They do use memory checks and I was able to bypass that and run dex and find the detection script and disable it as well as make a bypass for it so memory check are just running from the propblem rather than facing it.
Android sure, but iOS users would have to close the app and reopen it every time, and/or switch to another app and switch back
Their anticheat is parented to nil, pings the server while being encrypted. It is pretty much impossible to do what you are claiming to do as the server will kick if the script is not pinging for 20 seconds!
If this is true, then it isn’t running. Even if it was, I’m 90% sure there is a getnilinstances method.
Why is the roblox-end of things not able to detect new instances of core gui?
1 Like
If I’m honest, I’ve been researching this subject for quite a while in the last few months and I did stumble upon a method, however, it’s unstable and it can cause a false positive.
Basically, the method consists of tracking the memory usage of the player at any given moment.
Usually, when a player opens darkdex/tries to download a map, they have a pretty client memory usage spike.
So what you can try is if the memory spike is big enough, crash the client instead of kicking it.
The reasoning behind crashing the client is that saveinstance() can only be cancelled by crashing the client.
How would you crash it? A simple while true do end would do.
Here’s a simple script I put together:
local plr = game.Players.LocalPlayer
local Statss = game:GetService("Stats")
local RunService = game:GetService("RunService")
local maxrate = 30
wait(5)
local previousCMU = 0
RunService.Heartbeat:Connect(function()
local CMU = Statss:GetTotalMemoryUsageMb()
if (CMU - previousCMU) > maxrate and previousCMU ~= 0 then
while true do end
end
previousCMU = CMU
end)
6 Likes
You can’t stop a script (nil or not) if there’s a loop or any activity going on inside.
Memory is volatile, tracking it is pointless.
1 Like
As for every single reply in this post, the only best mere way of detecting if someone may be exploiting is monitoring key input or mouse movements.
If a player is clicking over something that has nothing over it for your game, treat it sus.
You can’t view CoreGui as Roblox intends that for its own scripts. Yes, exploits may simply hide inside of it and there is nothing you can do about it.
Anything running on a client can and will be spoofed.
1 Like
I agree. Client-side anticheats are fundamentally flawed and mean that the developer doesn’t understand how the client-server model works. If your clients can do something they’re not supposed to by cheating - do your job and patch it on the server.
2 Likes
I also agree, but it doesn’t necessarily mean the developer doesn’t know how it works. Client side anti-cheats will stop 90% of exploiters. This is because most exploiters don’t have much knowledge, especially on bypassing this. Of course, someone will bypass it and others will start using it. Regardless, there will still be exploiters that are stopped by this detection.
Overall, if it’s possible on the client definitely do it as it will 100% stop some exploiters. Any slight nuisance is actually pretty effective. Not saying it shouldn’t be done on the server, though.
it simply makes them be skipped as if they don’t exist.
“Protects your “Gui” from recursive FindFirstChild-style attacks. After you call the function, recursive FFA calls from non-Synapse contexts will skip over your protected instances & all children of such instances.”
it can syn.protect_gui just make it be skip when you use FindFirstChild and sutch
I know Crystal Anti Cheat System some how detects illegal Guis, such as admin Guis, and dark dex. I however do not have a clue how?
They don’t detect any synapse GUI, it does however detect guis that don’t use any sort of protection.
Synapse uses syn_protect to protect the gui, jjsploit users are unfortunate though
It’s for them to know and for us to never find out. But tbh, I know how to bypass Crystal Anticheat and they’re extremely impactful on games, I only see bad performance games usually military groups that are small, with this anticheat and it false positives a ton, idk…I think Football fusion is #1 with anti-Dex.
thats alrdy been bypassed lmao
You don’t even need that anymore, FindFirstChild("name", true) doesn’t read core gui anymore… a simple: script.Parent = game.CoreGui will bypass any checks.
1 Like
ik… I was just talking about what it does… and they probably have that function so even if dev find a way around to detect coregui it cant be sean at all
It really only false positives if features in your game replicate certain behavior, as well as it could never beat a anti exploit made for a specific game. Crystal is made for the masses and not specific games.