Exploiters causing everyone to "lose connection"

sb1bo · August 19, 2020, 8:36pm

Hey there! I’m tempvIv, one of the developers for the small group known as Breve Cafe. Our staff are planning to host awards at our interview center (Interview Center - Roblox). However, there is a mysterious user exploiting. They basically delete the chat and workspace before causing everyone to lose connection.

The things our team has tried are:

Adding account age restriction of 5 days
Observing the game to make sure there are no backdoors

The account age restriction doesn’t do much and we have looked thoroughly for backdoors and cannot find any. Does anybody have any solutions to this?

MFCmaster1234 · August 19, 2020, 8:39pm

This seems like a very serious development team issue. I think you may have to re check the people who have access to the game. Unless of course someone is spamming requests to overload the server through an exploit, I can’t think of any way someone could do what you are describing as an exploit. Although, exploits continually surprise me every time a new one comes out.

jumbopushpop112 · August 19, 2020, 8:40pm

Did you happen to put a virus in your game?
Get this plugin and scan you game, this is 100% safe. Tell me if it says there is a virus.

jumbopushpop112 · August 19, 2020, 8:41pm

That plugin is safe, I use it. It will tell you if you have a virus. Also, check permissions.

sb1bo · August 19, 2020, 8:45pm

I downloaded and used the plugin you provided, however it did not find anything malicious.

AdjacentPhoenix · August 19, 2020, 8:45pm

To be honest you are asking for us to find a needle in a haystack. It really could be one of MANY things, as such you should assert the following.

Assert;

Do you have any remoteevents or remotefunctions that could harm your game?
Check below for a source scanner
Do you know exactly when this happens? When someone joins or just whenever a server starts?

RUN THIS SOURCE SCANNER IN THE CMD BAR

local STRINGSCAN = "loadstring"

local unpack = function(Table, TableTo) 
	for Index, Value in pairs(Table) do
		TableTo[Index] = Value
	end
end

local Table = {}

unpack(game.Workspace:GetDescendants(), Table);
unpack(game.ReplicatedFirst:GetDescendants(), Table);
unpack(game.ReplicatedStorage:GetDescendants(), Table);
unpack(game.ServerScriptService:GetDescendants(), Table);
unpack(game.ServerStorage:GetDescendants(), Table);
unpack(game.StarterGui:GetDescendants(), Table);
unpack(game.StarterPlayer:GetDescendants(), Table);

local Locked = function(Ins)
	local Ran, Error = pcall(function()
		local Str = tostring(Ins.ClassName)
	end)
	
	if Error == nil then
		return false
	else
		return true
	end
end

for Index, Ins in pairs(game:GetDescendants()) do
	if Locked(Ins) == false then
		if Ins:IsA("LuaSourceContainer") then
			if string.find(Ins.Source, STRINGSCAN) ~= nil then
				print("Found at: "..Ins:GetFullName())
			end
		end
	end
end

jumbopushpop112 · August 19, 2020, 8:45pm

You need to check permissions then, tell me if there is a name that you didn’t invite to edit the game.

sb1bo · August 19, 2020, 8:47pm

I just checked the people who have edit access to our game and they are all trusted .

jumbopushpop112 · August 19, 2020, 8:48pm

Check the scripts, is there a script that could allow someone to take control of your game?

jumbopushpop112 · August 19, 2020, 8:49pm

Do you happen to know the name of this person? You can add a script that will ban them from the game.

ZackWasTaken · August 19, 2020, 8:49pm

There’s something called server pinger that can lag the whole game i think it’s causing all of this

iFlameyz · August 19, 2020, 8:53pm

I remember playing on the kohls admin house where you could have admin perms there, exploiters used the admin perms to remove the chat and workspace and then they can shutdown the game, make sure the permissions of the admin if you have it in your game is set correctly

Hope i helped!

sb1bo · August 19, 2020, 8:54pm

Our game does not use any RemoteEvents or RemoteFunctions at all.
The source scanner does not print out anything.
This happens randomly, I cannot predict when this happens.

jumbopushpop112 · August 19, 2020, 8:54pm

Has your problem been solved, I hope you get this fixed.

sb1bo · August 19, 2020, 8:56pm

We do not know the name of this person, however we have already banned a few suspects.

AdjacentPhoenix · August 19, 2020, 8:56pm

Do you need HTTPService for anything?
You can monitor the HTTP traffic with F9 (Dev Console Server Traffic)

What kind of utilities are you running? (Admins, scripts, etc)

sb1bo · August 19, 2020, 8:56pm

The permissions of the admin are set correctly. We have disabled the script execution command for everyone, which still doesn’t resolve the problem.

sb1bo · August 19, 2020, 9:01pm

We use this admin.

HttpService is only enabled for importing meshes/decals using our F3X tool.

iFlameyz · August 19, 2020, 9:05pm

Ill check the admin script in a sec,

Also make sure any of the people with the perms aren’t betraying you ;3

MFCmaster1234 · August 19, 2020, 9:41pm

Hey. You use NO remote events/functions in game? How? is the game FE? If all your important game stuff happens on the client, then you are literally leaving it wide open for exploits.