Well it’s impossible to patch, because the UI is displayed in CoreGui which currently has no working detection methods.
1 Like
Starterplayerscripts is basically player
Placing anything in it will caise the game to clone it and place inside a player
here, this is the reach exploit people are using and also. if you can please help me make an anti for this that’ll be great cause i really can’t. i want to so bad but at this point i don’t think i can. and same with another way to fix reach exploits… make sword server sided oh wait how?.. so i can’t. idk what to do. i heard that fireevent near end of the code btw is a fake replacing the real event? idk but i wanna learn more about that cause it’s odd
--// Setting \--
local range = 15
--// Variable \--
local player = game:GetService("Players").LocalPlayer
--// Script \--
game:GetService("RunService").RenderStepped:Connect(function()
local p = game.Players:GetPlayers()
for i = 2, #p do local v = p[i].Character
if v and v:FindFirstChild("Humanoid") and v.Humanoid.Health > 0 and v:FindFirstChild("HumanoidRootPart") and player:DistanceFromCharacter(v.HumanoidRootPart.Position) <= range then
local tool = player.Character and player.Character:FindFirstChildOfClass("Tool")
if tool and tool:FindFirstChild("Handle") then
tool:Activate()
for i,v in next, v:GetChildren() do
if v:IsA("BasePart") then
firetouchinterest(tool.Handle,v,0)
firetouchinterest(tool.Handle,v,1)
end
end
end
end
end
end)
they made a fake fire touch???
Even though they could if you really wanted to you could check every second to see if the anticheat script exists and if it doesnt ban them from the game
2 Likes
Excuse me sir, I’m giessing you dont know about client-server stuff
Exploiters can delete local scrips, and the server wont even be able to see it deleted
The script wont even work either
Read post above
Agagagagaggagagaga
You should do MAGNITUDE checks on the SERVER
NOT THE CLIENT
Adding onto what other people have said, exploiters can find ways to always return a false number, string, and more for Speed, JumpPower, etc… So just comparing numbers is useless.
You should find other ways of detecting changes, for example, magnitude, or comparing their last position to their current position, etc… Otherwise, your anti-exploit is practically useless.
Maybe try putting it in an script they need to play the game or something like their money earning script or something so if they do find the script that bans them if they delete the anti cheat they basically cant play the game. 1000 IQ lol
i know i’m learning how to work with server sided coding and to be able to do that. i want to lol
They csn just edit the script
Doesnt work
can’t you just add a separate script in serverscriptservice to where if the local anti cheats or scripts get messed with/changed etc. then kick from game lol or if someone tries editing or changing anything in the local script. or change in properties and such too
and i already have an anti cheat in the sword. it’s a local script too and it’s been fine and works. i haven’t seen or heard of anyone changing or editing the anti’s i added to my game. i have like 2 server sided and one i made lol i have trouble working with server sided coding so i’m trying to read other codes and edit. but also my anti i have made not the one i shared in this post but the one i made that works and such, it as a feature in it where if any classname is added to the sword then kick player lol
another thing, i have two exploiter friends who BOTH gave me their script they use to exploit reach. i know how they’re doing it so i’m going to try to see what i can do. and learn more. it’s not hard to stop them, they don’t change scripts or any of that. they’re just editing what’s already running on the server or to the server or communicating with server lol either way and making that fake fireevent do the work for them lol
You can’t detect client changes from the server. In order to see what’s on the client, the server has to ask the client.
You can’t edit the server via the client unless you have unsecure RemoteEvents in your game
There are many, many ways exploits can stop your anti-cheat without knowing the name of your script. In this case, they don’t even target your anti-cheat at all, they simply fire touch events.
Exploits have almost full control of what every property, function, etc will do, they can modify it, and access values within your script both directly and indirectly and in ways that a LocalScript traditionally cannot. They also have access to anything anywhere. Exploits can target your script simply by making whatever methods of detection you use ineffective.
Think about it as if an exploiter can edit any LocalScript in your game, even automatically with the code they write, as that is essentially equivalent to the power most exploits provide. Exploits have far more control over the engine than you do, and ultimately, there is nothing you can do that will be able to avoid exploits, except to simply write your code server-sided.
Often times, exploits don’t even need to target your script at all, and likely don’t even need to view the source code of your anti-cheat to stop you from detecting them. It is entirely possible for exploiters with an okay amount of knowledge about Roblox to simply eliminate every feature you could use to detect the presence of the cheat from the client, or fake what is actually happening.
As a lot of people have said above, exploits have zero control over the server since it’s all on Roblox’s end. The only control they have is control your code allows, or control that Roblox allows (intentionally or not).
I was gonna say the exact same thing lol
dang that sucks thx for telling me though lol
ok i understand now, thank you for that. i need to work on server sided coding then. new to events