I have checked and we do not have malicious require()s in our scripts, they all lead to trusted models.
In that case someone might be abusing an unsecured remote event or function. Or the backdoor could be really well hidden.
yeah i agree with @Blokav there isnât anything else you can do besides secure your remote events better (and add better sanity checks to CORE events)
All of the remotes are secured and even if one of them is fired, they can not do the exploit attacks shown in the OP.
Hold CTRL+SHIFT+F and search for each of the following keywords.
getfenv
setfenv
loadstring
require
The first three are often abused by backdoor scripts, and are rarely used by legitimate scripts. If you see those at all, thatâs probably where the backdoor is.
However, require
is more often used for legitimate purposes, unlike the others. What you should watch out for are require statements that get passed numbers, or look like these patterns:
require(12345)
or
local lilililil = require
Awesome, I knew there there was a key command for this!
And here I was using Quick Open and reading through scripts like a chumpâŚ
Also a good thing to do would be to follow the link to the remote module to see if it is legitimate or something made by a script kiddie.
Okay, I have looked through them and the only results are for require
and I am aware of them and they cause no harm.
Ro-Defender is useless, it actually doesnât scan for backdoors. It scans for old 2008 viruses with names like âINFECTIONâ. Also Iâve seen that plugin before in many backdoor posts (3D Text) Iâd check out XAXA if I were you.
Do you use any admin commands?
If youâd want to make an anti exploit you most likely need to make a local script calling an if statement. If that scripts deleted have another script to back it up and kick/ban the player forr exploiting. You can also use measurements like if an important script/part is deleted or if too many people die then the game shuts down or kicks the player.
We use Basic Admin Essentials 2.0 by TheFurryFish.
@COUNTYL1MITS it does have a backdoor; due to fact it so commonly use exploiter can create a script to bypass it and make scripts to find games with it. That is why it is important to use custom admin systems. I also messaged @P_xul, with important information about back doors to find, prevent, and remove.
For your disagreement, most groups using that admin system, may hide their problems and use multiple counter-measures. Also, this message below may help you understand what backdoors are;
I tried looking into it. It crashes my studio. I recommend you delete it, theyâre most likely trying to hide something.
If you canât provide proof for it being malicious, please donât make wild claims. The model has loaded fine into my Studio, and skimming through it, it looks like the reason for the long load time is it has a lot of assets.
Well, then that means the only thing left to check is Basic admin essentials. But Iâve looked through it myself before and its safe.