So I have been doing some updates on my game recently and have discovered when testing, a 3rd party sale prompt has been popping up. This does not belong to me in anyway shape or form…
Here is the pop up:
https://gyazo.com/fa6c5a428ed74cd93e99425b8a90fdee
Things I have tried:
-
while true do wait()
game.Workspace.AllowThirdPartySales = false
end
-
I have tried removing unneeded scripts from tool box items in game.
-
I have deleted some suspicious plugins.
And still after all the pop up still comes.
Use the Ctrl Shift F to look for suspicious keywords
Heres a short list:
- require
- char
- getfenv
- setfenv
Really well obfuscated scripts will oftentimes encrypt data in long strings of text rather than using the suspicious keywords themselves, but you can use this to find the scripts too
You can do this by using the Ctrl+Shift+F menu but in a different way
Heres a picture describing the steps:
Start with a pretty small number of periods, and slowly increase it until you filter out the good scripts and only see the bad scripts
You can also use this to search for suspiciously long numbers by spamming \d in the search bar with regex enabled
Keep in mind that plugins can edit scripts if you let them, make sure you remember that just because its in a script you know you or a friend made, it doesnt mean it doesnt have a virus hidden in it
2 Likes
So I searched up require in the window you taught me and found a suspicious module require. I was able to track the id of the require to a user named “insanelycoolkid2425”. The module had 32 dislikes so I deleted the script that required the module and I think I am in the clear.
Thanks a lot.
1 Like
