How to do anti exploiter system?

Help and Feedback Scripting Support
#1

Hi next from this topic

@Asinphi in this topic said exploiter can prevent RemoteEvent from firing

and another i have create LocalScript that will detect if player walkspeed, jumppower etc…
but @ThoseNamesAreGood in this topic said exploiter can remove LocalScript away

This is my script.

local plr = game.Players.LocalPlayer
plr.CharacterAdded:Connect(function(char) 
died = false
char.Humanoid.Died:Connect(function() 
died = true
		end)
		print('done')
repeat wait() while wait() do if char.Humanoid.WalkSpeed ~= 16 then plr:Kick("Why cheating bro") end if char.Humanoid.JumpPower ~= 50 then plr:Kick("Why you keep cheating") end
end)

This is problem: I guess?

I wanna know how to make exploiter can’t prevent remote event from firing
and I wanna know how to make a script that exploiter can’t remove (or just make a script that detects when player walk speed / jump power changed)

If you don’t understand you can let me know, I’ll explain it again.

Thanks for all answer and sorry for bad English :slight_smile:

#2

You can parent a LocalScript into a server-sided script, and clone it into the player (possible exploiter) regularly. For example,

while true do
    wait(5)
    script.LocalScript:Clone().Parent = Player --Define the player first.
end

Or you could include this in a For loop to loop through all players - game.Players:GetPlayers(). I think so anyway, I’m on mobile sorry if I made typos!

1 Like
#3

Clone it every 5 seconds???
but I think we just do like when the script got removed to create new I guess?
but the server can’t detect because I think exploiter will just remove it on client so it won’t replicate to server.

#4

Well then perhaps:

pcall(function() Player.LocalScript:Destroy() end)
script.LocalScript:Clone().Parent = Player

So that we can destroy the existing script in the player before cloning another one into it, and just in case the player has destroyed it and it was detected server-side, we wrap it in a pcall().

#5

Ok, I’ll try to use it
but what about this

how to prevent exploiter to prevent RemoteEvent from firing?
and how to prevent exploiter to fire remoteevent without permission?
because I use to do a weapon so we need to enter character who will deal damage but @Asinphi said exploiter can enter will deal damage who too
what is the solution of this?

Sorry for bad english

#6

Put the local script into ServerScriptService with this script inside of it:

local RunService = game:GetService("RunService")
local threads = {}
RunService.Stepped:Connect(function()
	local now = tick()
	local resumePool
	for thread, resumeTime in pairs(threads) do
		local diff = (resumeTime - now)
		if diff < 0.005 then
			if not resumePool then
				resumePool = {}
			end
			table.insert(resumePool, thread)
		end
	end
	if resumePool then
		for _,thread in pairs(resumePool) do
			threads[thread] = nil
			coroutine.resume(thread, now)
		end
	end
end)
local function fastWait(t)
	local t = tonumber(t) or 1 / 30
	local start = tick()
	local thread = coroutine.running()
	threads[thread] = start + t
	local now = coroutine.yield()
	return now - start, elapsedTime()
end
while true do
	fastWait()
	for i,player in pairs(game.Players:GetChildren()) do
		if player.ClassName=="Player" and player.PlayerGui:FindFirstChild("nameofscript")==nil then
			clone = script.Parent:Clone()
			clone.Parent = player.PlayerGui
			clone:FindFirstChild("Clone"):Remove()
		end
	end
end
#7

What did these script do? I’ve to try to reading… but i still don’t know what it do.

#8

I forgot to mention, in the line

clone:FindFirstChild("Clone"):Remove()

“Clone” is the name of the script. The script constantly checks the PlayerGui of all players and if the script no longer exists within the PlayerGui, it clones it to their PlayerGui.

#9

but i think exploiter will just remove the script on client side (I mean script that cloned)
So server can’t know because it doesn’t replicated to server…

#10

This script constantly removes and clones the local script to the PlayerGui of all players. If your local script doesn’t include any wait()s, this (should) work fine.

Edit, I am pretty sure that local scripts continue to run after being removed, so even if the local script includes wait()s, it should still work fine.

In testing, this worked for a short anti-exploit local script I made containing just one function.

local RunService = game:GetService("RunService")
local threads = {}
RunService.Stepped:Connect(function()
	local now = tick()
	local resumePool
	for thread, resumeTime in pairs(threads) do
		local diff = (resumeTime - now)
		if diff < 0.005 then
			if not resumePool then
				resumePool = {}
			end
			table.insert(resumePool, thread)
		end
	end
	if resumePool then
		for _,thread in pairs(resumePool) do
			threads[thread] = nil
			coroutine.resume(thread, now)
		end
	end
end)
local function fastWait(t)
	local t = tonumber(t) or 1 / 30
	local start = tick()
	local thread = coroutine.running()
	threads[thread] = start + t
	local now = coroutine.yield()
	return now - start, elapsedTime()
end
while true do
	fastWait()
	for i,player in pairs(game.Players:GetChildren()) do
		if player.ClassName=="Player" then
			if player.PlayerGui:FindFirstChild("nameoflocalscript")~=nil then
				player.PlayerGui.nameoflocalscript:Remove()
			end
			clone = script.Parent:Clone()
			clone.Parent = player.PlayerGui
			clone:FindFirstChild("nameofclonescript"):Remove()
		end
	end
end
2 Likes
#11

wait. localscript can’t be run in serverscriptservice!

did you mean put the localscript that will be cloned right?

#12

Store the local script in ServerScriptService so it cannot be deleted by exploiters. Put the clone script inside of it.

#13

can i put it on serverstorage because i’ll get confused.

#14

Yes, ServerStorage will work as well.

#15

ok but what about how to prevent exploiter to prevent remoteevent from firing? and how to prevent exploiter to put argument because he can hurt anyone because it for deal damage in weapon.

#16

From what I’m aware, it is impossible to stop exploiters from firing RemoteEvents. However, I believe you can have scripts to detect if a RemoteEvent is being fired too rapidly. Don’t use RemoteEvents for anything too important, such as money or purchases.

#17

uh did deal damage for weapon is important ?

#18

i have use script and i have modify something this is script i use

local RunService = game:GetService("RunService")
local threads = {}
RunService.Stepped:Connect(function()
	local now = tick()
	local resumePool
	for thread, resumeTime in pairs(threads) do
		local diff = (resumeTime - now)
		if diff < 0.005 then
			if not resumePool then
				resumePool = {}
			end
			table.insert(resumePool, thread)
		end
	end
	if resumePool then
		for _,thread in pairs(resumePool) do
			threads[thread] = nil
			coroutine.resume(thread, now)
		end
	end
end)
local function fastWait(t)
	local t = tonumber(t) or 1 / 30
	local start = tick()
	local thread = coroutine.running()
	threads[thread] = start + t
	local now = coroutine.yield()
	return now - start, elapsedTime()
end
while true do
	fastWait()
	for i,player in pairs(game.Players:GetChildren()) do
		if player.ClassName=="Player" then
			if player.PlayerGui:FindFirstChild("WeaponGiver")~=nil then
				player.PlayerGui.WeaponGiver:Destroy()
			end
			clone = game.ServerStorage.WeaponGiver:Clone()
			clone.Parent = player.PlayerGui
		end
	end
end

i have fake this script to name WeaponGiver.

but this script working too fast
my script didn’t detects anything yet, and it got destroy and create new one

this is script inside my localscript

local char = game.Players.LocalPlayer.Character

local plr = game.Players.LocalPlayer

died = false

if not char:FindFirstChild("Humanoid") then

script:Destroy()

end

char.Humanoid.Died:Connect(function()

died = true

end)

repeat wait() while wait() do if char.Humanoid.WalkSpeed ~= 16 then if char.Humanoid.WalkSpeed ~= 30 then plr:Kick("Why cheating bro") print("kicked with speed " .. char.Humanoid.WalkSpeed ) end end if char.Humanoid.JumpPower ~= 50 then plr:Kick("Why you keep cheating") end end until die ==true

EDIT: it work now sorry, it’s my mistake.

#19

Why do you have to use a pcall?

#20

I think i have solution for to prevent exploiter to change walkspeed , jump power etc. now but i don’t know solution about the remote event yet :confused: anyway i’ll try to find solution with my self.