Exploiter crashing servers

Help and Feedback Scripting Support
#1

Hey guys, I’m not the best at working this stuff out but we’ve been having an exploiter joining our games and crashing the servers. Here’s what comes out on the console:

exploiter
exploiter1005×214 248 KB

Here’s the Core.Function script:

script.Parent.RemoteEvent.OnServerEvent:Connect(function(Player, Type)
		if Type:lower() == "r6" then
			require(script.R6).load(Player.Name)
			return
		end

		if Type:lower() == "r15" then
			require(script.R15).load(Player.Name)
		return
	end
end)

and here’s the R6 script:


local Converter = {}
function Converter.load(Plr)
	Plr = game:GetService("Players"):WaitForChild(Plr)
	local FalseChar = script:WaitForChild("R6CHAR"):Clone()
	local PlayersCharacter = game.Players:GetCharacterAppearanceAsync(Plr.UserId):Clone()
	local FaceID = (Plr.Character:WaitForChild("Head"):FindFirstChild("face") or {Texture = "http://www.roblox.com/asset/?id=144080495"}).Texture
	local Accessories = {}
	FalseChar:WaitForChild("Head"):WaitForChild("face").Texture = FaceID
	FalseChar:SetPrimaryPartCFrame(Plr.Character:WaitForChild("HumanoidRootPart").CFrame)
	for _,Prt in pairs(PlayersCharacter:GetDescendants()) do
		if Prt:IsA("Accessory") or Prt:IsA("Hat") or Prt:IsA("BodyColors") or Prt:IsA("CharacterMesh")or Prt:IsA("Pants") or Prt:IsA("Shirt") or Prt:IsA("ShirtGraphic") or Prt:IsA("Tool") then
			table.insert(Accessories,Prt:Clone())
		end
	end
		
	for _,Prt in pairs(Plr.Character:GetChildren()) do
		Prt:Destroy()
	end
	for _,Prt in pairs(FalseChar:GetChildren()) do
		Prt.Parent = Plr.Character
	end
	for _,Prt in pairs(Accessories) do
		Prt.Parent = Plr.Character
	end
end



return Converter

The previous owner of our group hired someone to script these, so if anybody could help out it’d be appreciated!

1 Like
#2

I Think that’s the solve:

Core.Function

if string.lower(Type) == "r6" then
			require(script.R6).load(Player.Name)
			return
		end

if string.lower(Type) == "r15" then
			require(script.R15).load(Player.Name)
			return
		end
1 Like
#3

Thank you. I’ll see if the exploiter joins again and see if it works.

#4

Alright Np, Have A Nice Day. .

#5

What happens is they exploit this event with firing it really frequently. Your API request limit per minute fills up with GetCharacterApperanceAsync. You can develop a basic cooldown system like this:

local cooldowns = {}
local cooldownForSeconds = 1 -- put a meaningful value here depending on your usage
script.Parent.RemoteEvent.OnServerEvent:Connect(function(Player, Type)
                if cooldowns[Player.UserId] and os.time() - cooldowns[Player.UserId] < cooldownForSeconds then return end -- or if you use milliseconds and you are sure that your value is not reachable manually, you can kick
                cooldowns[Player.UserId] = os.time() -- If you want to use values lower than 1 second, you can use tick() or DateTime milliseconds.
		if Type:lower() == "r6" then
			require(script.R6).load(Player.Name)
			return
		end

		if Type:lower() == "r15" then
			require(script.R15).load(Player.Name)
		return
	end
end)

I’m on mobile so formatting is pretty bad and I haven’t tested it but it shall work.

2 Likes
#6

Got this error:

Players.Gumision.PlayerGui.UI.Scripts.Core.Function:4: Expected identifier when parsing expression, got 'if'

Any ideas on how to fix it? Thanks!

#7

Copy-paste the script again, I fixed it. I put an if after and by accident. Typing on mobile brings up these mistakes.

1 Like
#9

Nevermind, found out how. It’s not letting me delete the reply for some reason.

#10

Would this be a local script? Where would you place this?

#11

It’s just a fix for OP’s script.