Only exploits based on the humanoid will be very easy.
my man, everything on the client can be exploited whit ez if you have a minimum understanding of Roblox Lua, and the free executor are getting closer and closer in term or feature to pay one… nothing on client gonna stop them
1 Like
Ah so you think free executors arent just bitcoin miner programs. So guillible. And also skids make up most of the exploiter community therefore no insight on how to manipulate the client themselves.
Man pls stop answering this thread.
Just as everything that is free some are bad some are good who knows.
False-positive is a thing do to exploit nature.
Who cares even if they made up 99.99% of it it only takes 1 good script and they will all have it.
I literally never encouraged to let the server become vulnerable via the client but you assumed I did.
You could just do:
if not Player.Character:FindFirstChild("Anti-Cheat") and not Player.Character:FindFirstChild("Anti-Delete") then
Player:Kick("") -- Reason
end
Now, this would be an add-on to whatever script you have to detect if the scrips are deleted. I haven’t really ever checked a players CharacterScripts, so if a part of that is wrong, adjust it to be right.
Also client anti cheats are a good way of clearing some exploiters. Better than nothing?
Making client anti-cheat give people a false sense of security.
ig somewhat
Its true, I only said some basic scripts
That wont work, too if the script is a server sided script
2 Likes
NEVER use Local Scripts to enforce Anti-Cheats without server script enforcement. The exploiter will be capable of removing it without a problem, and then your anti cheat is gone.
If you have a LocalScript called “Anti-Cheat”, then you can simply create a Server Script and then check like every 10 seconds if the LocalScript is still there. If it’s not, then kick the player for unexpected client behavior. I would never ban someone for those things though, as there can always be a few bugs.
Hope this helped!
2 Likes
pls don’t encourage to use this.
Exploiter will only disable your local script or parent it to the workspace or a hat and remove it (prevent it from replicating when you remove it)
1 Like
Yeah I mainly do Method 3, as it basically makes it impossible to crack
Actually it does, Reread the post that’s literally what I was talking about lmao
That won’t work. Even if localscripts “appear” on the server, they only run on the client and that’s their only purpose.
It’s not to difficult to remove it from the client, and the server would be none-the-wiser since client-to-server changes aren’t replicated. Even if they were, and somehow FilteringEnabled was disabled, the client would simply not tell the server that it was gone and it would have no idea.
1 Like
exploiter can hook just about anything you do on the client and make it a normal value don’t rely on this…
1 Like
Whatever client anti-exploit you’re doing, if they’re physics-based like anti-fly, tp, noclip, walkspeed, etc, then do those on the server.
Anyhow, this is my server-side script for detecting objects that have been deleted. Unfortunately, the server cannot detect whether the LocalScript has been disabled or not, but this should definitely help:
local players = game:GetService("Players")
local function characterAdded(character)
while not character:FindFirstChild("HumanoidRootPart") do wait() end
local player = players:GetPlayerFromCharacter(character)
local antiExploit = script.antiExploit:Clone()
antiExploit.Parent = character.HumanoidRootPart
antiExploit.AncestryChanged:Connect(function(_, parent)
delay(0.5, function()
if parent then return end
player:Kick("Deleted client anti exploit.")
end)
end)
end
players.PlayerAdded:Connect(function(player)
player.CharacterAdded:Connect(characterAdded)
if player.Character then
characterAdded(player.Character)
end
end)
Result:
8 Likes
That’s not true at all, they can just target a specific part of the script or a specific connection ect.
1 Like
Exploiters will just disable it, easy.
Also here’s another quick solution; Add a handshake system basically every couple of seconds client will send a remote event and the server will list when it was fired, but if let’s say 30 seconds passed, and the remote event wasn’t fired you know; he/she or disabled the anti-cheat or blocked the remote event from firing.
1 Like