That’s not true. Only paid exploits and most exploiters use free exploits.
To add onto this. RemoteFunctions from the server are heavily discouraged due to issues other than just exploiters intercepting the callback.
The main one being that the thread will indefinitely yield if the client leaves mid-transit.
Remember, callbacks can only be assigned one value
Yes, that’s why it catches out quite a lot of exploiters as the majority of them use the same widely spread scripts. When your game gets big enough to the point where advanced exploiters come and literally create GUIs to exploit in your specific game- then you have a problem and that method no longer works.
Nope. But I applaud your effort.
There are some games that litteraly diplomatically solve those issues to remove exploiters that make special GUI’s for the game.
not only that, but if you don’t assert your parameters, exploiters can see errors from your server side.
remote.OnServerInvoke = function(player, a, b)
a.Name = b
end;– exploiter
remote:InvokeServer('asd') -- will return a server-side error in your exploit consoleYou would be very surprised. Yes, there’s a lot of free exploits out there. But that’s just the chaff. Focus on making a good server-side anticheat before going ahead and making something that will catch them off guard. It’s pointless to have a weak defense and a strong offense.
1 Like
Server Side anti-cheat is very limited to certain things because of laggy players, etc. If you wanted to have the best anti-cheat I suppose you would have a strong server sided anti-cheat to prevent major things like teleports, etc. And the rest would be on the client accedently getting an exploiter. That doesn’t know what he is doing.
There’s a lot of exploiters that don’t know what they’re doing. It’s a very bottom-heavy society, but the bottom eventually gets the scraps from the top. That’s why you focus on making a strong server-side first, to leave as few holes as possible for that one good script to take advantage of.
Also: please mark something else as your solution. People might look at this thread and think the solution is actually a good solution… I recommend one of the many replies talking about the futility of the entire problem.
Also: please mark something else as your solution
are you mad or something?
read what he wanted. thats the answer.
he asked how to get env of exploiters that require modules, I simply answered it and that’s it.
He was the one that answered the topic and he gave extra info to the topic. I asked a question and he answered it correctly. I am not changing the solution.
1 Like
There are many facets to this problem that the current solution just doesn’t cover, along with the fact that it doesn’t even work with most exploits. It’s pointless to attempt to get the environment of the exploiter when not even Roblox itself can detect it. The correct solution to this problem would be to not even attempt this at all. The question itself undoubtedly has a deeper solution than the one you provided.
that’s true but still not the point of the thread, all he needed was to know a way on how to do it, not how to make it safe, it was just a question
My question wasn’t “How to make anti-cheat on the client by knowing the environment of the client.” As this is per definition impossible/bypassable.
A question that could potentially be seen by many and thought of as a good solution, of which it is not. I recommend at the very least adding some key points, as the majority of the people that come to this thread looking for a solution are going to be looking for some kind of anticheat they can implement.
@WhitexHat Can you write a summary saying that it isn’t bullet proof anti-cheat as it’s on the client. I’ll mark it as the solution.
Some key points I consider necessary to include are:
- The current solution is not a fool-proof one. It requires that the exploiter actively be calling the functions in these modules.
- An exploiter can easily bypass such a method of getting the environment, if the exploit itself doesn’t already.
- To those looking to make the current solution into an anti-cheat, it is a fool’s errand. A proper anti-cheat should be implemented on the server, as it is mostly useless to develop a client-side anti-cheat due to the exploiter being able to disable or easily work around anything you might do.
Modified my previous reply with a more in-depth explanation.
Don’t do this, only do UI interaction with local scripts, using server scripts for it is going to be laggier, and completely un-needed, just use a remote like you should.
1 Like