i am hosting a free ugc event and was wondering how hackers actually get the ugc without doing the task?
what a normal player has to do is play for 5 minutes and collect 500 of a currency and be in the group and their account has to be older than 30 days (might remove)
so my question is: how do exploiters/hackers get the free ugc
It really depends on what you do for your game.
It could be that there’s no sanity check on the server side that checks if you actually did the task, and it’s client-sided, making them just request the server for it without doing the task.
Or it could be a problem with the way you count time or the way you collect the 500 of the currency.
You have to make sure that your server side has integrity checks because exploiters can just skip everything and fire the remote event (for example).
Exploiters have a lot of stuff that they can modify; they have hooking and more environment modifying functions.
So the best way to avoid all of this is to make sure the server side doesn’t trust the client as much.
okay yeah i figured that but could they just prompt the purchase?
This actually was a problem before, but Roblox stopped the client from being able to fire a purchase prompt on in game limiteds.
so no