How do you detect dark dex?

Lobestone · August 9, 2021, 12:46am

Memory is volatile, tracking it is pointless.

Lobestone · August 9, 2021, 12:49am

As for every single reply in this post, the only best mere way of detecting if someone may be exploiting is monitoring key input or mouse movements.

If a player is clicking over something that has nothing over it for your game, treat it sus.

You can’t view CoreGui as Roblox intends that for its own scripts. Yes, exploits may simply hide inside of it and there is nothing you can do about it.

Anything running on a client can and will be spoofed.

qwertyexpert · August 13, 2021, 3:38pm

I agree. Client-side anticheats are fundamentally flawed and mean that the developer doesn’t understand how the client-server model works. If your clients can do something they’re not supposed to by cheating - do your job and patch it on the server.

Fusionet · August 17, 2021, 3:41am

I also agree, but it doesn’t necessarily mean the developer doesn’t know how it works. Client side anti-cheats will stop 90% of exploiters. This is because most exploiters don’t have much knowledge, especially on bypassing this. Of course, someone will bypass it and others will start using it. Regardless, there will still be exploiters that are stopped by this detection.

Overall, if it’s possible on the client definitely do it as it will 100% stop some exploiters. Any slight nuisance is actually pretty effective. Not saying it shouldn’t be done on the server, though.

AusRin0177 · August 28, 2021, 1:41pm

it simply makes them be skipped as if they don’t exist.

“Protects your “Gui” from recursive FindFirstChild-style attacks. After you call the function, recursive FFA calls from non-Synapse contexts will skip over your protected instances & all children of such instances.”

AusRin0177 · August 28, 2021, 1:44pm

it can syn.protect_gui just make it be skip when you use FindFirstChild and sutch

imdaros · August 30, 2021, 7:43am

I know Crystal Anti Cheat System some how detects illegal Guis, such as admin Guis, and dark dex. I however do not have a clue how?

Not_Lowest · September 1, 2021, 8:51pm

They don’t detect any synapse GUI, it does however detect guis that don’t use any sort of protection.

Synapse uses syn_protect to protect the gui, jjsploit users are unfortunate though

Matrice · September 9, 2021, 12:27pm

It’s for them to know and for us to never find out. But tbh, I know how to bypass Crystal Anticheat and they’re extremely impactful on games, I only see bad performance games usually military groups that are small, with this anticheat and it false positives a ton, idk…I think Football fusion is #1 with anti-Dex.

mariocav · September 26, 2021, 8:16am

thats alrdy been bypassed lmao

Mystery_Devx · September 27, 2021, 2:01am

You don’t even need that anymore, FindFirstChild("name", true) doesn’t read core gui anymore… a simple: script.Parent = game.CoreGui will bypass any checks.

AusRin0177 · September 27, 2021, 7:16pm

ik… I was just talking about what it does… and they probably have that function so even if dev find a way around to detect coregui it cant be sean at all

HiddenKaiser · September 27, 2021, 9:51pm

It really only false positives if features in your game replicate certain behavior, as well as it could never beat a anti exploit made for a specific game. Crystal is made for the masses and not specific games.

Matrice · October 17, 2021, 1:23pm

So can you add a button in the Crystal Anticheat game called “Invite A Friend”, and have it prompt the socialservice friend invitation? I think that your rare and amazing method just needs a way to whitelist that coregui’s gui otherwise it’s a pick inviting friends gui vs non-synprotect() coregui protection.

Mystery_Devx · October 19, 2021, 9:40pm

I’ve tested this and done my re-search the method they do this is purely memory checks and listening to log service errors.

They literally have: “If this is a mistake then sorry” in their ban message.

Mystery_Devx · October 19, 2021, 9:43pm

The “rare” method is class name checks and using modules to access the core GUI and return its children or something. It also only works if your GUI has more than 3 text buttons and doesn’t work against the poplar infinite yield script. Overall crystal is not the ideal anti cheat, it has a ton of false positives, bad performance, has been cracked 4+ times and is easy to bypass.

Matrice · October 20, 2021, 1:49am

Have you been able to trigger a false positive on FootBall Fusion’s system? Have you bypassed their anti-CoreGui system? It’s very different and (since they have 500-10000 players), their system looks very viable. I’m wondering how do they whitelist the actual game’s CoreGuis vs exploit guis.

Mystery_Devx · October 20, 2021, 11:28am

Yes.

And yes lol, they don’t look for core gui they look for log service errors and memory spikes.

Matrice · October 20, 2021, 12:10pm

But their thing, they have a way to detect when you hover your mouse over an illegal GUI but somehow knows what is a legitimate coregui. Tell me about that. That isn’t memory spikes that’s the GetGUIsAtPosition(x,y).

Mystery_Devx · October 21, 2021, 12:57am

That doesn’t work for core gui LOL.

They are using delta time to see if the client freezes and because it is a heavy game it will lag longer so they use that as a detection method.
BasePlayerGui:GetGuiObjectsAtPosition (roblox.com)
They can’t refer to core gui using that method