Hi there, I am currently a developer at Solera Resorts, a social group on Roblox (Solera Hotels & Resorts - Roblox)
We have an average player count of 100-120 during the day, and 40-60 during the night. (For American timezones).
However, we have been experiencing bots come into our game and spamming lag exploits, causing the server to lag badly, as the more players there are, the more intense the lag is.
Our group is not the only one dealing with this situation, as groups such as Boba, a group with over 123K+ members, and Fizze, a group with over 70K+ members, are also dealing with the exploit situation.
I would like to know how I can patch this lag exploit, and would like to know how it works. I have no idea what method is being used to lag the server, and I would really appreciate your help. Thank you!
Itâs an exploit that spams the chat remote, So u could make a check and see if the player is spamming and then kick them.
local ChatRemote = ChatRemote -- Forgot where it is...
local Ticks = {};
local SpamCheck = .1 -- The exploit spams really fast, So regular players would not be affected.
local function LogInfraction(Name, Infraction) -- You can save the infraction to their data store for further review...
local Data = PlayerData -- Whatever their data is
table.insert(Data.Infractions, {["Infraction"] = Infraction, Infraction, ["Data"] = tostring(os.time())}) -- You can use os.time to get the date
wait(1) -- Lets the code wait a bit so the data store saves.
end
ChatRemote.OnServerEvent:Connect(function(Player)
if not Ticks[Player.Name] then
Ticks[Player.Name] = tick()
else
local LastTick = Ticks[Player.Name]
local TimeFromLastTick = tick() - LastTick
if TimeFromLastTick <= SpamCheck then
LogInfraction(Name, "Lag Exploit")
Player:Kick("Lag Exploit Detected")
end
end
end)
Kinda went a bit far with the data store thing but itâs a nice touch, Not sure what ur data set up looks like, But anyways, Hope this helps.
Looks like a useful script, though I wouldnât wait 1 second before kicking the player. Perhaps switch the calls to LogInfraction and Player:Kick, so the kick happens first?
Maybe increase the SpamCheck value, as I would be surprised if normal human players are capable of typing in chat messages, with less than 100 milliseconds between each sent message (unless a network congestion happening - or just doing copyâpaste very quickly, which would, sort of, be equal to spamming.) - Hmm? Or use some implementation of the âleaky bucketâ algorithm, so an ordinary player wont be punished (i.e. kicked) due to network issues.
Also maybe check for a maximum length of the message, so anything larger than, lets say 200 characters, would be âsuspicious activityâ if happening frequently from the same player.
This sounds like Exploiters crashing my servers, cause unknown BUT I have heard that its not bots? Its normal people and players with a script that freezes the server my friend owns this game that gets visits daily but when somebody like with a new account or something the server just freezes and when I reload the server the player is gone, I dont know if its the same situation, But yea I think its happening to my friend as well.
This is a script that has been released on the site v3rmillion.net (common exploiting forum). It was created by the user wallythebird and I canât tell you how it works because I am unable to deobfuscate the script. It might use the well known âweld methodâ where you would make an infinite for loop to generate lots of welds into your character, then you would reset. I am not sure if that is the problem though, it might be a more private exploit of some sorts.
Iâve put this in and set it up correctly, but however, I still have the same problem. Iâve put in an weld spam patch, a sound spam patch, and a chat spam patch. Iâve committed all the scripts and published it, and I am still experiencing this problem.
Iâve put in an weld spam patch, a sound spam patch, and a chat spam patch. Iâve committed all the scripts and published it, and I am still experiencing this problem. It does not seem to be a weld spam method.
Perhaps my code is wrong or maybe u need to increase the spam check value as one user stated above. However I do know that my approach is correct, as itâs a perfect way to detect the time between sent messages.
Iâm not sure if this is still an issue, but Hereâs a patch.
âAnti exploit crash script
local Players = game:GetService(âPlayersâ)
function GetPlayerByWeld(WeldObject)
if not WeldObject then return nil end
for i,v in pairs(Players:GetPlayers()) do
if v.Character and WeldObject.Part0 and WeldObject.Part0:IsDescendantOf(v.Character) then
return v
end
end
end
game.Workspace.DescendantAdded:Connect(function(Object)
if Object:IsA(âWeldâ) and Object.Name == âRightGripâ then
local Player = GetPlayerByWeld(Object)
local WeldCount = 0
if Player then
Object.AncestryChanged:Connect(function()
if Object.Parent ~= nil and not Object:IsDescendantOf(Player.Character) then
Player:Kick(âAncestryâ)
Object:Destroy()
end
end)
for i,v in pairs(Object.Parent:GetChildren()) do
if v:IsA(âWeldâ) and v.Name == âRightGripâ then
local Owner = GetPlayerByWeld(v)
if Owner and Owner == Player then
WeldCount = WeldCount + 1
end
end
end
if WeldCount > 2 then
Player:Kick(âMaxâ)
Object:Destroy()
end
end
end
end)
function GetPlayerByWeld(WeldObject)
if not WeldObject then return nil end
for i,v in pairs(Players:GetPlayers()) do
if v.Character and WeldObject.Part0 and WeldObject.Part0:IsDescendantOf(v.Character) then
return v
end
end
end
game.Workspace.DescendantAdded:Connect(function(Object)
if Object:IsA(âWeldâ) and Object.Name == âRightGripâ then
local Player = GetPlayerByWeld(Object)
local WeldCount = 0
if Player then
Object.AncestryChanged:Connect(function()
if Object.Parent ~= nil and not Object:IsDescendantOf(Player.Character) then
Player:Kick(âAncestryâ)
Object:Destroy()
end
end)
for i,v in pairs(Object.Parent:GetChildren()) do
if v:IsA(âWeldâ) and v.Name == âRightGripâ then
local Owner = GetPlayerByWeld(v)
if Owner and Owner == Player then
WeldCount = WeldCount + 1
end
end
end
if WeldCount > 2 then
Player:Kick(âMaxâ)
Object:Destroy()
end
end
end
end)