How to detect for gui injected into the coregui?

KrimsonWoIf · March 25, 2022, 1:23am

Before we start please dont say its not possible. iv seen games do it and they do it all the time.

im making anti exploit and im trying to detect when the gui is inserted into the game. roblox currently does not allow me to access the coregui where the majority of decent exploits are held but i made a script for playergui

game.Players.LocalPlayer.PlayerGui.DescendantAdded:Connect(function(descendant)
	if descendant:IsA("ScreenGui") and descendant.Name ~= "GameUi" then
		game.Players.LocalPlayer:Kick("No hack")
	end
end)

as you can see it does its job but i need to do this on coregui not playergui

Cookielnk · March 25, 2022, 2:10am

exploiters can just delete your script because it is running on the client and other ways to bypass it

also im pretty sure that developers cant access coregui

there is no way to detect it ig

KrimsonWoIf · March 25, 2022, 2:15am

iv seen games detect it

EXAMPLE:

edit: for some reason dev made game private. go back to the game after like a day or two

alphadoggy111 · March 25, 2022, 2:18am

Regular scripts do not have access to CoreGui. There is no effective way to prevent exploits being injected into CoreGui. The game you’ve listed is possibly listening for memory spikes rather than that, which isn’t recommended for actual usage as it can have false positives.

Even if there was a way to detect it, it’s incredibly easy for an exploit developer to see what you’re using and then patch it on there side.

Instead, it may be a better use of your time to simply prevent whatever is actually happening rather than “shooting the messenger” for a lack of a better term.

KrimsonWoIf · March 25, 2022, 2:19am

the developer said they dont use memory spikes when they posted the game

edit: sometimes it kicks on injection as well

he did mention this however

so how do i do that?

alphadoggy111 · March 25, 2022, 2:23am

Personally I’m not too sure if I believe that. If it kicks on injection I would assume they are using some sort of memory detection, I can’t think of a single other way to detect that. Someone feel free to correct me if I’m wrong. Either way, what I do know is Roblox makes it very hard for you to do anything with CoreGui, which implies that they don’t want you to do anything.

Also, I have no idea what “detecting manipulation of the robloxExecutable” means, but that simply doesn’t make sense if he’s implying he’s checking the actual Roblox program on your PC.

kosukeReboyX · May 28, 2022, 9:41am

There is no way to detect for gui injected into the CoreGui by normal scripts.
Instances in CoreGui are protected by PluginSecurity (can be accessed in studio console or plugin scripts but you can’t use them in a non-studio place).
CoreGui cannot be accessed by normal scripts (like Script, LocalScript, ModuleScript).
An error will occur if tried to access to CoreGui.
Exploiters can run scripts with a high level of security, so CoreGui is used by them.

da1nonlyfr · June 4, 2022, 4:21am

you could do memory check or pcall decendant added