Hello there, Yes i saw a post about this but didn’t really understand so i wanted to make my own post about it and maybe i will understand it a bit better.
I want to execute lua through a textbox just like the developer console does.
1 Like
It has to be on the server to use loadstring, but using remote events is a extreme security risk
1 Like
Is there any other way to do it without load string?
no there is not
just have a whitelist of who can execute code on your server
Yea, im doing it on the server and im thinking about using remote events or not.
Okay, thank u i will try it now!
Well then make a whitelist for the people who can use this feature, but don’t expect them all to be nice
1 Like
Okay, i made a whitelist for me and the owner.
my code:
local script:
script.Parent.MouseButton1Click:Connect(function()
game.ReplicatedStorage.RemoteEvent:FireServer(script.Parent.Parent.Text)
end)
Server:
game.ReplicatedStorage.RemoteEvent.OnServerEvent:Connect(function(Player, Code)
loadstring(Code)
end)
It doesnt work when i say print(“Yes”) and yes i have loadstring enabled
loadstring(Code)()
That should do it
1 Like
Lol, i just found out how to do it but thank u!, very helpful.
Also do u know what ur game being vulrenable to exploits is about when u enable load string?
Well exploiters will probably do:
loadstring(game:HttpGet("link"), true)()
1 Like
Oh, would it affect the server?
With your loadstring system, without a whitelist exploiters could run any code without a executor, edit datastores, make HttpRequests, edit CoreGui for everyone. Send me your game and I will show you what I mean. (Publish the game and play it)
1 Like
Alright 30 charsssssssssssssssssssss
I just remembered about the security level, but datastores are still a thing