An example of what Bloxburg does?
They code smart. Instead of having remotes that you can easily access. They have a module which handles remotes and does what it needs to protect them. Though this can be bypass its easily understood and can easily be handled much more than an ordinary remote.
Along side this. They measure any possible client ticks/updates.
- This is from what I have heard. Donât I was using it as an example.
1 Like
You will have to elaborate, a module that handles remotes?.. How would it be different from connecting remotes to callbacks in a server-environment with proper checks? Theyâre just as secure.
1 Like
You really want a tip. Most exploiters use a meta method that checks if youâre calling : on a remote. This is quite often true since we do remote**:**FireServer âŚ
However. You can easily just do this instead.
remote**.**FireServer(remote, âŚ)
It doesnât cause lag. It doesnât cause issues. But its more secure. Code smart. Like I said.
But a module could easily handle remotes. Such as parenting all remotes to nil. Until needed. Then parenting em to a game then back to nil. You could also change all the names. Change the way you fire the remote. All sorts.
1 Like
Which method? Are you referring to index? It would only be able to check its own client sending to the server and not other clients.
I mean sure, you could do that, but it is a pain to control and they can see instances parented to nil.
A meta method. An meta method that developers do not have access too. A meta method is a specialized method that is added onto a table using metatables. And its not index. Index is when you index a table. Not call a function from it.
The meta method is called __namecall. And a exploiter would set a custom meta method to distribute and handle their events the way they want too.
They can see instances parented to nil. Sure. But if all remotes in your current game are named ââ- Nothing. And all parented to nil. Getting that same object would be harder than any normal game.
2 Likes
Everyoneâs out here sharing their methods. Congratulations, youâve now exposed how your anti-exploit works and theyâre no longer effective!
1 Like
Exploiters can just use __index instead of __namecall then? Not really more secure. Exploiters can also just use hookfunction so they donât have to edit __namecall or __index.
Security through obscurity is not a good idea in my opinion, and plus exploiters can easily get the reference to the remote when they hook them
2 Likes
Maybe so, But its these little steps which dont take up much that makes your system much more annoying to an exploiter. You cannot win a war against a client. You simply have to deploy tactics to annoy them. Combine that with a method to hide your source code - I know this method and will not disclose it. - It starts to aggravate the exploiter, Never the less, Theyâre going to get though it. So just keep updating it. Make your system go to important variables. But change those variables each time. Send packets with an authenticated key. etc.
Also, send all data inside of a remote inside a table. Then wrap that table in a metatable. No remote uses that metatable so if that metatable is activated some how. Its an exploiter. Etc etc. Therefore covering your variables a little bit more.
These little things do not cost you alot. It is logical and easily executed.
Something like making a ray each .2 seconds for each player on each client is worse. And that is the type of practice I would deny. Though we all learn one way or another.
so why fight it :\
i do not believe that is even possible?
which they will be able to send by hooking the functions? also inflates bandwidth usage.
exploiters can easily use rawset, rawget, rawequal to bypass __newindex, __index, __eq respectively, for other metamethods they can just set it to nil, perform the operation that invokes the metamethod, then set it back.
this really isnât secure.
I have never tried to make any anti exploits as i dont run into many hackers, but I have something that could work.
It runs in the background without any possible way of deleteing it. But im prob wrong about this so maybe it can be used to detect the less smart exploiters. Hope it helps!
script.Name = math.random()
wait(0)
function HackLoop()
while true do
wait(0.1)
print("RUNNING")
end
end
script.Parent = nil
coroutine.resume(coroutine.create(HackLoop))
Fight it because of the people who play your game. The point is to annoy create unique ways to put an stop to them. You fight for the players who play the game. If you dont fight then you do get a game. But you get a game like prison life where there isnât a point in playing.
Yes, That method is possible. Iâve done it myself.
If its on the client. It doesnât involve the servers bandwidth. Infact it just involves the clients memory. Either witch will still be taken up by the updates. And if youâre so upset or scared about taking that memory then figure out a plan to remove something not so important to bring something more important.
or just make your code much more efficient.
Yes, they can use rawget etc. But the point is to fight them. Not to stop them as stopping this is not possible. Also, Iâd like to mention the selected method does stop quite alot of remote spies. Because most exploit developers check for this.
2 Likes