Hello, i did my first anti-exploit script it works perfectly, i just meet with a exploiter of roblox and he patched my anti-exploit script with using metatables. I just started to learn metatables yesterday but i dont really know how to fix this. btw my anti-exploit is serverside.
local mt = getrawmetatable(game)
local oldmt = mt.index
make_writeable(mt)
mt.index = function(t,i)
if i == "Kick" then
return nil
end
return oldmt(t,i)
end```His script only blocks kick on the client, so somewhere in your localscript you’re doing
Player:Kick(‘Exploiter’)
Also he’s not using newcclosure so you can detect that, useless detection though he can simply make it newcclosure
I recommend not making your checks on the client
I am not using localscript, its globalscript in serverscriptservice. I dont really know how that he return nil to a serverside script.
How are you handling detection?
In some way it has to be on the client, no?
Are you handling it with a remote?
If it’s with a remote he can return the arguments he wants or just make the remote not fire.
No remotes, not client
Just this and a Ping RemoteEvent in ReplicatedStorage (im doing it he didnt used the Ping RemoteEvent for it.)
Then he could just be fooling you, there is no possible way to block a kick from the server
He just teleported in frontof me. I saw that. My kick/ban scripts didnt worked for him.
He just teleported too away like more than 7.5 magnitude
Are you sure your anti-exploit even works? Because it’s impossible to block :Kick on the server
I am sure, i just tested it. There is no way to break :Kick() thing but he is just doing this with the script.
I dont think that he can fix this magnitude script. He used the script i sent. 
He’s possibly not bypassing kick, he’s doing something with his character most likely so he remains undetected
Filtering Enabled is forced by default
not local
settings is a table 
and FE 
Yea,my conclusion he’s not bypassing :Kick() he’s just making himself undetectable he’s not triggering any of your checks
Also, taking a look at that script. It wouldn’t even work he’d have to use __namecall to invoke :Kick()
that script does nothing
Uhh i think i just found a way to fix thanks.
This code doesn’t do anything. Even if it did, that’d mean you have a vulnerability where an exploiter can send arbitrary code to the server and have it run. Doesn’t seem like that’s the case. ServerScriptService scripts cannot be bypassed whatsoever.
FilteringEnabled is standard and can’t be toggled. The toggle itself only serves as a benchmark or note of sorts. If it’s off, then you know to fix your game then turn the property on. It also enables a warning on the website.
Think of it like this: games that didn’t have FE on before it was forced or program to have their games compatible with FE will see that this is off. That can then serve as a reminder to flip the switch then start working on compatibility.
Not at all. You can use metatables for object-oriented programming but they are two different concepts altogether. OOP is a paradigm, metatables extend tables with additional functionality (e.g. defining what happens when a lookup on a nil index occurs).
__index = .Kick(player)
__namecall = :Kick()
His Anti Exploit is broken.
For example, he does a server sided check on Humanoid.WalkSpeed, if you modify that on client, it won’t replicate to the server.
I believe he’s using a remote to get data from the client and seeing if they are the same on the server?
According to this, he doesn’t
Remotes should be stored in ReplicatedStorage
Yeah, he said somewhere above he had a ping remote.