Hello! I apologize if this isn’t the correct category. I am not the most educated on Roblox Studio and backdoors. I’ve noticed the recent exploit where a user inserts inappropriate text and mass reports the game to get the game and the user terminated. Can I protect myself from this by keeping my games open? And how can I detect any backdoors that could currently be in my game? Thanks to all in advance!
AFAIK, this is done on the exploiter’s client, so you don’t need to find backdoors to patch it (you just wait for Roblox to do it or close your game)
1 Like
Yes, ctrl + shift + f
Search for require and getfenv. (must be serverside script)
(sorry for double reply)
about this exploit
It works like this:
bypass hyperion → inject into robloxplayerbeta → execute luau code →
Instance.new("TextLabel",ScreenGui).Text="something inappropriate here or very bad and offensive words"
→ report abuse → capture screenshot → send report → ok
you need to execute code
while true do if game.Backdoors.Numbers > 0 then game:Destroy() print ("virus detected and deleted") end end
use plugins or do it by yourself don’t execute that masterpiece
and move your post to help & feedback
I’ve searched “require” and the majority of results are server script services, chat services, starter player services, etc. Is there anything I should look out for in these scripts?
send us a screenshot. we don’t know what you see on your screen, bud
yes, you should look for require(id) so like numbers passed to require function and not instances also look for very confusing obfuscated scripts that use getfenv
You don’t have to be increasingly harsh about it, I doubt they have any back-doors on their games as they so believe due to recent fearmongering, that is unless they have a misunderstanding of toolbox model usage.
What about you show us something else, not chat scripts?
there’s nothing you can do to prevent this. backdoors don’t work this way.
backdoors are just malicious code left on the server for exploiters to have an easier way to control the server (because, by default, they can’t).
the permanent ban exploit you’re trying to patch cannot be prevented because it’s done on the client. clients will never be trustable and will always be unpredictable because they’re being controlled by an unofficial device. basically, anyone can do whatever they want on their screen since nobody has a roblox security guard behind them that monitors everything they do and whether they cheat or not.
3 Likes
Disable that?
1 Like
Workspace.Boards.AssetLoader uses require()
but I think it’s safe?
i was about to scream “virus alert” but you did it for me thanks
This isn’t a virus as I’ve just looked over it, all they’re worried about is the recent termination methods which has nothing to do with anything currently present in their game.
4 Likes
It is an old donation board but I’ll delete it since I don’t use that model anymore. Thanks!
I’ve looked through the rest of the require() and none of them have an id between the parenthesis. Are all of the require() that do not have an id safe?