How do I Make This Harder to Bypass?

Help and Feedback Scripting Support
#1

Hello, I’m currently working on an anticheat script. For one part of it, I want to stop cheaters from removing or disabling a LocalScript. I have achieved this by making a RemoteEvent be fired from the server every 5 seconds, and the client has a limited time to reply. If they do not reply within the allocated time, they get kicked.
The problem is that the cheater could simply make another LocalScript that replies to the remote, without the rest of the original LocalScript being there. How could I stop them from doing that?
If I can’t stop them, how can I at least make it more difficult?

If it helps, here’s how the code currently works:

-- server script

Players.PlayerAdded:Connect(function(Player)
	task.wait(10)
	local safe = true
	game.ReplicatedStorage.Reply.OnServerEvent:Connect(function(RepliedPlayer)
		if RepliedPlayer == Player then
			print("User replied!")
			safe = true
		end
	end)
	while task.wait(5) do
		safe = false
		print("Testing for reply...")
		game.ReplicatedStorage.Reply:FireClient(Player)
		task.wait(2)
		if not safe then
			Player:Kick("Anticheat")
		end
	end
end)

-- localscript

game:GetService("ReplicatedStorage"):WaitForChild("Reply").OnClientEvent:Connect(function()
	task.wait(0.1)
	print("Replying...")
	game.ReplicatedStorage.Reply:FireServer()
end)
#2

You could try obfuscating the entire script and include a special code within it. That way, they would need to reverse engineer it to find out.

You could evrn use an OTP generator to generate a unique code each time so they can’t intercept the RemoteEvent.

You still shouldn’t do this and should always secure your remotes from the server end

1 Like
#3

You can simply deter them from deleting the localscript by putting important game logic inside it. That way they will only be hurting themselves.

1 Like
#4

Thank you for your reply! I am aware that trying to implement anticheat on the client is a bad idea, however, my goal is to make it harder to cheat than it otherwise would be. Something like this would still be able to, at least for cheaters that don’t actually know how to code, deter them.

#5

Thanks for the idea! I’ll combine it with one of the other scripts so it’ll mess things up if they try.

#6

You could also combine it with my idea and obfuscate the script that way they wouldn’t be able to take the anti cheat part out of it.

EDIT: I’m pretty sure (unconfirmed) Roblox already sends bytecode to the client so it’s already pretty much obfuscated. However, I’ve seen certain types of obfuscation in exploit scriots that goes much deeper than just renaming things or converting to bytecode.

1 Like
#7

If I can’t stop them, how can I at least make it more difficult?

You can’t stop them, however making it more difficult would likely require more bandwidth, which wouldn’t be necessary due to the fact that it serves no purpose in the first place.

Exploiter have full control over their computer (which is the client).
This is just a waste of bandwidth, since it serves no actual cause.

2 Likes
#8

Yes, they send the bytecode to the client since it is replicated to them (this only applies for localscripts and modulescripts required by one).
However, your solution is not something anyone should consider, as it takes less to no time to deobfuscate the scripts involved.

#9

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.