Hi, does anyone know how to make a script that automatically kicks player if they have a script executor (for mobile)? Executor is a client (local) thing, that executes only LOCAL scripts. Help!
1 Like
Just go on the toolbox and look for an anti cheat .
It’s the worst thing to make an anti cheat, because more than 80-90% of them isn’t working
This depends, most script injectors have ways of patching local side anti cheat measures.
If you’re looking to completely prevent the injection of foreign scripts into your game, it’s impossible.
But some games including a thing that kicking player with their executor name when they joining, + this game supports all executors
Are you referring to certain detection methods, for the executor itself?
Most executors use some API called “WRD”, if you can get that API, you can probably patch executors that use that.
wrdAPI is a C compiled link library and isn’t patchable via in-game LUAU scripts, neither on the server nor the client side.
- its also patched via the bfron updated
WRD used to send a notification that can be detected on execution, devs detected that.
So, how can I do that? Games like MET Code Obby have an anti cheat that kicks you when you join with your exact executor name, but executor can’t be noticed with Roblox scripts because they’re local.
Using logservices from the console you can detect certain messages that are sent by executors. That’s the only known way that isn’t directly affecting performance, there are other ways but they contain heavy while true loops.
Theres no way to fully patch all mobile executors
you can only patch some of them.
You can only patch mobile executors if they have a vulnerability that accidentally lets level 2 scripts do things they are not supposed to or if they change something inside the DataModel that your scripts aren’t using.
Example: some executors have a “setscriptable” function. You can check if they use “setscriptable” on things that normal scripts can’t access, like HttpService:RequestInternal().
Some executors set “setscriptable” on properties by simply changing it from 0 to 1, which basically lets all scripts in the DataModel, regardless of their level, access those properties. Besides this, everything else would just be normal anticheat checks.
If their executor doesn’t have “getconnections,” you can watch for messages sent using LogService.MessageOut . If you see their executor’s name pop up, you can kick them out in the error handling and stuff.
If they keep messing with the environment inside the DataModel in a way that level 2 scripts can reach, you can just check for those changes. But honestly, the best way to figure this out is to test it yourself.