Exploiter problems

image883×902 109 KB

Recently, someone posted on my discord server about creating a mod menu for my roblox game! I don’t have any knowledge on exploiting, so I have no clue as to how it works.

This person is removing the entire map and ruining the game for all of the players. Also apparently, according to some people, players are being BANNED from the game by these exploiters!
I’ve tried making a complex anti exploiting script that includes flying and a bunch of stuff but somehow it doesn’t apply for this exploiter.

If anyone has any insight on how this person was able to achieve this mod menu and how it works + how to combat it, that would be perfect!

this could be because of a backdoor, or an improperly implemented remote check, make sure there isnt a backdoor in your game

Pretty sure there aren’t any backdoors, I have a plugin that checks for backdoors plus I’ve checked many times myself.

It’s bad that your experience is getting exploiters into it. However, looking at the screenshot, it’s probably just client-sided exploits. The worst they can do is fly around your game, and maybe fling people. The map isn’t getting deleted, it may look deleted but that only shows for the exploiter (client-sided exploits take place). I don’t have any way to help with the anti-cheat, but I can assure you that most of the stuff in that screenshot is fake and all client-sided things (sounds, btools). The flying is probably real, just with the use of infinite yield or something.

The map deletion is 100% serversided. Players are falling into the void. I’ve also encountered a really loud sound sometimes playing in the game.

In that case, I’d suggest you do look through almost every single script in the game, or just the scripts that hold things (Like Game Data) to make sure there aren’t any backdoors. A plugin can help with checking for backdoors too, but if it’s server-sided exploits, it’s something wrong with your games code. Sorry that I can’t really offer much, another way to bypass exploiters is to add a minimum account age system where a player has to join on an account like 3-7 days old. This prevents a majority of exploiters because they mostly use alternate accounts.

Open your place in Roblox Studio, open quite literally any script and hit Ctrl+Shift+F to open “Find in place”. Search up getfenv and require, and go through every result, see if any of them are suspicious.

I have a plugin that removes and getfenv and require scripts, so I don’t think I have any…

can you really trust the plugin though

Could you link said plugin, so I could take a look at the source code? There’s always a chance that the malicious script comes from the plugin.

https://create.roblox.com/store/asset/142273772/RoDefender-Plugin-v87
https://create.roblox.com/store/asset/381046418/Server-Defender-OFFICIAL-PLUGIN
They basically check for said scripts and delete them when pressing a button.
Thing is I make the scripts in the game myself so I don’t use require() and getfenv

I stand corrected, I took one look and instantly assumed it was a virus by some words

You likely have a backdoor in your game, here’s a few steps you can take to try to find what’s causing it.

1. Check all of your remote events and make sure they’re secured properly (i.e only admins can call admin panel events)
2. Use the ‘find in place’ search to look for instances of getfenv and require
3. Look through all of your scripts and modulescripts and make sure there isn’t any hidden code (for example really far indented so you need to scroll horizontally to see it). This takes time but it’s worth it.
4. If you’re using a random admin system that’s pretty obscure consider removing it temporarily and replacing it with a well-known one like adonis.
5. Check your Roblox studio plugins, similar to the admin system if there’s a random one that you don’t use anymore try disabling/removing it

I wouldn’t fully trust plugins to “clean” you game, hell for all you know they could just be adding their own backdoors in. Game security is a whole topic you could spend days researching, but hopefully what I said above should help

if you have the actual mod menu script, it’d be helpful

I re-looked and double checked both plugins. Although the Ro-Defender plugin has the sloppiest code ever, I don’t find anything wrong with them. As mentioned multiple times though, still look through scripts by yourself instead of relying on a plugin to do the safety work.

And also players are being banned by these said exploiters, pretty crazy stuff.

I see nothing wrong with those.

I wrote a quick script, run this in the command bar and see if anything weird shows up in the output

local ScriptEditorService = game:GetService("ScriptEditorService")

local function searchService(service: Instance)
	for _, descendant in service:GetDescendants() do
		if descendant:IsA("Script") and (descendant.RunContext == Enum.RunContext.Server or descendant.RunContext == Enum.RunContext.Legacy)
			or descendant:IsA("ModuleScript")
		then
			print("Found script:", descendant:GetFullName())
			
			local source = ScriptEditorService:GetEditorSource(descendant)
			if string.match(source, "require") then
				warn("Found require:", descendant:GetFullName())
			end
			
			if string.match(source, "getfenv") then
				warn("!!! Found getfenv:", descendant:GetFullName())
			end
		end
	end
end

local excludedServices = {
	CoreGui = true,
	CorePackages = true,
	PluginGuiService = true,
	
	ReplicatedStorage = true,
	ServerScriptService = true,
	ServerStorage = true
}

for _, child in game:GetChildren() do
	if excludedServices[child.ClassName] then
		continue
	end
	
	searchService(child)
end

Thank you! I’ll check right now.

Alright well exploiters can’t do that now, your game must be extremely crazily insecure if they’re able to ban users.

They can, though, if there’s a backdoor involved. They could be using Players::BanAsync().