How to make a system that detect when exploit execute script?

jumpogpo · April 30, 2021, 9:29am

How to make a script or localscript that detect when exploiter execute the script?

THECOOLGENERATOR · April 30, 2021, 9:39am

DevForum isn’t about people just giving you scripts. We need something to work with, atleast an attempt or some research.

Anyway, if it’s a GUI exploit you could do something like this:

game.Players.PlayerAdded:Connect(function(Player)
Player.PlayerGui.ChildAdded:Connect(function(Child)
-- Code Here
Player:Kick("No exploiting!")
end)

This, however, isn’t recommended by me. If you’re cloning something into the Player’s PlayerGui, it would kick them.

So set up a simple system that checks if the Gui added isn’t registered in the Game’s GUIs, if it’s not then kick them

BenMactavsin · April 30, 2021, 9:40am

You can’t, it’s that simple. If there was a system like that we wouldn’t have this many exploiters right now.

jumpogpo · April 30, 2021, 9:44am

It is possible to check if something add in CoreGui?
Example: DarkDex

THECOOLGENERATOR · April 30, 2021, 9:46am

I’m not sure, but you can try this:

game.CoreGui.ChildAdded:Connect(function(Child)

end)

You can’t track the Player that added it though, and I’m not sure if you can use that in a local script. If you can use it in a local script, then it would be prone to exploiters.

caviarbro · April 30, 2021, 9:53am

This won’t work because server can’t see the Added child only client will see it.

THECOOLGENERATOR · April 30, 2021, 10:08am

Will it not see it even if you reference the PlayerGui?

legs_v · April 30, 2021, 10:29am

The ui that automatically goes into PlayerGui will trigger this when they join/spawn so this is completely useless. Also the server won’t be able to see gui added by exploits since its made on the client, although if you made one on the client it would kick the player but the exploiter could just delete the local script.

Also like 90% of gui based exploits use CoreGui or their own service now

The only way that’s sometimes works (high false positives) is checking client memory checks. Basically once an exploit is injected/executed there will be a big memory spike. But the game could also load a lot of data at once causing a false positive.

The only secure way to stop exploits is securing remote events and doing sanity checks on the server.

You can’t access CoreGui with local scripts in studio, also CoreGui doesn’t exist on the server.

No problem.

And any client based anti cheats can just be deleted by the exploiter

THECOOLGENERATOR · April 30, 2021, 10:31am

Sorry, I’m inexperienced with these types of things. Thanks for letting me know

lovealrage · April 30, 2021, 10:52am

i’m pretty much sure that syn.protect_gui makes guis like dark dex impossible to detect.

nature1386 · January 27, 2022, 3:40pm

Either become an exploiter yourself, or partner up with someone who exploits. Then everytime you or partner can do an exploit, patch it. Keep doing this and you will have an unexploitable game (until a new exploit that you did not think of comes along, then just figure it out and patch it.)

AEW745 · March 29, 2022, 6:24am

I almost completely patched it until they started using Auto Inject and Auto Execute.

AEW745 · March 29, 2022, 6:38am

Here is a Server Script along with a LocalScript to stop All Executors except ones that use Auto Execute as they run before the game starts. This uses a RemoteEvent called InjectionEvent.

Important: Put the LocalScript inside StarterCharacterScripts and the Server Script inside ServerScriptService. The RemoteEvent goes inside ReplicatedStorage. Also, in the Server Script you can change the delay before it kicks them.

Server Script:

--[[

Credits: AEW745 aka Epicwarrior

Server Script

]]

--------[Config]---------------------------------------------------------------

local TimeLimit = 10 --in seconds

---------[Script]---------------------------------------------------------------

local ReplicatedStorage = game:GetService("ReplicatedStorage")

local InjectionEvent = ReplicatedStorage.InjectionEvent

local function setAfk(player, afk)
	if afk then
		wait(TimeLimit)
		player:Kick("\n \n [Auto Kick] \n \n Reason: Possible Injection! \n \n Note: You may also be kicked for opening another window! To avoid this please stay on the game. If you would like to leave the game use the default Leave Game button or close the Roblox Player. \n")
	end
end

------[Add this for backup incase your Remotes or LocalScript gets deleted. This will make it still kick the player if their Roblox Player screen is minimized]-------------------------------------------------------------

repeat wait() until game:IsLoaded()
	if AntiInjection ~= nil or AntiInjection.Disabled then
		AntiInjection:Clone()
		AntiInjection.Parent = game.StarterPlayer.StarterCharacterScripts
		AntiInjection.Disabled = false
		player:Kick("\n [Auto Kick] \n Reason: AntiInjection was hiding in Nil or Disabled!")
	end
end

InjectionEvent.OnServerEvent:Connect(setAfk)

------------------------------------------------------------------------------------------------

Here is the LocalScript:

--[[

Credits: AEW745 aka Epicwarrior

Local Script:

]]--



---------[Script]-------------------------------------------------

local Players = game:GetService("Players")
local player = Players.LocalPlayer

local UserInputService = game:GetService("UserInputService")
local ReplicatedStorage = game:GetService("ReplicatedStorage")

local InjectionEvent = ReplicatedStorage:WaitForChild("InjectionEvent")

local function focusGained()
	InjectionEvent:FireServer(false)
end

local function focusReleased()
	InjectionEvent:FireServer(true)
end

UserInputService.WindowFocused:Connect(focusGained)
UserInputService.WindowFocusReleased:Connect(focusReleased)

------------------------------------------------------------------

Please re-read as I added a few things. The new things I added is to make the script Hybrid which means it is like a generator if your power goes out. In otherwords the script will over ride your local script if an exploiter deletes the local script.

alphadoggy111 · March 29, 2022, 7:36am

Sorry, doesn’t this just detect if a player releases the focus from a window? There are many practical uses of focusing out of a window, for example checking Discord or messages.

AEW745 · March 29, 2022, 1:25pm

Yes, it does but it can prevent exploits because you are making it where they can only play the game and not do other things while playing.

Edit: I am trying to find ways to Whitelist certain windows.

Mystery_Devx · March 30, 2022, 7:31pm

Wow good job you made a script that kicks you if you click on anything else besides ROBLOX (this totally won’t cause you to loose 99.99% of your players)

AEW745 · March 30, 2022, 8:21pm

Why would you lose players if you are trying to get them focused on the game and not doing other tasks?

AEW745 · March 30, 2022, 8:22pm

Also, you can change the kick duration (How long is the script in standby mode before kicking).

busterbob64 · March 30, 2022, 8:52pm

Oh, cool. Let me open up my favourite hacking tool, Spotify. Oh wait, I got kicked. Guess I’ll stop playing, then.

Anyway, your anti cheat doesn’t work.

Server script:

AntiInjection is not defined
The player will be kicked after 10 seconds if the window is minimised regardless of if they came back or not

Client script:

You can just fire the remotes yourself as an exploiter
You can still delete the script and halt it’s execution

savio14562 · March 30, 2022, 9:02pm

Not only that, but deleted local scripts do not even replicate to the server. Unless this script was written before FE (filtering enabled), though still it might not even work anyway.