What do you want to achieve?
Hi, I am P_xul, the owner of a new group named Ahwa. It’s growing pretty fast; we went from 29 members to 318 in 10 days. As you know, the more you get people playing your games, the more you’ll get exploiters. Usually, it’s easy to get rid of them, as most of exploiters that play my games use flying or no limbs exploits, so my administrators can spot them easily and ban them. I personally use Basic Admin Essentials 2.0 to protect my games and only certain ranks have moderator/administrator/super administrator commands.
What is the issue?
So, my group is a café-based group (company group). In order for people to get a job, they must pass an interview and a training. High Ranks of my group host Interview Sessions and Training Sessions daily, as we have a demand for them. Unfortunately, there has been an exploiter kicking everyone from these sessions for the last week. My Vice Chairman, @COUNTYL1MITS, and I have been looking for backdoor scripts in our games. We did find backdoor scripts, so we deleted them. We thought it would fix the problem, but the exploiter is still kicking everyone in these sessions. I first thought it could be an administrator kicking everyone, but the thing is that I get kicked as well in these sessions, when I have the highest administrator permissions as the game creator, and with BA Essentials 2.0, you cannot kick someone that has higher administrative permissions than you.
What solutions have you tried so far?
I looked for solutions on the Developer Hub, but I found nobody having the same issue. I tried to look at the console tab when the exploiter kicked everyone from the server, but I only got trolling printed messages. I would like to know if there would be any way to patch this and/or find who it is so I can ban them from my games.
I will include pictures of the backdoor scripts I found and the messages I saw in the console tab.
As i said, there might be another backdoor. Maybe there is a free model from the Toolbox that is causing this. For op: have you considered to talk with WeAreDevs? The guy who made the virus. I went to his website and I found the virus:
Maybe, you can use a shortcut to check stuff in scripts (Ctrl+Alt+F) and try to search WeAreDevs or Require, that might get the script causing this issue.
Alright, I have searched the games. Nothing shows up for WeAreDevs and require is only being used to require modules which there is quite a few of them.
I don’t recommend using anti-virus plugins but I’d recommend searching for getfenv or looking through all your server scripts to try and locate the vulnerability.
Have you reviewed your in-game scripts, I believe it may have came from a script giving instance to a module script, have you added any free models that might contain something malicious?
This is not an exploit this is just backdoor and has nothing to do with “JJSploit”, would you be kind enough to send me the obfuscated scripts source? @COUNTYL1MITS
