specifically kicks the player, and block it from firing or invoking. Plus, if the remote that is used to kick is deleted and a script detects that, will the player get kicked by a separate remote or something? They can also rename the remote to confuse the script trying to call the remote.
Exploiters have access to so much more than the avg developer.
If the exploiter has some casual knowledge they wouldn’t need to use dex or remote spy.
They can check memory for any functions, tables or userdatas using debug.getreg() the following process would be them fully modifying the table, function or the userdatas.
Not only that, Exploiters are able to remove any connections from the client doing:
for i,v in pairs(script:getconnections) do v:Disable() or v:Disconnect()
end
there’s ways to detect disconnected connections though, But yeah, I think you get the point.
There are multiple vulnerabiliies in your code. #1 They can hook the function passed to scriptContextError and make it return a valid trace. #2 They can fully disable the connection #3 They can hook FireServer and prevent firing #4 If they are good their can hook into the luau vm and completely rebuild their errors to look legit.
Error detection isn’t a good method and I don’t suggest you use this. It’s only a skid check but someone who can use properly their exploit’s documention will easily bypass any kind of error checks or output checks.
“I mentioned this can be disabled in my thread, its just to help begginer scripters that can’t figure out how to do this” I have no idea why you replied in the first place, every type of client anticheat can be disabled in some way, but that doesn’t harm the game in any way does it, any protection is better than none, I appreciate your points that I was fully aware of, although your first three points are partially invalid as they can be checked and prevented/detected, the script doing that could also be stopped in some way. Client Anticheats can always be stopped based on how determined the exploiter is. Love!
