Most backdoors have the same type of code which starts with loadstring and then ends with the link. I would be careful with this or just not touch that download/link at all. Or put it into your game.
1 Like
I would remove the code, as it looks very suspisious. It’s most likely a backdoor.
1 Like
dude click the github link. The script is…it doesn’t even do anything. I mean like wut is with the random letters and numbers and all those swear words and phrases.
Edit: On second thought don’t click it
1 Like
Yes. The code is a virus, and I would delete it immediately. The reason it’s so long is because it can corrupt your game and make it slow.
Below, I have a list of things that I see in a virus.
The only exception is require(), which I would make sure the module you are getting is verified. Some examples of good ones are HD admin, Topbar+, and Simply Admin. Please also make sure it is the real one.
require()
string.sub() — sometimes this is good, but please make sure you script it yourself and know what it is doing.
require() — make sure it is made by the legit creator by going to Roblox.com/library/Whatever number is in the brackets.
game:HttpGet() —Pretty sure this is deprecated, not sure.
:LoadAsset() — sometimes You want to add your model into the game. Viruses can also add themselves with this function. Same thing as require, use roblox.com/library/the number in brackets
Those are the most common ones I see. Any assistance, please reply. Thanks, WE
If you are not sure if a script is a virus, please feel free to PM me.
9 Likes
Mostly getfenv() it’s used to get functions and such, global info from a script, so you can do require using it, or print, or whatever, via a string, then they use those weird number based strings like “/213/1234/124/”
1 Like
The script is obfuscated I think
2 Likes
Yes. I searched through the github code. Down the bottom, a string “compares” it to synapse and other Lua Executors. Definitely a virus. Stay safe.
2 Likes
This is definitely a backdoor, Make sure you remove the script and try to scan all the scripts in your game manually to find others that are possibly there.
1 Like
That is DEFINITELY a backdoor. Http hooking just for anti-core gui scripts? Smh.
1 Like
I never used the script in the first place… Thats why I asked before I used it.
Thanks, Yeah I had a lot of red flags starting off that it was on v3rmillion and it was obfuscated as well the user being a known exploiter and is inactive.
Thanks, but you forgot
loadstring
Games by default have Loadstring disabled as it would pretty much disable all anti-exploits and give hackers serverside to your game.
This is false. Exploiters need a backdoor in the game in order to be able to gain server-side access, most backdoors use a Lua VM anyway so the option does nothing
1 Like
How is it false… That’s why everyone says not to allow Loadstring because it would make it way easier for hackers to execute backdoors and get serverside. I suggest you do more research about the topic.
Exploiters cannot acces the server (which can use loadstring if its enabled) unless there’s a backdoor. It’s not dangerous to enable loadstring.
1 Like
If you want to read the full thread go here: Hacker prevention: Filtering and LoadStringEnabled - Scripting Helpers
Exploiters cannot access the server in a game where there’s sanity checks on the server and no backdoors. Only the server can access loadstring and no client can. The guide is heavily outdated and you shouldn’t rely on it.
1 Like
They can with serversided dex explorer. witch is the hardest exploit to patch, been working on it for months now.
No, It’s not a backdoor it’s not even supposed to be used in your game as it’s made to be used on exploits.
Please, do not call it a ‘backdoor’ without actually knowing the user that posted it and without knowing where the script has to be used on.
1 Like
