I’m pretty sure exploiters can view any script, local or server, but they cannot view scripts in ServerScriptService or ServerStorage, so they could just copy the code and fire the remote event with the code they copied from the script.
1 Like
They cannot view actual Scripts, but only local scripts as Exploits are client sided.
3 Likes
Exploits can stop Webhooks from being sent, Project Slayers original ANTICheat was purely made of Webhooks and no actual base. - It failed and was exploited in a matter of less than 10 lines.
The Webhook was blocked and no Alerts were sent.
This can be done by deleting the Remote that sends the webhook via and seeing what the remote is via Remote Spy.
Never trust the client, as Exploits are via Client side.
Edit:
The efficient way to stop them is to add an actual base to catch exploiters.
How ever, all anticheats will get bypassed one day or another and there is no way to stop it for now.
UNTIL Roblox initiates their ANTI Cheat they’re working on.l
1 Like
Just to be clear, what exactly is this scriot supposed to do?
What kind of security hole have you found and why would it be harmful?
What exactly does your password do? Why is it necessary?
1 Like
In your case, it is safe, but you can remove the passcode. This is because the group check is determining the rank of the player sending the remote, and it cannot be changed on the client.
4 Likes
Exploiters can use remote spy to track down events firing with their arguments, so theres no point of this random generated key/pass.
And the use of If statement is correct, but if you are creating a remote event for simulator games then please add debounce so it will help a little.
I’ve seen few devs putting debounce in client scripts instead of server scripts.
1 Like
Exploiters can not view server scripts in any way. If the password is only on the server, it can’t be seen. So this script has good enough measures.
1 Like
as long as you’re checking the players rank in the group, you don’t need a remote key.
3 Likes
Its not, since you have to pass the key through the client script to pass it to the server, read the post above
1 Like
Could you elaborate? I don’t really know why you’re telling me this. You need remote events for this.
1 Like
RemoteEvent passwords aren’t useful. The client and server need to know the password for it to work. So the whole purpose is defeated by that.
3 Likes
By client, do you refer to the player behind the screen that actually knows the password? Or are you just talking about the client itself?
1 Like
Hackers can look at a script if its client or server. This script is not safe unless put in ServerScriptService. I doubt the hackers would even understand this though. I think a passcode is good protection against the normal exploiter with absolutely zero scripting experience
1 Like
Also, why wouldn’t hackers be able to understand this? They can be just as smart as you and me.
1 Like
I just made the edit. The average hacker is just some 14 year old kid who found some script for da hood. They know nothing about how anything works…But yes, some exploiters do have knowledge, I understand that.
1 Like
Well you’re right, that is the average hacker because there are so many free exploits. Hopefully this new anticheat roblox is adding will at least kill free exploits.
2 Likes
Its going to kill many of the big brand cheats you see today.
Im talking about even Synapse (The biggest Exploit on the market today) will be shut down for a good few months. - Due to how overpowered this new anticheat will be.
1 Like
I do have high hopes that it will do well, since the same company helped with Fortnite and other popular games’ anticheat. I’ve personally never seen a hacker in fortnite - or maybe I’m so bad that I can’t tell the difference between a normal player and a hacker because everybody is better than me - which is why I think it will do well.
This will for sure erase free exploits because they’re the weakest. They’re used by a lot of skids in games that involve a lot of skill they don’t have. Hopefully we see less of those because of this anticheat.
1 Like
I guarantee that it’d be really strong, due to them also working on Riots cheat engine - Vanguard, which is really strong.
I wonder about the bad how ever, because every Anti-Cheat has flaws with false flagging. Wonder how they will prevent false flagging on the Client side 
.
1 Like
Thanks everyone for the answers! I will actively reflect everyone’s advice!