Encrypt Api (Free)

This shouldn’t be at the top of your post when this is misleading to the point of security & sanity checks. Instead, you provide a module that gives exploiters direct access to the server with a key that’s shared on both the server & client.

There is no protection with this. This is essentially a free ticket for exploiters to hack your game. This is equivalent to a backdoor that’s concealed & obfuscated for the purpose of “extra security”. Not only is this misleading but, it promotes bad habits in a place where people come to learn & model their own style from.

There’s a clear lack of experience & terms from what you offer & what you claim to know. Perhaps, you should look into how security actually works, understand the concepts & best practices and then attempt to model an open-source version from what you learned.

1 Like

How does this give them direct access to the server?

The key is in the local script, so they can easily get it

1 Like

Can I make de-obfuscator a script?

The point of this category is to post open source assets. If you want to have an obsfucated script so it’s harder to reverse engineer (Which obfuscation really does nothing, anyone with time could reverse it), post it in #help-and-feedback:cool-creations.

1 Like

Moved from #resources:community-resources to #help-and-feedback:cool-creations

Please review About the Community Resources category before posting in that catagory.

Only post resources with a substantial free or open-source component here. Post paid service subscriptions, plugins, and other resources in #help-and-feedback:cool-creations instead.

How should I write my resource topics?

Your resource must be:

  • Related to Roblox development .
  • Well explained ; do not dump content here, you must explain how your resource is meant to be used.
  • Significant overall ; your contributions must be more substantial than small scripts or a few individual assets. Resources that are not significant enough, too specific / not useful to many people, or too low quality should be posted in a different forum category, or you should request help from @Post_Approval to learn what can be improved.

Things you could post a Community Resources thread about:

  • Significant ModuleScripts, code libraries, or frameworks that you created for public use.
  • Large collections of assets / free models that you created for public use.
  • Royalty-free art, audio, or texture resources.
  • Free plugins you wish to showcase.
  • Websites that are useful to Roblox development.
3 Likes

It says free or open source not free and open source. This isn’t paid so it should be in community resouces.

Still doesn’t give them direct access to the server.

But key is still in the local script, so what is your point?

1 Like

My point is that what sanjay2003 said is incorrect. This isn’t like some lua executer you can’t just “directly access” the server using it.

What was meant is the fact that the key is stored in a local script, which makes this useless, not necessarily that this is some server-sided executor, was likely a miscommunication from them.

1 Like

I just bypassed this. It was not hard so this isn’t really secured at all.

1 Like

Wow, why would you bypass that?

Why make a server-sided anti-cheat when it’s only reflecting on the server?

By that I mean make the anti-cheat be in the server-side so exploiters can’t just delete it.

But still how are they going to “sever-side” the code?
Or explain how does this “server-side” anti cheat works.

Simple, you don’t trust the client-side to hold your anti-exploit so you make server-sided anti-cheats.

1 Like

I don’t think this is very useful, as it can be bypassed with max 1 lines of code and no knowledge of scripting. All they have to do is view the script’s source and see the thing being encoded (see the code block below)

game.ReplicatedStorage.RemoteEvent:FireServer(api.encode(key,"hello"))

Otherwise, if it’s stored in a variable, they can use any of these functions to see what’s being encoded (1 line)

debug.getregistry() / getreg()
debug.getupvalue() / debug.getupvalues()
getgc()
getsenv()

edit: sorry for necrobumping this, I didn’t realize this was old

2 Likes

Ok I understand that this isn’t helpful because this won’t stop exploiters this just “slows” them down but on the bright side, this is a cool creation and it was meant to be useful, not to “promote bad habits” so I don’t see why most of you are attacking this person, maybe she (judging by avatar) was excited to publish this and get feedback but instead got attacked by people.

Even though I still think the module it’s not safe to use and it’s just like a proof of concept. Would not use it myself.

2 Likes

Thanks for the positivity! :heart:

1 Like