What do you want to achieve?
I would like to secure this code security loophole with advice from DevForum!
What is the issue?
I made this code, but due to the limitations of my scripting skills, I don’t know if this code is safe from abusers.:<
What solutions have you tried so far?
I tried to prevent it somehow with group role id and passcode, but it seems to be insufficient.
This code is a script that gets information from clients and sends it to everyone! You can think of it as similar to the training notice system of the military game!
I would like to patch the security hole in this code with the help of DevForum!
Any help would be appreciated!
local Group = plr:GetRankInGroup("Cool_id")
if Pass == "DW12D-DGEBH-KLRB-12567" then
if Group >= 155 then
I don’t count on it, especially if that thing somehow exists on the client scripts already. The decompiler can simply find it. Sanity checks do not involve arbitrary input from client, always server’s own values to check.
I’m pretty sure exploiters can view any script, local or server, but they cannot view scripts in ServerScriptService or ServerStorage, so they could just copy the code and fire the remote event with the code they copied from the script.
Exploits can stop Webhooks from being sent, Project Slayers original ANTICheat was purely made of Webhooks and no actual base. - It failed and was exploited in a matter of less than 10 lines.
The Webhook was blocked and no Alerts were sent.
This can be done by deleting the Remote that sends the webhook via and seeing what the remote is via Remote Spy.
Never trust the client, as Exploits are via Client side.
The efficient way to stop them is to add an actual base to catch exploiters.
How ever, all anticheats will get bypassed one day or another and there is no way to stop it for now.
UNTIL Roblox initiates their ANTI Cheat they’re working on.l
Exploiters can use remote spy to track down events firing with their arguments, so theres no point of this random generated key/pass.
And the use of If statement is correct, but if you are creating a remote event for simulator games then please add debounce so it will help a little.
I’ve seen few devs putting debounce in client scripts instead of server scripts.
Hackers can look at a script if its client or server. This script is not safe unless put in ServerScriptService. I doubt the hackers would even understand this though. I think a passcode is good protection against the normal exploiter with absolutely zero scripting experience
I just made the edit. The average hacker is just some 14 year old kid who found some script for da hood. They know nothing about how anything works…But yes, some exploiters do have knowledge, I understand that.
Its going to kill many of the big brand cheats you see today.
Im talking about even Synapse (The biggest Exploit on the market today) will be shut down for a good few months. - Due to how overpowered this new anticheat will be.