How to find out if cheaters are accessing any service or object?

Is there a way to check whether the cheater is accessing any object?
For example, when he uses:

game.ReplicatedStorage.RemoteEvent
1 Like

You can only detect false requests. I don’t believe its possible to detect if a hacker injects a script that uses the remote. What you could do is on the server end if the player passes parameters that are not supposed to be there then you can kick them for using the remote wrongfully.

2 Likes

There is no way to check if a cheater is accessing an object. A cheater has access to the lowest levels of the roblox client process, including process memory. Luau does not give you this access.
Even if you had low level memory access, detecting reads would be very challenging, and would require a major security vulnerability in the computer to do so. Writes, however, would be detectable by comparing the new value and the previous value assuming that the cheater doesn’t simply disable your script that’s used to check for them.

You should always assume that nothing on the client is safe. Any code you deploy there could be disabled or changed. Any variable or instance on the client is also not safe to trust.
Best practice is to double check everything that the client sends you when the performance overhead is manageable.

1 Like

Thanks for your explanation, could you also explain what low level memory access means and how does it even work?

Low level memory access is changing exactly what the computer sees. The computer doesn’t see variables (or scripts for that matter; it reads instructions from something called machine code), and has no idea what a variable is. It only sees a long, long list of bytes with a location assigned to each byte. The computer also reads it’s instructions off of this memory, so for security reasons Roblox doesn’t give us access to it directly. We have to access it through arbitrary concepts like variables and instances instead of directly changing memory.

A cheater isn’t going to inject code in a way that you can see. Sure, you can scan the workspace for scripts, but they aren’t using a script (for initial injection at least) - they’re using a programming language translated into machine code. Because of this, you can’t stop that code from being run, which also means that anything you program in that the cheater doesn’t want to run can simply be erased from memory.

This same access also allows the cheater to change the contents of variables, instances, and everything else on the client. And for your original example, they can run code that fires remotes.

For all of these reasons, anything on the client could be changed, and anything that the client says could be false. You can’t be sure if the client is running your code.

1 Like

Thank you! The only thing I want to ask you is what does this code look like? How do they remove things from memory and so on? Is this a built-in cheat function?

The structure of the code isn’t really public. Cheat developers intentionally hide how their code works to prevent Roblox from detecting it.
For removing things from memory, they use a Windows function to tell Windows to grant them access to the memory of the process and then use an instructon (like MOV) to set the portion of memory that they want to erase to 0 or any other value.
No, there is no built in function for this. Roblox actively seeks out and patches cheats, and does not want cheating on their platform. Cheating is an offense that can lead to account termination.

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.