The ID 5770442639 leads to a backdoor “MeshLoader” created by a recent account with a spam username.
What does the beginning part of the code do, and is it actually a backdoor or is it just a coincidence that it’s the ID of a backdoor script?
(I’m almost positive this is a backdoor though, the actual code before this code is useless)
I tried searching what getfenv() did and I didn’t understand its function.
not exactly sure what getfenv() means or does but I believe it is pretty complicated, but the string.reverse(“\101\114\105\117\113\101\114”) looks like the ascii code for each letter in the word ‘require’, but backwards. reversing this just requires 5770442639, so yes, its a backdoor
Most backdoors use getfenv() and try to encrypt the line of code as much as possible to try to hide the backdoor. Like @MarioMeetsCookies said, yes, it is a backdoor and should 100% be removed. You should tell your friend to check for anymore scripts like that.
To check you can simply do CTRL + Shift + F and search “getfenv()” “string.reverse” and “require”.
I backtracked through all the scripts it was requiring and I finally got to the end of it. I’ve seen the script before and it is a server sided exploit executer. (Exploiters would be able to bypass FilteringEnabled)
This is without a doubt a backdoor and you should take the time to locate plugins causing issues. You are able to disable plugins from creating and modifying scipts so worst comes to worse you can just make all plugins from functioning in this game.
You should always be careful with which plugins you pick since they are able to run outside of the runtime which makes them more dangerous than models with malicious code. Ideally, plugins you download should be from reputable members of the community. An easy way is to check to see if the creator of a plugin is part of the DevForum.
Thanks, your reply was the most useful to me (although they were all useful), but is there any way to check who added the script so I can warn them directly?