InsertService API bypasses user inventory privacy settings

This code snippet is an example of InsertService bypassing user privacy settings to return asset Ids and information:

local userid = 123
function dump(o) -- Makes table 
    if type(o) == 'table' then
        local s = '{ '
        for k,v in pairs(o) do
            if type(k) ~= 'number' then k = '"'..k..'"' end
            s = s .. '['..k..'] = ' .. dump(v) .. ','
        end
        return s .. '} \n'
    else
        return tostring(o)
    end
end
local sets = game.InsertService:GetUserSets(userid)
print(dump(game.InsertService:GetCollection(sets[1].CategoryId))) -- sets[1] = models, sets[2] = decals

Loading a private asset into studio thankfully doesn’t work, however the api will still retrieve “private” information.

This is allowing users to create discord scrape bots, websites, etc., leaking personal assets as they’re uploaded. The only alternative currently to avoid leaking is to upload assets to an alternate account. I imagine this is a known issue, but I’ve received a large influx of messages/reports about this recently.

12 Likes

Thanks for the report! We’ve filed a ticket to our internal database and we’ll follow up when we have an update for you.

Please note that filling a bug report does not guarantee that it will be fixed once triaged.

4 Likes

Hey @prisman! Can you also tell us what type of assets are affected?

5 Likes

I’ve seen reports of this method working for uploaded decals, models and meshes*. This code snippet is capable of retrieving these categories for any user despite inventory settings

*edit: unsure if this exact method is being used for meshes, but I have been sent lists of scraped meshes from my inventory

2 Likes

Just checked by outputting my own sets, it primarily works for models and decals
RobloxStudioBeta_HFo5NtUdBB

The limit seems to be up to the latest 200 assets in each category
image

It can list other sets, but they don’t seem to be particularly relevant to this bug (3 and onwards are SetType = user)
image

I believe there is another privacy-infringing exploit that works for other types such as meshes, however it doesn’t seem to be possible here.

2 Likes

It seems that this can also be used by a web API endpoint, specifically https://www.roblox.com/Game/Tools/InsertAsset.ashx?sid=SETID
The negative set numbers work with this, so if you get someone’s private setID via studio (the API endpoint for that seems to have been closed previously) then you can always use the above endpoint to see their latest assets.

Thanks for flagging this issue.

Currently in the product we don’t really have a notion of asset privacy. The account setting which makes your inventory private is really misleading. The good news is we are working on implementing this in a proper sort of way where even if someone guesses an assetId they won’t be able to use it without authorization. Once that goes live, issues like will be moot.

10 Likes

I hope this doesn’t apply to existing assets (atleast existing decals and solidmodels), because if it does it may break old games which rely on the use of offsale assets created by other people.

1 Like

Yes, we will strive to avoid breaking existing content which relies on the current behavior.

5 Likes

Quick question that comes to mind on the other end of this: will assets (old and new) from users with public inventories continue to be usable after this update as they are now? I would’ve assumed that this new implementation would be just for users with private inventories, but just to confirm?

Please note that even if a user has their inventory marked as public, that does not mean you have the right to use their assets. The TOS clearly mentions a user has to denote whether their asset is free for public use.

To use an asset legitimately and you are not the owner of that asset, the asset has to be marked as Free. You cannot use Decals/Audio/etc by other users if they are not marked as Free. When the feature Seranok mentions above is implemented, it will likely prevent you from using non-Free assets that are publicly visible on the site, but that’s fine since you are not meant to be using these anyway.

3 Likes

Just testing and confirming here - this only works with models and decals, so other types of assets you’ve uploaded with a private inventory should be fine (e.g. audio). In this manner, it’s not a complete bypass, just for two categories of your inventory.

Your models and decals are counted as user sets (I’m not sure why this is the case and it doesn’t really matter either). All other sets that may appear in this list are actually from a very old feature that was sunset 3 years ago, sets. Check Sunsetting Sets for details. Found out by dumping my own inventory and finding sets that I subscribed to at least 6 years back or more.

Just for anyone concerned that this can be used to dump other assets. This method can only fetch models and decals as well as sets you’ve created or subscribed to when the Sets feature existed.

3 Likes

In studio, you can use the toolbox to view public assets, so this has also been used for scraping assets. Could also be how they’re getting meshes?

It appears that for users created after Sunsetting Sets you will get a LuaWebService error when you try to dump the set (this comes from the GetCollection call).

Example: My UserId, 1304156816

So new users won’t be affected by this.