Okay, I will uninstall Ro-Defender. Also, here is the link to the 3D Text plugin.
We use Basic Admin Essentials 2.0 by TheFurryFish.
@COUNTYL1MITS it does have a backdoor; due to fact it so commonly use exploiter can create a script to bypass it and make scripts to find games with it. That is why it is important to use custom admin systems. I also messaged @P_xul, with important information about back doors to find, prevent, and remove.
For your disagreement, most groups using that admin system, may hide their problems and use multiple counter-measures. Also, this message below may help you understand what backdoors are;
I tried looking into it. It crashes my studio. I recommend you delete it, they’re most likely trying to hide something.
If you can’t provide proof for it being malicious, please don’t make wild claims. The model has loaded fine into my Studio, and skimming through it, it looks like the reason for the long load time is it has a lot of assets.
3 Likes
Well, then that means the only thing left to check is Basic admin essentials. But I’ve looked through it myself before and its safe.
It is either your plugins, a free model or your own scripts. Look at both server and client scripts. Also look at you own scripts. There is no way anyone can do it without a backdoor. There is an option in studio called “ShowHiddenObjectsInExplorer”, that reveals every hidden thing. You could take advantage of the developer console, in a server script, print all BaseScripts’ name (you would have to wrap them in pcall or else it will error on stuff like CoreScripts). Find one that isn’t supposed to be there.
Alright, I have done that and all of the scripts have been verified and are not malicious.
1 Like
I can confirm it is your admin that has a backdoor! You should use something like HD Admin which is completely open source.
3 Likes
Basic Admin Essentials 2.0 is completely open source too. Can someone link me the source to where they are finding that Basic Admin Essentials 2.0 has a backdoor?
I highly trust TheFurryFish and his admin. Many big groups use BA Essentials and it’s the most efficient admin for a company group.
Are you sure you checked it thoroughly enough? This kind of exploitation rarely happens to such a degree on games where some sort of vulnerability isn’t found. I think this is less of a glaring answer where you can pin-point where an exploiter can access your code, and more of an in general design flaw. Make sure nothing serious or critical is stored on the client-side to start, and if it HAS to be, use RemoteFunctions. (Either way, now with filtering enabled RemoteFunctions are basically required for most client-server interactions)
Big groups can include Bloxton Hotels, Frappe, SizzleBurger, etc.
Yes, I have checked thoroughly twice and there are no flaws.
Alright, well just be sure to see if the client-side code has any sort of places where messing with the code could screw around with the server.
The only client-side code that communicates with the server is the recycling bins and the animations for the items and those only fire the server with no arguments on both ends.