Not sure if it’s efficient though but I made something similar.
https://gyazo.com/5bd7065c4b78ee223c96da9ba9764b68
But I do suggest instead of kicking from the client use a server script instead.
1 Like
The exploiter can just hook the kick function
2 Likes
Yes, but if OP wants to create the Anti-Exploit on the client, the Exploiter may just disconnect all the connections from the Kick Remote(Please secure it, I don’t want a random Skid kick everyone). So the only thing you can do on the client without anyone advanced or not at exploiting just hooking Kick or anything else.
Well what I did was I made the client fire a remote that will send a message for the server to handle the rest of the kicking.
The encryption key is just so the exploiter could not fire the remote anyhow they want.
1 Like
The exploiter can hook the remote call too
1 Like
Should you have 2 scripts that do the same thing but have different names? So if they get past one, the other one kicks them instead?
1 Like
Wait exploiters can do that?!?!?!
1 Like
That whould just do unnecesary lag, and probably the exploiter can delete both. As I said, put the Anti-Exploit in a inportant script so when the Exploiter destroys it the game will become unplayable.
Also, @SelfDeclared Yes.
An exploiter can do pretty much anything that relates to the client
1 Like
So, I should make a different script that kicks them instead, so that when they disable the anti-exploit, they can still get kicked? 
1 Like
I’m not sure if you know how exploiting works. That is just inefficient and won’t really work at all.
1 Like
No, since they can hook :Kick to not kick in the first place.
1 Like
The best is make 2 Anti Exploits. One on the Server(That handles Teleporting/Speeding/Flying) and one on the client(That handles basic WalkSpeed,BodyGyro,JumpPower), but note that the one of the Client will be pretty inneficient as the Exploiter can just modify the MetaTable and say that the WalkSpeed is 16. Put the Client Anti exploit in a inportant script so the Exploiter will have a bad time doing anything if he deletes it, and the Client sided Exploit’s punishent is try to say a message to a RemoteEvent, and kick the player(They may disable both). If you wait 5 seconds and the player isn’t kicked, just destroy everything inportant(Scripts,GUI’s,Part of the maps) so they will have a terrible experience playing your game. Sorry for the grammar issues, I’m on phone 
)
1 Like
Exploiters can just bypass the anti-exploit parts of important local scripts, they don’t need to delete the whole thing. And deleting scripts, UI, maps is useless, they can use getnilinstances().
1 Like
I’m not sure what do you mean?I know perfectly every function of KRNL, Synapse and JJSploit API(I guess that is how it is called) and I see no function to do that. Maybe an custom .dll that deletes some bytecode?
I am saying if you do speed checks, body mover checks, etc, it doesn’t have to be its own script to be bypassed, you are making the implication that the only way for exploiters to stop anti exploits is by deleting them, when that simply is not true.
1 Like
Isn’t kicking or banning a player for exploiting bad practice? In some cases it’s reasonable to do so in the case of honey pots, but I prefer to instead have checks on the server execute code only if the arguments being passed are legitimate.
2 Likes
Alright I want your opinion on this. Lets say that the exploiter did remove the remote from the client side or mess around with it…
What is a better alternative than to kick the player locally?
So I’ve made the changes seen below, it checks if the RE is still in the replicated storage if it isn’t it will kick the player locally. I know kicking locally is
not the best solution so what should I do?
There’s really not much you can do to prevent cheating on the client. Your best bet would be to just add checks on the server
2 Likes
So, here are the questions. Does it help? Did you hack-exploited your own game to check it?