Guide to Scripting Bots | Javascript Tutorial | FunCaptcha and New Host Info



I’m getting pretty disappointed to see that there are no updates at all for weeks.



Apologies for the late update, as promised here it is.

(This is a part of this thread, approved by Tech)

Note: This is strictly for a tutorial basis and is not to be used in any way that could potentially be harmful. Remember to stay in keeping with the ROBLOX rules!

Have fun! DM me or reply for answers to any questions you may have. I tried my best to comment most of the code to explain the function the line had.

let Discord = require('discord.js');
let roblox = require('roblox-js');
let bot = new Discord.Client(); // A client that we will use as our bot

let token = "DISCORD_TOKEN_HERE"; // Discord login token
let username = "username"; // ROBLOX
let password = "password"; // ROBLOX

let PREFIX = "!" // Prefix used for the command
let GroupId = 123456; // Group's ID

function login() {
    return roblox.login(username, password);

login() // Log into ROBLOX
    .then(function() { // After the function has been executed
        console.log('Logged in.') // Log to the console that we've logged in
    .catch(function(error) { // This is a catch in the case that there's an error. Not using this will result in an unhandled rejection error.
        console.log(`Login error: ${error}`) // Log the error to console if there is one.

bot.on("message", async message => { // Event runs when there is a new message
    if ( return; // Here we check if the message sender is the bot, if it is, it returns and does not carry any further.
    if (message.content.indexOf(prefix) !== 0) return; // Checks if the message has the Prefix

    // Here we separate our "command" and our "arguments/args" for the command. 
    const args = message.content.slice(prefix.length).trim().split(/ +/g);
    const command = args.shift().toLowerCase();

    // Checks if the command is matching the provided string

    if (command === "shout") {
        // if(!message.member.roles.some(r=>["ROLE", "ROLE"].includes( ) // OPTIONAL - Checks if the sender has the specified roles to carry on further
        //return message.reply("You can't use this command.");
        if (!args) { // Check if there's no arguments to use to shout, and return (stop going further)
            message.reply('Please specify a message to shout.')
        const shoutMSG = args.join(" "); // Joins the arguments minus prefix to form the message to be shouted

        roblox.shout(GroupId, shoutMSG)
            .then(function() {
                console.log(`Shouted ${shoutMSG}`); // OPTIONAL - Logs specified string to the console
                //'Shouted to the group!') // OPTIONAL - Sends a message to the channel
            .catch(function(error) { // This is a catch in the case that there's an error. Not using this will result in an unhandled rejection error.
                console.log(`Shout error: ${error}`) // Log the error to console if there is one.

setInterval(login, 86400000); // Executes the login function every 24 hours.

bot.login(token) // Logs into Discord
  • I found this easy to follow
  • I had trouble following this

0 voters


Finally, Good tutorial.


This isn’t a good implementation because the user is logged in all over again every time a shout is made when really you just need to login once at the top of the script and have an interval running once a day to re log in. If used often Roblox will block logging in with a captcha.


Alright I’ll edit it when I get the chance.


If you guys want any more tutorials to be made, don’t be afraid to ask here.


Made something like this on my own, you did a pretty good job of explaining it! Should maybe make it so it keeps the original shout but adds on its own part. So like lets say u had a shout “Play Now!!” and then the bot added on to the shout and made it “Play Now!! - Hello there!” and when a new shout is made it finds the “-” removes everything after it and sets it to the new shout. Thats how I do it anyways!


When I did the “git add” it just said “No such file or directory.”


Make sure your directory in your cmd/terminal is the directory your bot will be in, then do

git add .

Make sure to include the .


Anyone who has used this tutorial, please update your library, if you are using an older version your login will not work.

npm update -g roblox-js


Hey! I followed the tutorial and made my own bot, but it doesn’t work! I tried to figure out why this is happening and found this:

The application will not work on Heroku. This is because we store the cookie internally in a file, and files do not persist in Heroku.

(The sentence is located at the Drawbacks section of the file.)
So since roblox-js is deprecated and noblox.js doesn’t work on Heroku, what am I supposed to do now?


There is another library called ‘bloxy’ that works excellent wonders for those wanting to make a bot.
Here’s the link to the github: npm:


Pretty sure bloxy users are facing the same issue with not being able to log in with your cookie on Heroku.
Changing the library you use does not change the fact that Heroku has an ephemeral file system which results in files that are saved locally being deleted upon restart of an application. This means that if an application restarts after a file containing the current user cookie is saved, that file is lost resulting an error when another login is attempted.

@JimMoud Unfortunately there is not much you can do to combat this issue, I personally used Heroku to make some bots for hobby purposes but it is not possible to do that with the current login methods available. All you can do is attempt a login with username and password with a bot account that is a few weeks/months old and hope that you don’t face a captcha.

Alternatively if you have experience with databases, and you really want to use Heroku, I would suggest modifying the relog.js file in noblox.js to read and write the cookie using a database like MongoDB, rather than using a file locally. If you wish to change hosting to something that allows you to keep locally created files, I would recommend Digital Ocean.


I was getting a captcha almost every time, even if I ran the bot locally on cmdr and not on Heroku. My conclusion is that most of the bots have been broken since the new verification login update. One of them is probably the bot that accepted you into the DevForum Website group. I am pending for like 4 days and still not accepted.


Almost all bots do not work autonomously ‘forever’, like they used to, you are now at the mercy of the ROBLOSECURITY cookie expiring.


You can use bloxy with cookies, but I have not implemented a workaround like @Froast has done, using the “Sign out of all other sessions” feature on the settings page. This will be done soon though.


Maybe I should make a new tutorial that includes a database then. I dont even think heroku lets you update the environment variables from the script even.



You could possibly extend your current tutorial with MongoDB, as all you need to do is read and write from and to a value in the database rather than using fs to make a file in the bot directory.


I’m redoing this tutorial right now as a series of videos that will use mongoDB as it’s database so it can work with heroku. We’ll modify and remove part of the noblox code that creates and writes to a file.


I’d like there to be something more directed to lua users using HTTP if that’s possible and what not. I’ve been using lua to program discord bots and ran into the issue of not being able to read some of the presence api data without being logged in.
Other than that, great thing to have an updated version of this for all of those people who already know how to use it.