Group Audit Log Reverter

Resources Community Resources
#1

Group Audit Log Reverter

Hi everyone!!

From the time that I began working in roleplay groups, abuse has always been a major problem. This is especially true for groups that sell ranks or hire untrustworthy staff into their executive teams. With more and more attacks being launched via code, it is becoming easier and easier for abusers to simply rank 10,000 members in a matter of seconds. Believe me, nothing crushes your heart more than waking up to find that 19,000 members have been kicked out of your group (yep… been there). Although this script can’t help you gain back 19,000 kicked members, I hope that it will help you revert 10,000 members who are now in the wrong ranks because of an abuser.

As a result, I decided to make a piece of code that would allow anyone (or, at least, people who have a semi-decent idea of how to get around Node.JS) to revert any abuse that happens in a group. The script itself should be relatively easy to set up and the entire process shouldn’t take longer than a couple minutes to revert any one person’s abuse once it is completely set up.

PLEASE NOTE: This resource should NEVER be the only thing you depend on for protecting your group against abuse. This is ONLY a failsafe and should only be treated as such. Proper measures, such as restricting permissions, should take priority over relying on this script.

Download

Github link: GitHub - Nickanda/AuditLogReverter: Quick script that reverts Roblox group audit logs based on the settings.

All instructions will be included in the Github on setup, installation, and usage.

Instructions copied from Github

AuditLogReverter

Quick script that reverts Roblox group audit logs based on the settings.

Installation

To begin, clone the respository onto your computer. Using a code editor, download the bloxy NPM package by running npm i --legacy-peer-deps.

(the following instructions are completely optional, but will aid in the autocomplete)

Once the download is complete, open up your node_modules folder and locate the bloxy folder. When you find this, open up the folder and follow this path to find the Groups API file: src/client/apis/GroupsAPI.ts. Open up the Groups API file.

Ctrl + F the word GetGroupAuditLogsOptions and go to the first selection that comes up. It should be something like:

export type GetGroupAuditLogsOptions = {
    groupId: number;
    actionType: "DeletePost" | "RemoveMember" | "AcceptJoinRequest" | "DeclineJoinRequest" | "PostStatus" | "ChangeRank" | "BuyAd" | "SendAllyRequest" | "CreateEnemy" | "AcceptAllyRequest" | "DeclineAllyRequest" | "DeleteAlly" | "DeleteEnemy" | "AddGroupPlace" | "RemoveGroupPlace" | "CreateItems" | "ConfigureItems" | "SpendGroupFunds" | "ChangeOwner" | "Delete" | "AdjustCurrencyAmounts" | "Abandon" | "Claim" | "Rename" | "ChangeDescription" | "InviteToClan" | "KickFromClan" | "CancelCLanInvite" | "BuyClan" | "CreateGroupAsset" | "UpdateGroupAsset" | "ConfigureGroupAsset" | "RevertGroupAsset" | "CreateGroupDeveloperProduct" | "ConfigureGroupGame" | "Lock" | "Unlock" | "CreateGamePass" | "CreateBadge" | "ConfigureBadge" | "SavePlace" | "PublishPlace";
    sortOrder?: "Asc" | "Desc";
    limit?: 10 | 25 | 50 | 100;
    cursor?: string;
}

Add a userId?: number; into the type definition. It should look something like:

export type GetGroupAuditLogsOptions = {
    groupId: number;
    actionType: "DeletePost" | "RemoveMember" | "AcceptJoinRequest" | "DeclineJoinRequest" | "PostStatus" | "ChangeRank" | "BuyAd" | "SendAllyRequest" | "CreateEnemy" | "AcceptAllyRequest" | "DeclineAllyRequest" | "DeleteAlly" | "DeleteEnemy" | "AddGroupPlace" | "RemoveGroupPlace" | "CreateItems" | "ConfigureItems" | "SpendGroupFunds" | "ChangeOwner" | "Delete" | "AdjustCurrencyAmounts" | "Abandon" | "Claim" | "Rename" | "ChangeDescription" | "InviteToClan" | "KickFromClan" | "CancelCLanInvite" | "BuyClan" | "CreateGroupAsset" | "UpdateGroupAsset" | "ConfigureGroupAsset" | "RevertGroupAsset" | "CreateGroupDeveloperProduct" | "ConfigureGroupGame" | "Lock" | "Unlock" | "CreateGamePass" | "CreateBadge" | "ConfigureBadge" | "SavePlace" | "PublishPlace";
    sortOrder?: "Asc" | "Desc";
    limit?: 10 | 25 | 50 | 100;
    cursor?: string;
    userId?: number;
}

Save the file and the autocomplete should be complete!

Usage

In the main folder, create a new file settings.json. Copy and paste anything in the settings.json.example file into the settings.json file. Once you have all of the settings set up, all you have to do is simpy run node . and the script should run!

Settings explained

cookie

This is your Roblox cookie. For the purposes of security, it is best to use an alternate account or an account that does not have anything valuable. Rank this account to the lowest permission so that in the event that this account is breached, you do not risk as much as you would if you used your main account. For more information on protecting your account, visit this DevForum article: How to protect your Roblox account: Advanced guide

To get this cookie, open up your browser and go to https://roblox.com/. Right click the website and click on Inspect. Something should pop up on the right side of the screen. If you don’t see an Application button on the top row of the right side of your screen, open up the dropdown menu on the top row and click on Application. Under the Cookies button in Storage, open up the cookie that has https://roblox.com/ in its name. Once you click on this, your cookie will be stored in .ROBLOSECURITY and it should start with something like: _|WARNING:-DO-NOT-SHARE-THIS.--Sharing-this-will-allow-someone-to-log-in-as-you-and-to-steal-your-ROBUX-and-items.|_.

IMPORTANT: KEEP THIS COOKIE ABSOLUTELY SECRET AND DO NOT SHARE WITH ANYONE ELSE UNLESS YOU WANT YOUR ACCOUNT BREACHED

groupId

ID of the group that you want to revert the audit logs for.

personDoingTheAbuse

ID of the person that you want to revert. For example, if I abused in a group, then I would put my own ID in this field.

iterations

How many times you want the reverter to run. By default, the reverter will get 50 actions per page by a certain user, and go through 30 pages (totalling 1500 actions by a user).

cutoffTime

This is the time at which you want the reverter to stop. Any actions made by a user before this time will not be reverted. I put this in place because an abuser may not have been an abuser the entire time that they’ve been in the group; they could’ve had some non-abusive actions that we want to avoid reverting. This time follows a very specific format that I will detail below. Please note that all times follow UTC. Please convert accordingly.

Format: YYYY-MM-DDTHH:mm:SS.sssZ

  • YYYY - Year
  • MM - Month (01 being January)
  • DD - Day
  • HH - Hour
  • mm - Minute
  • SS - Second
  • sss - Millisecond

For example, if the date was January 15, 2022 at 11:00 AM EST, then the time string would be 2022-01-15T16:00:00.000Z (UTC is five hours ahead of EST, so it’d be 4 PM or 16:00 rather than 11:00).

Questions?

I know this is a bucketload of information for a script that’s quite literally only 50 lines long, but if you have any questions at all about the usage of this script, please feel free to reach out to me on Discord, on the DevForum, or reply on the thread.

Enjoy!

Please let me know if you encounter any issues or if there are any problems with the code itself.

10 Likes
#2

Amazing tool! Will definitely use if an abuse comes along my groups. Is it alright if I link a discord bot to your tool, if I give you credits for the audit log script?

#3

I’m fine with you doing whatever you want with it - it’s why I made it open sourced!! :slight_smile:

2 Likes
#4

You mean legacy?

Bad advice. If the cookie gets compromised, that’s your account on the line.

1 Like
#5

Yep… thanks for catching that typo.

1 Like
#6

The possibility is still open. You did not explain how to secure the cookie (.env file, etc). Regardless, telling people to use their own cookie is dangerous as there are so many ways it can get compromised.

1 Like
#7

That’s not his job, per say.

If someone using this wants to find out the best way to secure their cookie, they can find a tutorial which explains how to do that, search around, or reach out to the community. This is a thread about a resource for reverting certain group-specific actions, not a tutorial for securing cookies. While OP could enhance the thread by adding it, that would really be going above and beyond. OP does not have an obligation to do that and walk them through every step of that process — that’s outside the scope of what this thread is supposed to be about (thread is a resource, not a tutorial).

#8

It is a security measure and therefore important. OP could have simply posted a link to a topic about securing cookies.

When you introduce a potential problem, it’s your job to offer the solution if it is avoidable, and if you don’t, then you’re being careless. People who don’t know what cookies are could accidentally expose their main account’s cookie and have their account compromised because they read this tutorial. It is not “above and beyond” - it’s being responsible.

P.S. I would actually consider this a tutorial since it contains steps on how to set it up. A resource is one that requires little-to-no setup. Furthermore, this “resource” uses Node.JS, which I would not expect most Roblox Lua developers to know.

1 Like
#9

Regardless of whether you consider it a tutorial, the subsection is clearly #resources:community-resources . Many resources have instructions and examples, because that makes them more useful for people. Taking a module for example, while a developer could simply post their code, it’s makes a lot of sense to be more thorough than less and provide examples, documentation, etc. for numerous clear reasons. It’s not inherently required, although I could see the point that it’s expected. That’s still different though.

OP is going above and beyond by actually spelling out how to use nearly every aspect of the resource. That’s not actually necessary - they are just being thorough. As I have said before, this is not a cookie securing tutorial. OP is not required to give them explicit instructions or even references on how to do this. I agree that that would be a positive addition to the thread (one that a lot of people would probably find helpful). But I don’t think it’s fair to assume or indicate that OP is being negligent or exposing people to unforeseen risk by not including that themselves.

Furthermore, you haven’t listed any explicit reasons why OP actually needs to provide thorough instructions for securing the cookie in a manner specifically relevant to this resource. Yes, if the cookie gets compromised that’s clearly bad news, but how is that going to happen in this case? By someone showing the cookie and code usage to someone else? OP explicitly says not to do this, what more is there to be wary of? I’ll be very clear that I’m not an expert on Node.JS + Roblox use, but from what I understand the code is communicating directly from the developer’s PC → Roblox API? If I’m misunderstanding things, please let me know so that I can learn too and get a solid understanding of what is going on since that’s not my area of familiarity, but if I’m understanding the basic concept well enough, then in what situation would a malicious actor be able to snatch the cookie unless the developer shares it with them explicitly? Again, OP is very clear that they should not do this.

Like I said, I am not an expert at all when it comes to this, so if you’d like to clarify I’d love to continue the discussion (preferably in DMs, because I don’t want to continue sidetracking the thread), but bottom line is that OP does not have the burden of explaining cookie security on a post explaining a resource they created for reasons listed above.

1 Like
#10

It’s literally common sense. You’re like one of those companies that get compromised, and then inform their users months later and expect to take no blame for being the reason their online safety has become compromised, to begin with. If you’re going to expose people to danger by giving them a tool you created then you have a responsibility to keep their data safe, to begin with.

Since you wanted to be technical about the forum and this “resource” Node.js is out of the scope of this forum. Yet here we are. “I am not an expert at all when it comes to this, so if you’d like to clarify I’d love to continue the discussion (preferably in DMs, because I don’t want to continue sidetracking the thread)” :slight_smile:

1 Like
#11

I don’t like to insert myself into debates, but I will contradict this one point. These companies are private companies with private code with for-profit uses between their own service and the data about their users. The code that I am providing to users free-of-charge with no form of data collection that goes on. If the user uses it normally (which is, for anyone who isn’t decently knowledgeable in Node.JS), this code would not be distributed to other people and would be kept local and private. Under these normal circumstances, a user’s account would not be breached unless they shared their code with someone else, which I explicitly cautioned against.

On a side note, I added another disclaimer about using alternate accounts with low permissions and valuables, and another DevForum article detailing more information about securing accounts. Hopefully this should resolve some of the security issues mentioned by a few users here. Let me know if there’s any other issues that could arise.

1 Like