Okay so I made an anti-exploit script that detects when a GUI is injected into the PlayerGui. Since exploiters can just inject these GUIs into the CoreGui is there any point in doing this. I would have kept it there but I realized that the script is removing all functionality of the chat as any chats added are instantaneously removed, not only that but I noticed that it is causing a massive performance dip. Should I get rid of this script and leave the PlayerGui venerable to exploits?
If I remove the script in studio (before testing) I notice an increase from 70 fps to a massive 106 fps!
Note that the script is secured by the server, if it is disabled or removed then the client is kicked.
I am only talking about this one script everything else is server sided and secure.
No they cannot, I have it secured by the server via remotefunction, I understand that this can be remotespied but it stops most script kiddies. If there is no response from the client it is kicked by the server.
To be honest, it takes only 1 person to bypass the anti-exploit script for the script to spread to all the script kiddies, especially when they title their exploiting videos like âNEW [insert game] EXPLOIT SCRIPT SYNAPSEâ
I wouldnât bother checking if a player is doing something crazy with their clientâŚ
I would rather be doing server sided checks to be sure all the players are playing fairly. Try to make checks that could see if another player has been having an unfair advantage? Do things like an otherPlayerExperience score, which drops down if things like a raycast from the HumanoidRootPart to the ground is really high, or if a player is moving really far, really fast, or if a player has been getting certain headshots really fastâŚ
If iâm not mistaken, you would only send a DMCA request to roblox if someone else is using your IP without your permission. Since the exploiters made the gui/scripts themselves, they own it and its their IP.
I can agree with the raycast and fast speed, but the heashots i feel like wouldnât be a secure solution. What if the player is just good? Iâve seen people is arsenal get headshots a lot, and they were a famous youtuber, and another was just good. Now, if there was some silent aim detection for it, then thats justifiable.
Well I probably would look into human response times and see how fast a player can really move a mouse to aim at another player and click.
I donât think Roblox servers could handle checking how long a player was visible with a raycast from the camera to the character in ms. Might have to try using a âdeadman switch remoteeventâ that you would edit every now and then to verify with the server a different event if using a localscript so you can ban players disactivating or modifying your check.
Edit: âdeadman switch remoteeventâ; ( I just call it this for fun. ) If I was to try to verify client actions, I would have a localscript do a random sort of check and fire a unique remoteevent in a folder full of random named remoteevents with a certain key grabbed from somewhere. Ping the server every 15 seconds or so to let the server know that the client still has it supposedly running and then do any checks on a localscript and change this method of which remote event to fire or method of checking a legitimate ping every week or so to thwart existing tools. If a player hasnât pinged a server in 30 seconds? Kick.