Is there a good anti-exploit that I could use for my games?

COUNTYL1MITS · April 3, 2020, 7:49pm

I have checked and we do not have malicious require()s in our scripts, they all lead to trusted models.

blokav · April 3, 2020, 7:51pm

In that case someone might be abusing an unsecured remote event or function. Or the backdoor could be really well hidden.

codyorr4 · April 3, 2020, 7:53pm

yeah i agree with @Blokav there isn’t anything else you can do besides secure your remote events better (and add better sanity checks to CORE events)

COUNTYL1MITS · April 3, 2020, 7:54pm

All of the remotes are secured and even if one of them is fired, they can not do the exploit attacks shown in the OP.

ForbiddenJ · April 3, 2020, 7:59pm

Hold CTRL+SHIFT+F and search for each of the following keywords.

getfenv
setfenv
loadstring
require

The first three are often abused by backdoor scripts, and are rarely used by legitimate scripts. If you see those at all, that’s probably where the backdoor is.

However, require is more often used for legitimate purposes, unlike the others. What you should watch out for are require statements that get passed numbers, or look like these patterns:

require(12345)

or

local lilililil = require

blokav · April 3, 2020, 8:03pm

Awesome, I knew there there was a key command for this!

And here I was using Quick Open and reading through scripts like a chump…

Also a good thing to do would be to follow the link to the remote module to see if it is legitimate or something made by a script kiddie.

COUNTYL1MITS · April 3, 2020, 8:34pm

Okay, I have looked through them and the only results are for require and I am aware of them and they cause no harm.

Q4_42 · April 3, 2020, 8:40pm

Ro-Defender is useless, it actually doesn’t scan for backdoors. It scans for old 2008 viruses with names like “INFECTION”. Also I’ve seen that plugin before in many backdoor posts (3D Text) I’d check out XAXA if I were you.

clairosbags · April 3, 2020, 8:45pm

Do you use any admin commands?

KrampusX12 · April 3, 2020, 9:29pm

If you’d want to make an anti exploit you most likely need to make a local script calling an if statement. If that scripts deleted have another script to back it up and kick/ban the player forr exploiting. You can also use measurements like if an important script/part is deleted or if too many people die then the game shuts down or kicks the player.

COUNTYL1MITS · April 3, 2020, 9:30pm

Okay, I will uninstall Ro-Defender. Also, here is the link to the 3D Text plugin.

COUNTYL1MITS · April 3, 2020, 9:31pm

We use Basic Admin Essentials 2.0 by TheFurryFish.

AlertShamrock · April 3, 2020, 9:31pm

@COUNTYL1MITS that a free model with a backdoor. Make a custom one.

COUNTYL1MITS · April 3, 2020, 9:32pm

I will have to disagree with you as many groups use this and they do not have this issue.

AlertShamrock · April 3, 2020, 9:34pm

@COUNTYL1MITS it does have a backdoor; due to fact it so commonly use exploiter can create a script to bypass it and make scripts to find games with it. That is why it is important to use custom admin systems. I also messaged @P_xul, with important information about back doors to find, prevent, and remove.

For your disagreement, most groups using that admin system, may hide their problems and use multiple counter-measures. Also, this message below may help you understand what backdoors are;

What exactly is a "backdoor"?

Generally in the outside world, backdoors allow hackers to gain complete access to your computer, and can even insert files, delete stuff, and such. I’ve once had a backdoor-recieved file with an imposter of sethc.exe on my Windows PC long ago. And as you’d expect, it was an undetected virus, and wrecked my old PC as usual. So basically my 100th re-install of Windows 10.

As in Roblox backdoors, they’re mostly common in free models that are botted (e.g. over 100k takes with only at least 10 thumbs-ups, that’s when you know it’s fake.) and contain well-hidden code lines such as getfenv() and setfenv(). But then you realize that they’re not visible in the backdoor model’s script(s).

Okay, now actually back to what it does. Simply put, it allows the owners of those “backdoor free models” to gain full access to the place that you put it in. Before it was just done with loadstring(), a heavily exploited use to execute powerful code, and it allowed them to do anything they wanted with the place.

Loadstring is already disabled by default but these “backdoor models” have still found some workarounds. So just don’t trust free models.

Q4_42 · April 3, 2020, 9:42pm

A good backdoor scanner is Kronos. I’ll go look into the 3D Text plugin.

Q4_42 · April 3, 2020, 9:46pm

I tried looking into it. It crashes my studio. I recommend you delete it, they’re most likely trying to hide something.

Q4_42 · April 3, 2020, 9:47pm

Also here is the download for 3DText.rbxm (700.3 KB)

Autterfly · April 3, 2020, 9:57pm

If you can’t provide proof for it being malicious, please don’t make wild claims. The model has loaded fine into my Studio, and skimming through it, it looks like the reason for the long load time is it has a lot of assets.

Q4_42 · April 3, 2020, 10:05pm

Well, then that means the only thing left to check is Basic admin essentials. But I’ve looked through it myself before and its safe.