Hello, I own a roleplay game and our game got backdoored. I’ve had my programmers look all over for it and they say they can’t find it even in locations such as the games asset viewer. The people who backdoored the game want nearly 50K robux for them to tell us how to find the backdoor in the game. They say they used a “private method” to hide the backdoor and that’s it is very well hidden.
Our game has around 5600 scripts but if we remove our cars it lowers to 1200 scripts. Can anyone help or does anyone have advice?
Disable http request, see if it solves your problem, what does the backdoor even do?
There is one other method, which you can do nothing about called core gui exploits. Exploiters know devs can’t access the core gui so we can’t detect scripts in it because it’s locked.
I know that their whitelist is probaly http based but a bunch of our core scripts rely on http service and the backdoor let them do what they want to the game
If you can’t find the script in the explorer, its a plugin. I don’t know about this but I think all plugins that your developers have will affect the game. For instance if one of your devs has a bad plugin, the virus will be inserted. Easiest way to get rid of the virus is to check all your dev’s plugins for anything such as ‘require’ or ‘getfenv’. Also may I ask how you found out about the backdoor?
If they are using a require() to insert the backdoor, then this plugin I made a while back with the intention of helping find backdoors might be of some use to you:
That’s unfortunate, do you know if you were using any free models and what they were if that was the case? It might also be from a plugin you have (even if it is by a “trusted developer” it still could contain something that is injecting the backdoor into your game’s code)
EDIT: You could also try using Ctrl + Shift + F and searching for usages of InsertService instead, they might be using it to insert the backdoor as an ordinary script instead when the game runs.
Still, we trying to search the module id the backdoor nothing shows up which is really weird. The people who backdoored the game want nearly 50K robux for them to tell us how to find the backdoor in the game.
We already checked these words and we cannot find the module id of the backdoor which is really weird and they used a “private method” to hide the backdoor and that’s it is very well hidden.