Madpoint83 Creation: Server Defender


Server Defender [Anti-Virus]


In this post, I will explain everything you need to know about Server Defender. This includes the features, detection systems and much more!


These are some amazing features Server Defender has that makes you want to use Server Defender!

  • Advanced Virus Detection (Read detection for more information),
  • Multiple Languages supported (Read Supported Languages for more information),
  • Full control over removed objects,
  • Team-Create supported,
  • Dark and Light Studio Theme support,
  • Customizable settings,
  • Background scans,
  • Warning for malicious models and plugins,
  • Warning for obfuscated scripts,
  • Warning for large scripts,
  • No lag while scanning,
  • Auto-Updates,
  • All Services scanned (Yes, even services you’ve never heard of before!)

Click to open

We gave you full control over objects that are being removed!

We do not remove objects instantly once they are being detected.
Instead, we show a warning (if Background Scanning is enabled) that it is highly recommended to scan your game fully to prevent viruses being spread.
Once you performed a scan we give you the option to manually remove specific detected objects however we also give the option to remove all of the detected objects at once.
If Objects are being detected by Background Scans (if Allow Background Scans is enabled) and if Automatically Disable Coding is enabled we do disable the script automatically.

We made Server Defender super Team-Create friendly!

We scan objects that are being inserted by other users that do not use Server Defender and we show warnings to users that do use Server Defender if it was detected that someone else added a suspicious object.
We also notify other Team-Create members that Server Defender is currently scanning the game.
We other notify Team-Create members about the number of viruses that were removed in the current session (=the amount of viruses that were removed while the user that uses Server Defender was in the game).

We made Server Defender Light and Dark theme available!

All Server Defender UI is available in both themes this means button textures, text color, background color are being changed.
The UI matches with the color or Roblox Studio.

Screenshots


SD_Settings_UITheme

We gave you the option to Customize your own Settings!

We now allow you to enable or disable Background Scans, Code Checking (see Detection>Code Verification for more information) and automatically disable detected scripts!
We save your preferred settings so you don’t have to reconfigure them every time you start Roblox Studio!

We run background scans for new added malicious objects!

Every time you add a new object or change its location we run scans on this object to ensure you stay safe!
Although there is a background scanning system it’s highly recommended to use the default scanning method every once in a while.

We will warn you for malicious plugins and models!

To prevent backdoors we will now warn you if you have a malicious plugin installed or if you added a malicious model through the Toolbox.
We already scanned all the scripts that were added through the Toolbox. However, if the script that was inserted is a loader, for instance, the Kohl’s Admin loader, we will detect if this is the official loader or not. If it isn’t the official loader we will detect it as a “Dangerous Service”.

We made Server Defender Auto-Updating!

We know this sounds very dangerous to a lot of you but trust me, it isn’t.
Server Defender can now insert data from a module, this data will allow Server Defender to detect new malicious plugins and/or models. This also allows us to display a message if there is a new update for Server Defender available.
Because some of you don’t trust auto-updating things at all we chose to open-source the model where this data is stored. You can find this model here.

We made sure Server Defender doesn’t/barely cause(s) lag while scanning!

Because we made sure everyone can use Server Defender we removed the amount of lag that Server Defender created while scanning
Now you’re wondering, no lag probably takes YEARS to scan the game!
No, scanning the game goes super fast, if you have a large game it might take longer than for a small game however it never takes more than 3 seconds!

We scan everywhere! Yes, even there!

Instead of the old version of Server Defender and most other Anti-Viruses, we don’t only scan the workspace.
We scan in every Service we have access to this includes many services you have never heard of before e.g. KeyframeSequenceProvider, TimerService, HttpRbxApiService & RuntimeScriptService!


Click to open

Server Defender has 3 different detection methods that make Server Defender very trustworthy and reliable even for uncommon viruses.

Name Detection:

Like every other Anti-Virus we use Name detection, unlike most other Anti-Viruses we detect changed Virus Names. If someone was smart enough to change a capital in the name we still detect it.

Structure Detection:

Let’s say someone was smart enough to change a common virus its name, we still detect them because we run a Structure Detection on every object in your game!
We analyzed how most viruses look and we detect them on this.

This will have the classification: ‘Suspicious object’

Code Verification [BETA]:

We hear you thinking, someone created a custom virus just for your game, this will never be detected!
We do if you enable ‘Allow Reading Scripts’ in the Server Defender Settings menu.
If this is enabled Server Defender will look through all of the scripts in your game and look for anything malicious.
Another thing that Code Verification does is check for malicious plugins and models (if enabled in the settings). Code Verification can detect loaders that will insert a Backdoor (we call this dangerous services), we can also warn you for obfuscated scripts in-case you don’t want these.

This will either have: ‘Suspicious object’ or ‘Obfuscated’ or ‘Dangerous Service’ as classification.


Click to open

Some setting names might be a bit vague so we will carefully explain what each setting gives Server Defender access to.

Background Scans:

By enabling this setting Server Defender will scan every object that is added to the game to see if it contains anything malicious or not. Server Defender will also scan objects that are added by other players in a Team-Create session even if they don’t use the Server Defender plugin.

Code Checking:

By enabling this setting Server Defender will read through the coding of each script in your game. This means that Server Defender will see all of the coding lines in a script, for instance, the line below.

print("Hello world")

If you want to know why Code Checking is super useful please read Detection > Code Verification.

Disable Code:

By enabling this setting Server Defender will instantly disable all the scripts that are detected.
Instead of removing them we chose to disable them so you can decide yourself if you want to keep or remove the script once it is shown to you in the scan overview after you performed a scan.

Warn Malicious Plugins:

By enabling this setting Server Defender will scan through our database of known malicious plugins to see if you have any of them installed. If you have them installed Server Defender will display a warning message that you have to take action immediately.
Why are malicious plugins so dangerous? Malicious plugins can add backdoors to your game without you seeing them, they can even copy your entire game including the Server Scripts whether or not you have Filtering Enabled.

Changing this setting will not take effect until you restart Roblox Studio.

Scan Malicious Services:

By enabling this setting Server Defender will scan through your game to see if there are any Loaders in your game that are not the official loaders. People can steal Models such as the Kohl’s Admin module and re-upload it. These re-uploads can include a lot of bad things such as backdoors.

Prevent Obfuscated Scripts:

By enabling this setting Server Defender will scan through your game to see if there are scripts that are obfuscated. Obfuscated scripts are scripts that aren’t readable for humans. They made it extremely complicated for humans to understand what they do exactly. If a script is obfuscated it doesn’t directly mean that is harmful but you might want to think twice about having obfuscated scripts in your game.
If you want to have obfuscated scripts in your game please disable this setting to prevent you from removing scripts accidentally.

Prevent Large Scripts:

By enabling this setting Server Defender will count up all script lines to check if the script hasn’t been designed to cause lag to your personal computer. If the script has 100,000 or more coding lines it will not be checked, to prevent lag, and instantly be flagged as a ‘Suspicious Object’. Enabling this feature will not cause noticeable performance fallback.

Show Scan Widget:

By enabling this setting Server Defender will show a widget that allows you to scan that specific script once you select a Script, LocalScript or ModuleScript. You can not scan multiple scripts at the same time with this feature. Once you scanned the script the widget will change to the result of the scan. If the script is malicious Server Defender will inform you that you have to manually scan your game completely. Why would we use this? This might be useful if you’re finding malicious scripts yourself, or if you do not want to scan the entire game.

Change Language:

This setting allows you to change the language that Server Defender is displayed in.
English: Server Defender will be shown in English.
System: Server Defender will be shown in the same language as your operating system.

This feature will be shown in the Server Defender settings if your operating system is in English.

Disclaimer: Server Defender does not support all languages at this point. For the up-to-date list please view the ‘Supported Languages’ section.

Changing this setting will not take effect until you restart Roblox Studio.

Display

This setting allows you to change the way Server Defender looks.
Default: Black/White Theme. Server Defender will look super clean.
Colorful: Black/White-Green/Red Theme. Server Defender will look easier for your eyes.

Changing this setting will not take effect until you restart Roblox Studio.

Test Mode

By enabling test mode Server Defender will enable BETA features that are still in development. This setting is mainly used for the Developers and Testers of Server Defender. Test Mode can cause the plugin to break due to unreleased coding. Besides activating unreleased Server Defender code, Test Mode will also activate the Start-Up widget by default.
The Testing Mode might be useful if the plugin crashes for you at a certain moment, Testing Mode will print a lot of handlings that Server Defender is performing at that moment.


Click to open

As we want all of our users to enjoy and use Server Defender we decided to translate the plugin!
Almost every text that is being displayed by Server Defender is translated to the languages stated below, this goes from Error Codes to Widgets and from Notifications to Plugin Toolbar Buttons!
Server Defender currently supports English, Dutch, Chinese Traditional, German, Swedish, Russian, Greek, Norwegian, Polish, Lithuanian, French, Japanese, Spanish.

Credits to our Translators:

Vohlkson_Model: Chinese
FinPlain: Russian, Lithuanian
Beaxrs: German
Auxternius: Polish
WarShadow95: Greek
race_guy09: Norwegian
rosimomohon: Swedish, French
Ron_GM: Georgian, Japanese, Spanish


Click to open

Malicious plugins can add backdoors to your game without you knowing!

If Server Defender gives you a warning that it has detected a malicious plugin please take action immediately.
Please follow the steps below so we can remove this thread as soon as possible.

When you have received the message from Server Defender that it has detected a malicious plugin there will be a GUI on your screen that warns you to take immediate action. Please do this otherwise you could infect more than one game which leads to more damage.


Step 1: Find out what plugin is malicious.

Server Defender will send a warning message in the output that gives the id of the plugin that is malicious.
If you do not get this message please check if the Server Defender plugin is up-to-date.


Once you know the ID of the plugin go to
https://www.roblox.com/library/ENTER_ID_HERE/


Step 2: Remove the plugin from your inventory.

When you found the plugin on Roblox site please press the 3 dots in the top right corner and press ‘delete’.
SD_Delete


Step 3: Remove the plugin from Roblox Studio.

Now you know the name of the plugin you can easily remove it from Roblox Studio.
Open ‘Manage Plugins’ in the plugin bar.
SD_ManagePlugins
Next, find the malicious plugin in the list of plugins installed and remove it by pressing the ‘X’.


Step 4: Restart Roblox Studio.

After you have removed the malicious plugin please restart Roblox Studio just to be sure.
If Server Defender still gives you a warning about a malicious plugin after you have restarted Roblox Studio, repeat step 1,2,3,4 until the message is gone.


Step 5: Scan your game.

Now all malicious plugins are removed, plugins can no longer add the backdoor scripts to the game.
It would be hopeless if we would constantly scan the game for backdoors when the source of the problems is still working.
It is highly recommended to enable all Server Defender settings during this scan for the best result.

After you have scanned the game most of the malicious scripts should be removed however, it is highly recommended to review all scripts yourself just to be sure.



How do I view Server Defender in English?

Answer: Open the Server Defender settings in the Plugin bar in Roblox Studio. Open the Settings menu. Scroll down to Preference, here you will see ‘Change Language’ change this to English.

Server Defender Settings > Preference > Change Language > English


Why does it say I have to restart Roblox Studio?

Answer: Some settings require Roblox Studio to restart. This can be due to multiple reasons. The main reason is because of a required layout change. The layout could become messy and might break. If you do not restart Roblox Studio some setting changes might not be changed until Studio is restarted.


Why does Server Defender automatically update?

Answer: There are currently two types of Automatic updates that we provide: Security updates and Language Pack updates.

Security Updates: We made sure everyone stays protected all the time. If you do not want to update plugins you would miss out on possibly important security updates. We made sure those important security updates go automatically. Every time you restart Server Defender we will insert the latest security features without you having to do anything.
Language Pack updates: In-case some of our translators misspelled something we can now easily fix this mistake by changing it without having you to update the plugin. This system also allows us to add new languages without requiring a manual update.

This might seem dangerous, we can edit the coding constantly. Because this might be an issue for some people we have open-sourced the modules that inserts the latest features. Take a look at the coding yourself here and here.


I do not want Server Defender to remove all of the detected objects, how to do this?

Answer: Server Defender will never remove an object from your game without your permission. Once a scan is completed there will be an overview with all detected instances. You have the option to remove all the given instances or you can manually remove instances by clicking on it.


What is the difference between a 'Virus' and a 'Suspicious Object'?

Answer: The difference between a Virus and a Suspicious Object is to show why Server Defender is better than any other Anti-Virus. If the object is classified as a Virus it is a known virus by the community, there is a high chance other Anti-Virus plugins would detect this instance as well. If the instance is classified as a Suspicious Object it is being detected by a unique detection method of Server Defender that most of the other Anti-Virus plugins do not have. For more information please take a look at the ‘Detection’ Subcategory in this post.


Why does Server Defender detect my coding as a virus?

Answer: Server Defender can detect scripts on certain parts of a script that might be suspicious. If your coding is detected as suspicious and you are sure there is nothing wrong with it, just do not remove it. Server Defender will most likely detect your coding as a virus if you are making your own Anti-Virus, Anti-Exploit or Anti-Lag.


What is error code 'k%xa@2' and what do I have to do?

Answer : ‘k%xa@2’ means that Server Defender was unable to get this service, which means it was unable to scan this particular location. This error can usually be resolved by simply restarting Roblox Studio.
If there are no further error messages, the rest of the scan was successful.

If you continue getting this error code, it might be a good idea to manually review the stated Service.
Because most Services are hidden by default, you have to temporarily change a setting in Roblox Studio.
Click on File > Settings > Studio > Explorer > Show Hidden Objects in Explorer.

Getting this error does not mean your game has or is vulnerable for viruses.


How to remove a T-Shirt/Model prompt and what to do when I am being teleported to a different game.

There are a few things impossible for Server Defender to detect, those are scripts that sell a T-Shirt/Model or scripts that teleport players to a different place. It is impossible to detect this because every item and place has a unique ID and we cannot find out what IDs you, the developer, added on purpose and which you do not want.
However, there are a few methods that you can use to track the script that sell items or teleport you to a different place.


FASTEST SOLUTION | Disabling third-party access.

Open Roblox Studio click, open the “Home” tab and click on “Game Settings”


In the Game Settings click on the “Security” tab.
If you are having random T-Shirt pop-ups disable: “Allow Third Party Sales”.
If you are teleported to a random game or a “Fast-Load” game disable: “Allow Third-Party Teleports”.
Feel free to disable both, keep in mind, admin commands will no longer be able to teleport players or have the ability to sell donations.

If you prefer to remove the script that is causing this behavior (Recommended) please read the following instructions.


METHOD 1 | Finding the ID in all scripts

If you know what the ID of the product or place is you can find it yourself.
image
Under the View tab in Roblox Studio, there is a button named “Find Results”. This feature allows you to easily search through all scripts in your game. If you have the ID of the game that you are being teleported to or the ID of the product that constantly has a purchase prompt, you can enter this ID shown in the image below.
image
If you found the script that is causing this, you can delete it.
REMEMBER: Some of those scripts are required for the model to work, deleting the script with the purchase or teleport behavior might break the model.


METHOD 2 | Searching through all scripts

Some developers came up with a way to hide their ID by, for example, reversing the ID. It is impossible to know what they have done with the ID unless you find it first. But luckily, the Explorer in Roblox Studio allows you to easily see all scripts in your game. This way you can look for all scripts in a certain model you added. Now you can review all scripts.
image
If you have a script that teleports you to a different game be sure to look for something with “TeleportService”.
If you have a T-Shirt/Model or any other prompt in your game be sure to look for something with “MarketplaceService”.


METHOD 3 | Searching for “requires”

Scripts in Roblox can load modules that are not in your game by default. This method is used by most admin commands to ensure your product is automatically updating. Server Defender also loads two external modules to make sure you are protected from the latest threats. If you want to know more about this view the question “Why does Server Defender automatically update?”.

If methods one and two did not work you can try to look for those “requires” to make sure nothing malicious is being added into the game.
We will use the same feature used in Method 1 named “Find Results”.
This time we will search for the term “require(“.
If the model you added has something like “require(12345)” an external module is being inserted into the game. This could feature the T-Shirt/Model prompt or teleport you to a different game.

You have to make sure this external module does not feature any functionality for your product. Otherwise it might break your model. Always test your game in Roblox Studio before publishing the game.



Get the Server Defender Plugin here

Credits to @Lisek777 for creating the video



Is there anything missing or do you still have questions about Server Defender?
Contact us with one of the options below!
Contact us on Twitter | Ask our Group members

38 Likes

This topic was automatically closed after 1 minute. New replies are no longer allowed.