Kronos Plugin -> Backdoor finder / killer -> Instant scanning

plugin
anti-exploit

#1

Hello Developers!

Information
Many games (mainly popular) are backdoored or virused by different people (mainly exploiters) to gain access to your game (and execute server sided scripts, to destroy your game)

About Kronos
Kronos is a plugin created by Axdrei, to remove those backdoors / viruses from games.
Kronos is completly free! I am trying to get known in game-security (client, server and events).
I am new here and I will try to make some good contributions.

The plugin can be found here.

Tutorial / Guide

  1. Install the Plugin
  2. Get in studio
  3. Click plugins tab
  4. Click the KRONOS button
  5. Check the output

Updates

  • All errors have been fixed.
  • Lag shouldn’t bother you anymore, the scan is now instant.
  • New backdoor methods have been patched.
  • More viruses / backdoors should get detected now.
  • Big update to code, easier for me to read and modify.

New updates!

  • Now detects way more backdoors
  • There are now two folders “Backdoors” and “Possible”
  • Now it tells you in-info what the object got detected for (ex. backdoor / virus)

Coming Soon

  1. UI for settings
  2. Plugin checks (Backdoors/Viruses)

Those updates will only happen if I see good feedback!


#2

Good job! Works perfectly for me.


#3

Thanks !
Tomorrow I will make this better and will make a way to see if the scripts or modules are using require. I will also remove some useless things I forgot to remove (2 things to be exact).


#4

This seems great! You should turn this into a plugin so it would be easier than copy and pasting the code all the time.


#5

Thanks! I will think of your idea because it would be easier for everyone, including me. I won’t have to modify the pastebin all the time like that.


#6

Otherwise, you could have the source pulled from Pastebin then ran in a LVM. Although that would require HttpService to be enabled :confused:


#8

Updated!
Now a plugin :stuck_out_tongue:


#9

Nice plugin name,

If you don’t mind me asking, how exactly does it find these backdoors?


#10

I like. Works pretty well. I’m curious to what methods you use to locate the backdoors.


#11

Thanks! :slight_smile:

It finds the backdoors by checking all scripts / modules if they have require(id) or getfenv()["…"] (in their source). I am trying to work on better/new ways to find them and will work on this more.


#12

Haven’t tried the plugin yet, but does the plugin detect obfuscated scripts?


#13

Yes!

Most of them are detected.
If you find any obfuscated script that isn’t detected and it’s a backdoor/virus, leave a link here.

Thanks!


#14

image

Looks like you got an extra ) here.


#15

Yeah, currently not home so I can’t fix it.
I tried to release an update before I left the home and I couldn’t check for errors.


#16

That’s an oof, I just reuploaded and it to work. First experience is a lot of false positives with the require checker. Other than that, looks good so far.


#17

Thanks!

Removed the require checker for now.
Fixed the error.


#18

Why does this not work on tycoon game?

How does your plugin determine that my game is a tycoon?


#19

I already edited the post. It does work on tycoon games now.


#20

All cool, but my question is, why did you whitelist a (now deleted) backdoor with id 306895131 in your plugin here:

local WhitelistedIDs = {359948692,306895131,2373505175,2373501710}

#21

I am pretty sure it was an admin script …
Not Sure tho