How do you detect dark dex?

It was well deserved because they gave a misleading script that’s considered a trojan.

3 Likes

Yeah, I did! I didn’t join here for it to be treated like some gang where everyone follows rules and lines up like the military. I joined here to develop with others and learn, while having fun at the same time.

Please don’t swear here, you may know what it means but you didn’t get the point of it

I’m pretty sure with legit close to no scripting experience or just putting it into the script editor that you know it’s fake.

Well then this explains your rotten attitude towards everyone.

If you wanna continue go dms to avoid off topic, thanks.

7 Likes

It is indeed possible to detect dark dex without using stupid ways like gcinfo(), one of the ways would be using preloadasync (with which i am not going to go in detail).

3 Likes

Cry about it.
Humans are humans if he wants to add a lil humor I don’t see the issue. Don’t be “that guy” :pray:

3 Likes

That method is OP I can vouch.

But I will!

This is the current Dex (and GUI) detection:

game:GetService("ContentProvider"):preloadAsync({game.CoreGui}, function(assetid, status)
    if assetid:find("rbxassetid://") then
        while true do end --We can confirm that this is a unknown gui as no roblox gui in coregui uses rbxassetid://, so lets crash them
    end
end)

How this works:

Basically, we request a preload from game.CoreGui, then we check if an assetid contains rbxassetid:// (as no roblox coregui object uses rbxassetid://), if there is, we crash the client.

29 Likes

you could send the clients guis to the server via remote and just check on the server :man_shrugging:

2 Likes

you can’t use game.CoreGui on your script.

1 Like

They’re not misleading, I actually BOUGHT it myself.

1 Like

Well, does it work? Have you actually tested it with multiple exploiters?

1 Like

you can bypass this using metatables.

Ofcourse, your number 1 rule is never ever trust the client ever.

2 Likes

I will give you an true answer.

ya don’t.

why? The proof is simple. The owners of dark dex and other versions of it can easily patch it. Or even the exploiter himself can bypass it in many ways.

let’s just make a list.

metatables
disable localscript
destroy localscript
set localscript parent to nil
etc

you can never rely on localscripts as an anti exploit , it’s better to rely on serverscripts as anti exploits.

1 Like

The exploiter can destroy the localscript and send malicious data to the remoteevent. So the server will think “oh it’s safe.”

1 Like

Yes it does work, source is obfuscated can’t say more

1 Like

the function preloadasync doesn’t security level check, so it won’t error, and will just return the assets in coregui

2 Likes

What’s to stop the cheat author from simply making the cheat executable install its image assets locally, in the Roblox content folder?

1 Like

Don’t know why this is even a debate. You can’t patch gui exploits unless your game has no guis at all.
You also can’t give your gui a special boolvalue that allows it to bypass, because the exploiter can find this boolvalue and just add it to their ui.

In conclusion, don’t worry about something you can’t fix. Worry about your remote event security.

3 Likes

Can you send me a list of all the functions you know that does not have any CoreGui checks at DMs?

(it would help so much!)

IIRC obfuscation does nothing, the code is compiled to bytecode before being ran, so there’s no whitespace, and variable names are lost, so decompilers need to automatically beautify the code to make it readable.

1 Like

Ok but they can’t “unobfuscate” the code just beautify it still won’t be readable but you never know I heard synapse v3 basically makes obfuscations useless but those claims haven’t been backed up .

1 Like