So very recently I have made anti-exploit scripts and wanted to log them on Trello, I am using the API Module by @GetEnveloped Roblox to Trello Guide
Now the main problem here arises that my anti exploits are in Starter Char and or Starter Player, and I have tried using RemoteEvents, to fire them once exploit is detected and then the player to be kicked, but that didn’t work out as well, so now I have tried using Remote Functions but still having the same issues, I am Invoking the Server and then in my Server Script, this is the code.
local TrelloAPI = require(game.ServerScriptService:WaitForChild("UTAPI")) --Utapi is the API Module
local BoardID = TrelloAPI:GetBoardID("Test") -- My board name
local ListID = TrelloAPI:GetListID("Exploit Logs",BoardID) --My list name
local function antiteleport(player)
local NewCard = TrelloAPI:AddCard(player.Name .. ":" .. player.UserId,"Reason: Kicked for teleport exploits",ListID)
end
local function antifly(player)
local NewCard = TrelloAPI:AddCard(player.Name .. ":" .. player.UserId,"Reason: Kicked for fly exploits",ListID)
end
local function antibackpack(player)
local NewCard = TrelloAPI:AddCard(player.Name .. ":" .. player.UserId,"Reason: Kicked for tools not allowed in backpack",ListID)
end
local function antihealth(player)
local NewCard = TrelloAPI:AddCard(player.Name .. ":" .. player.UserId,"Reason: Kicked for exceeding maximum health",ListID)
end
local function antijumppower(player)
local NewCard = TrelloAPI:AddCard(player.Name .. ":" .. player.UserId,"Reason: Kicked for exceeding maximum jump power",ListID)
end
local function antiremoveexploitscripts(player)
local NewCard = TrelloAPI:AddCard(player.Name .. ":" .. player.UserId,"Reason: Kicked for attempting to disable anti exploit",ListID)
end
local function antigravity(player)
local NewCard = TrelloAPI:AddCard(player.Name .. ":" .. player.UserId,"Reason: Kicked for exceeding the minimum gravity",ListID)
end
local function antiwalkspeed(player)
local NewCard = TrelloAPI:AddCard(player.Name .. ":" .. player.UserId,"Reason: Kicked for exceeding the maximum walkspeed",ListID)
end
local function antihipheight(player)
local NewCard = TrelloAPI:AddCard(player.Name .. ":" .. player.UserId,"Reason: Kicked for exceeding the maximum hipheight",ListID)
end
game.ReplicatedStorage["Anti-Teleport"].OnServerInvoke = antiteleport
game.ReplicatedStorage["Anti-Fly"].OnServerInvoke = antifly
game.ReplicatedStorage["Anti-Backpack"].OnServerInvoke = antibackpack
game.ReplicatedStorage["Anti-Health"].OnServerInvoke = antihealth
game.ReplicatedStorage["Anti-JumpPower"].OnServerInvoke = antijumppower
game.ReplicatedStorage["Anti-RemoveExploitScripts"].OnServerInvoke = antiremoveexploitscripts
game.ReplicatedStorage["Anti-Gravity"].OnServerInvoke = antigravity
game.ReplicatedStorage["Anti-Walkspeed"].OnServerInvoke = antiwalkspeed
game.ReplicatedStorage["Anti-HipHeight"].OnServerInvoke = antihipheight
No the thing is the card isn’t getting added at all, it was once I had it in RemoteEvents and in a while loop but then it added thousands of cards. With my username and my playerid which I had also put in.
That’s probably because of the while loop.
It’s in a loop, so thats why.
If you want to break the loop then just put break
Actually, are you doing while wait(number)? if so then whats the number.
That’s the issue. We don’t want that.
Maybe try getting a .Changed function from the humanoid for walkspeed or jumppower.
OR
If they try flying then you can get a local script and
get the player’s character.
Do .Changed on the character and see what object was added.
And then you fire the remote ONCE instead of doing a while wait() loop.
You can do remote events or remote functions.
Remote functions can have a function where it gets the module and actually fires it.
If the client tries tricking them then it can try getting the player’s character and check the humanoid for its walk and jump, or do for i,v in case if an unwanted object is in thier character, and if that unwanted object or walk or jump is correct then you can send the info to the trello. If not then you can still ban them because like, they are exploiting.
Unless your doing local function for the function you want the remote function to take then you will not get the player object as the very first value.
If you are then you are recieving the player object as the first value.
RemoteFunction.OnServerInvoke = checker
because the checker is checking them right
and for remote events, it can basically do the same. It can also get the player as the very first value, if your giving it like a local function.
You shouldn’t do anti exploits on client.
As it appears you are making the client tell the server they are exploiting however this is very much bypassable.
If a client is hacking, liklihood is they know how to disable whatever part of the code is or whole script is firing events or remotefuntions, completely ruining effort you put in.
To be clear you should only ever do anti-exploit sanity checks on the server. You have to assume every client is a super experienced exploiter and can bypass anything given directly to them. Clients can lie about data being sent to the server, completely stop data being sent to the server, manipulate data, values, objects etc (especially the character where they are the network owner). The rule is and always has been Never, ever, trust the client. The only thing you can trust is the server.
Not necessarily. Although, yes, it is ideal to do checks on the server. However, that does not mean you cannot do checks on the client.
I would use a module script, as they can keep running after they are deleted.
something like this:
Module Script:
local module = {}
module.ExploitDetector = function()
print("Exploiter detected")
end
return module
LocalScript:
local moduleObj = -- path to module
local Exploitmodule = require(moduleObj)
Exploitmodule.ExploitDetector()
print("Destroying..")
moduleObj:Destroy()
Exploitmodule.ExploitDetector()