Need help stopping chat system RemoteEvent spam exploit

Hello, I have recently ran into a certain exploit that I want to stop from being a possibility.
So I went looking for it myself and luckily I was able to find it. Any suggestions on what I can do to prevent this?
I know it’s risky to post this on the DeveloperForum but I want to stop this script and any others that can be injected to ruin other peoples fun.

What this script does…

It consistently sends messages through the ChatSystem Event and sends a lag storm through.

The purpose of this script.

To lag and or crash servers for their own amusement.

My questions…

  1. Is it possible to stop an injector, such as making it so it can’t inject anything?
  2. Is there a way I can prevent these types of scripts from being entered?

The script.

This script goes on for lines among lines… I’ve shortened this entirely.

while true do
game:GetService("RunService").RenderStepped:Wait()
game:GetService("ReplicatedStorage").DefaultChatSystemChatEvents.SayMessageRequest:FireServer("/e REKT  REKT  
REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT  REKT ", "All")
end

This is able to be injected into any game I believe, not entirely sure… i’m not an exploiter so I don’t know how these injectors work.
Any help is always appreciated…

Just to clarify, is this script injected on a client’s machine or the server itself?

Also where did you find it? In studio?

Can injections be made on the server?

Seems like it would be a remote event to the server that would allow this… Let me think.

I believe when the message request is sent, it’s filtered and shortened to fit the character limit. There is also a flood limit, so it shouldn’t cause much harm (unless i’m wrong).

Where is this script being created?

Exploiters most likely have an injector which is only client sided, because you can’t access server scripts from a client. I think the script would be parented to nil (because who would have an exploit script in the starter gui?)

It’s being injected through a client.
I found it through looking at exploit sites which took me a little bit to find it.

Nope, it bypasses it to send 18,000+ messages, hence the lag storm.

K where did you find the script?

It does cause a lot of hard, it by passes the limit and with this it also lags a server and if it’s done three times… it can crash the server.

Unusual. I would see how many times a player sends a message in under 1-2 seconds (or see how many times a message is sent in under a second). If it’s over some amount like 10 or 20, kick the player.

K. Well. I may have a solution depending on where you found the script tho

it sends 18,000 + lines of rekt at a time and after it sends the first one, it crashes them.

I understand what’s happening. Where did you find it?

Can’t reveal where I found it as I don’t want others to find it but my one friend verified that this is what people use to lag servers. It’s in a lua file so yeah.

Working exploits for any Roblox system should be messaged privately to this group. Since this exploit harms the entire server and bypasses the Roblox default chat safety features, this must be reported immediately.

I’d also suggest removing the exploit script from your post to avoid other malicious players from taking advantage of the flaw.

Kindly message all the details to this group, including the source and the affected systems.

2 Likes

What?! That’s silly. You want us to help you but you won’t help the community? Lol

I hope I’m not coming off as rude, but if like to be able to prevent it myself.

And I have a solution but I don’t want to waste my time if it’s not found in a viable location

Okay. Here’s a good solution:
Make a .chatted function seeing if a message a player sent is over the limit of let’s say 500. If it is over that limit, kick the player. Should be very simple.

1 Like

How would that be possible? I’ve never messed with it.

Nothing is ever a waste of time, not even exploits are a waste of time as they challenge people. You can post it and I’ll look into it.