How to Detect for an Executor?

Another thing would be make the scripts Server Sided, most exploits cannot bypass Server Sider scripts.

They don’t insert anything into CoreGui… Exploits usually are their own standalone programs. There is no way to detect it at all, since it doesn’t have to insert anything into the datamodel.

You have to detect the effects of an exploit; you can’t detect the exploit itself.

4 Likes

As true as that is, server scripts can’t detect changes on the client if they aren’t replicated. An exploiter who inserts btools into their inventory can’t be caught if checks are not done on the client because tools created on the client do not replicate.

What do you mean? I made a system that kicks people the second they insert btools.

When an exploit is injected, usually, the amount of memory being used will spike for a short while, I can’t say this is how all “anti executor” scripts work but, one way is to calculate the difference in memory within a given interval and, if the difference in memory is larger than a certain value or is a certain value, it will kick the player. In my opinion, this is a horrible method of checking whether an exploit has been injected since the chance of a false positive is really high and, spikes in memory may be due to game scripts.

Some client sided security isn’t a bad idea since it should prevent most exploiters from (changing their speed)/flying/etc but, some exploiters can bypass client sided security; instead of relying purely on client sided anti-exploits, it’ll also be a good idea to have some server sided checks. If an anti-exploit ruins user experience, don’t use it since the number of players that are going to exploit is probably going to be pretty low, instead you should focus on securing remotes first.

Your system would have to be client-based then, and that won’t be that helpful because at the end of the day, the client controls the client and therefore, you cannot block some client-based exploits like this.

@ffancyaxax12 Because an executor is an exploit and exploiting is against Roblox’s terms of service.

I know this thread is dead, however there is one slightly finicky way to detect the injection of a dll. When a dll is injected into roblox the frame rate will drop, usually for a single frame to somewhere between, 1/10 of the original frame rate to 1/2 of it. If you can find an effective way to filter out other frame drops such as lag or gpu usage from these frame drops you might be able to detect a dll injection and prevent the malicious player from executing any code at all.

How would you do that? I almost always get random frame drops on certain game, I don’t want to banned because of it.

You would have only act if the player loses frames for a single frame, and fine tune any bounds your using to detect frames to minimise false positives. As I said its a finicky way of doing it, but you might be able to find differences between frames lost to a dll injection and lag. (and of course kick players rather than ban them just to be safe)

frame test - Roblox, i have actually been experimenting with this idea, feel free to run some tests in this game, if you see an output like this in the console:
image
then you’ve been flagged for a dll injection. I also don’t have the ability to test this on a device worse than mine, other than an vm I had set up from a while ago, I saw no false positives when using the vm, but averaged about 6 fps, so it probably wasn’t the most realistic test.

I got it to happen just by changing my graphics level.

image

I shouldn’t be kicked just for messing with my graphics settings. I shouldn’t be kicked for having inconsistent frames. I should receive no punishment for something that isn’t directly in my control.

hey thanks for testing this, but one of the useful things is that the frame drop caused by the dll injection is different to inconsistent frames, as you can see the script was detecting you were dropping frames, whereas the dll injection drop lasts for at most 2 frames and then your fps returns to normal, I feel like with enough testing an correction a system like this might be able to maybe not prevent all dll injections, but potentially detect and stop a high portion, while still allowing players who lose frames to be safe from being kicked. I don’t think this is the perfect solution but it was a suggestion that has some solvable flaws.

There is no possible way to detect exploit injection.
There are ways to prevent it tho, You can make a remote event spam detection.

You can check my post that is solved about remote event spam detection here:

Also I dont recommend you to use the lag detection method, since some people dont have a good device or have alot of applications open may give a lag spike that will kick the player!

1 Like

Executors are undetectable since there external.

local hum = script.Parent:WaitForChild("Humanoid")
local SpeedMax = 16
local JumpPowerMax = 50
local HealthMax = 100



hum.UseJumpPower = true

while wait(1) do
	if hum.WalkSpeed > SpeedMax then
		game.Players.LocalPlayer:Kick("We have detected your abnormal speed.")
	end
	
	if hum.JumpPower > JumpPowerMax then
		game.Players.LocalPlayer:Kick("We have detected your abnormal jump power.")
	end
	
	if hum.MaxHealth > HealthMax then
		game.Players.LocalPlayer:Kick("We have detected your abnormal max health")
	end
end

This is a normal anti cheat system. we can add more code in this script.

What… thats easily bypassed lol

Humanoid:GetPropertyChangedSignal("WalkSpeed"):Connect(function()
       print("so noob")
end)

it checks if the WalkSpeed is being changed or not

you dont

unless you wanna dedicate your life to learning lua metatables and what roblox actually allows you to use.

That script is Client sided meaning that Exploiters can access it and disable your script. I recommend sticking to the Server-side.

1 Like