Hi,
Today i have found exploiter in my server, He able execute some script, and in server console i see it used require(assetid)
So i’m gonna know how to prevent this, this is ruin my game :<
Thanks in advance
I don’t really have exploiters in my game, but usually what I do is I insert an anti exploit that I trust (from the toolbox or you can make one yourself), you can modify a few options from the anti exploit , this usually works for me
If this doesn’t work, you might FilteringEnabled option turned off . Go turn it on , it might prevent exploiters.
Hope this helps!
He might be using a serverside exploit, check your game for any backdoors
Agreed, the line require asset id is usually from a serverside. Backdoors come from free model viruses
If your saying he’s able to access the server console, then it’s most likely a backdoor in your game.
As cheap said, check your game for backdoors, anything that doesn’t look right.
FilteringEnabled is usually on by default, you can’t disable it either. This sounds 100% like a backdoor in your own game, allowing the exploiter to access the server side.
By the way, he also able to kick me even i was server owner
I checked, i think my game doesnt have any backdoor.
A user is unable to kick you without having something on the server, please check your game again, any free model with a script in it, anything really. The backdoor could be in any of your scripts (look out for random requires, etc).
How about the blocks ? Is it a free model or did u make it yourself
None of free model here, this game is absolutely have nothing, It bascially lobby of story game that undone
Try checking your plugins. Also what about that “AntiExploitModule”?
it was module i found it dev forum, so i decided to put it here, the exploiter cant do over speed move
Could you send the link to the devforum post
Also it could be one of your plugins that insert the backdoor before roblox sends the message to servers to publish and deletes it when it succesfully publishes, which could be why you don’t see anything else
here. Anti-Exploit Framework | UnknownParabellum - #55 by UnknownParabellum
by the way, the exploiter use exploit in my game before i put this module
It is probably one of your plugins
Does your script have any vulnerabilities? (eg. Error in your code that allows exploiters to bypass)
If u don’t know where is it , can you show the code so we can check?
Oh yes that is also a possibility
Let me show all code in my game
(Game script)
print("Hello world!")
(Script)
game.ReplicatedStorage.ConsoleError.OnServerEvent:Connect(function(plr,note,text)
if text == nil then
plr:Kick("NO HACK FOR U")
end
end)
(antiexploit)
local AntiExploit = require(script.AntiExploitModule)
AntiExploit:Start()
(localscript #1)
game:GetService("ScriptContext").Error:connect(function(message, stack, scriptFrom)
if scriptFrom == nil then
game:GetService("ReplicatedStorage").ConsoleError:FireServer(message, nil)
end
game:GetService("ReplicatedStorage").ConsoleError:FireServer(message, scriptFrom:GetFullName())
end)
(localscript #2)
game:GetService("Lighting").Name = tostring(math.random())
game:GetService("Workspace").Name = tostring(math.random())
game:GetService("ReplicatedStorage").Name = tostring(math.random())
game:GetService("Players").Name = tostring(math.random())
game:GetService("ReplicatedFirst").Name = tostring(math.random())
script:Destroy()
Doing this is essentially useless, not only does this make it harder for you to script things, it only changes their name once so all the exploiter has to do is find the new name, then just use that. It’s like changing “Workspace” to “Wrkspace”, it’s the same, just a different name.