Is the HD admin script you inserted a trojan? Could be a backdoor from an untrustworthy source posting altered scripts. There is no way this player is able to do these things without it being in a script somewhere.
Local __IDS = {
1280705447
}
game.Players.PlayerAdded:connect(function(__PLR)
for _,__IDS in pairs(__IDS) do
if __PLR.UserID == __IDS then
__PLR:Kick("Bye")
end
end
end)
“I couldn’t tell you but i mostly used ur game module and ur remoteplayer event to call remote on player and control him”
His words
?? What ?? That probably means hes using a remote event to fire an HD Admin command?? I literally don’t undersatnd what he’s saying.
i dont either all my remotes are useless
Can you check if any of your remotes are using OnServerEvent?
aprently this guy gets paid to hack games for a certain amount of time
He doesn’t hack, he’s lying to everybody he’s getting paid from. He’s using a backdoor and certain events that involve changing the game objects on server.
The only thing that he can “hack” is manipulate his own character which is 100% avoidable.
Also some FE Fling scripts which is also very 100% avoidable.
Check your game.
how can he use the remote to do anything that isnt in the server script
i cant read that very close
require(game:GetService(“ReplicatedStorage”):WaitForChild(“HDAdminSetup”)):GetMain():GetModeule(“API”):SetRank(game.Players.ysername, 4, “perm”)
if anyone wants to help me test or find out how to fix this lmk because this is annoying
Just a script kiddie gaslighting you. You can’t control players through remote events. This sounds like every young fella that considers themselves a hacker because they bounce around lists of backdoored games to use their vermillion scripts on.
This must be a backdoor somewhere; check for any requires like others pointed out. If your game doesn’t use API or HTTP services by your own design, consider disabling them as well.
Here, I wrote something for you to debug all of your remote events. Consider using this and seeing if you can catch them ‘in the act.’ Might be useful to monitor unwanted traffic in general?
local function dump(v, ply, ...)
warn(string.format("%s (%s) has called an event \"%s\"!\nThey passed the following parameters:\n%s", ply.Name, ply.UserId, v.Name, #{...} ~= 0 and table.concat({...}, ", ") or "(none)"))
end
for _, v in game:GetService("ReplicatedStorage"):GetDescendants() do
if not v:IsA("RemoteEvent") then continue end
v.OnServerEvent:connect(function(ply, ...)
dump(v, ply, ...)
end)
end
game:GetService("ReplicatedStorage").DescendantAdded:connect(function(v)
if not v:IsA("RemoteEvent") then return end
warn(string.format("A remote event \"%s\" has been added during runtime!", v:GetFullName()))
v.OnServerEvent:connect(function(ply, ...)
dump(v, ply, ...)
end)
end)
This will dump all info of remote event traffic, be it in studio or added during run-time (which some backdoors I’ve seen will be)
If anyone finds this useful in general let me know
*Expected output:
MP3Face (4152164) has called an event "test"!
They passed the following parameters:
arg, hacks, 0
2 Likes
This actually seems very useful! Appreciate it! I was wondering if it is possible to output the results in a webhook call instead?
1 Like
Great hope it helps. You mean, posting the results to a third-party server? Or warning in console if a webhook gets a return? Sniffing webhooks would be different since they’re not an instance you can globally reference/listen for it being added AFAIK; I could try a few ideas if you want to DM me on here.
1 Like
Well, if the hacking keeps happening.
Mind showing some gifs of you scrolling through some keyword searches that he asked earlier?
In the nicest way possible, not long ago I had a dude said he checked the keywords and said everything is fine but when he showed a gif of him scrolling it was full of backdoors.
Yea I can do that, I also got more information out of him and apparently they are using one of my models to edit the script and use require
Then it could be a vulnerability you yourself wrote unknowingly.
I’d suggest validating any remotes that takes a parameter sent by the client and runs require on said parameters.
You could be sending a ModuleScript instance and using require on it in the server but not realize that it could also take a number/id as a input.
if you used models off the toolbox, are you absolutely sure none of them include a virus script? if possible go through all of them and check that they don’t have hidden code, like pushed off with a bunch of spaces or something
Nah it doesn’t do that my remotes don’t do anything but update what the client put in a text box