1 day detection 30 words
Nope, unless one is an advanced exploiter and knows what they’re doing. Or if a skid gets their hands on a method to bypass it.
- How to bypass this script
Auto injection.
Yeah, I agree next time they should obfuscate it and sell it for like 1k robux.
3 Likes
kind of a fix but cool i guess
Next time you found a method to detect an exploit please obfuscate the script.
2 Likes
Deobfuscating scripts is quite easy, once you understand the core concept of how obfuscation works it only takes a dedicated person a few hours to figure it out.
If they already know which obfuscator you used for example PSU it takes a few seconds to constant dump so obfuscating is pointless.
psu is fully deobfuscated, there is no need for a constant dump when you can get the .luac
Injectors themselves cant do it, you need Dex, or any other workspace explorer, by the time someone can even run the scripts needed, they would be kicked. It isnt as easy as people think.
1 Like
Synapse is a program that can be used maliciously, so I’m wondering why it seems like much hasn’t been done against it? I wonder if IP banning the developers/contributors is something that should be done, or if that would be overdoing it.
Also, try not to release fixes for something like this publicly. I get the feeling that people who are familiar with/develop the program lurk around here, sometimes looking for these kinds of threads.
1 Like
This way of detecting Synapse X has since been patched by the developers! We hope you enjoyed it while it lasted and banned as much people as possible.
5 Likes
What if you had it obfuscated and never released it to the devforum, wouldn’t it never have been patched?
Are there other methods you have that are like this?
1 Like
yeah this would have probably been patched in the future but why would you post it on a public forum where everyone including synapse devs or users would look lol so they can just patch it
This goes to anyone: I wouldn’t go posting about huge vulnerabilities for large exploits that are 100% reproducible to where everyone can see it. Just ruins it for people who actually used it
2 Likes
maybe implement ban instead of kick for the next update?
Don’t believe its smart to show yourself using an exploit on your account you’re posting from.
4 Likes
The method was more than likely making its way around the communities and going to be patched anyway.
Obviously, the founder benefits in no way by sharing this method and directly shoots themselves in the foot.
So it’s more than likely either the Synapse Team knew about this already, or someone in their community found out about it and released it on a public forum, which is how OP found out about it. The post itself was likely made for some form of recognition or attention, as once again, why would anyone who wants to stop hackers in their game, release the vulnerability publicly?
1 Like
Sure, might as well hop on this train and explain to the community why this is useless.
Never use released detections for a reliable anti-cheat
So, first of all; A released detection should never be your primary source of detection, this is because released methods will always be patched by the cheat developers.
In making this post, you’ve achieved nothing and as a result, you’ve gained nothing. Hell even the title now says it’s patched, a day after it was released.
The detection itself is based on the client
Alright, so there is a few mad men who actually dedicate a lot of time and effort to stop hackers from the client, however, this is pointless. A hacker can do the following things to render your so-called client anti-cheats useless.
- Remove the script before it even has time to operate.
- Hook
__indexto return a fake-variation ofMessageBusService - Hook
__indexto return a fake function for:Kick - Hook
__indexto return a fake function for:Publishavoiding error - Hook global
task.waitto infinitly yield this specific script. - Hook global
pcallto change the result of this error - Set script timeout to something low, stop the script from possibly crashing you
- Use Auto-Inject like the majority of exploiters
- There’s a ton more people can do.
How does the detection work?
This is my theory on how this particular release actually works;
You’re going to have to learn a tad bit about Roblox’s security levels, you can learn more on this thread
In short, the higher the security level you have, the more endpoints you’re able to call.
So, looking at the above script, the context level required to execute the API is 5; And the response error message should be something along the lines of:
The current identity (X) cannot ... (lacking permission 5)
However, when synapse does inject into the client, it not only allows exploiters to execute code but modifies the engine in small ways, for example merging the lines between thread identities or error handling.
In this case, synapse has managed to change the resulting error when attempting to call this function, and from this, you’re able to detect a change on a level that in theory shouldn’t ever be changed.
Creating more detections?
Based on this detection, and following through some more I’ve looked at. If you want to detect client injection (useless, but sure?) then you should make a cache of all endpoint results, and various endpoint data and then compare it throughout the game to see if anything significant changes.
In fact, if I am not wrong that is what people do, well at least the ones who think creating a client anticheat is a good idea.
Lasting thoughts
Just don’t fall for the idea that a client synapse detection will save you, it’s got more negatives than it does positives.
3 Likes
Roblox uses a namecall for calling instance methods, so this wouldn’t technically work. What a namecall is is an internal optimisation by Luau. (You can read about more about it here Performance - Luau), so they would have to hook the namecall instead (or just the raw function).
2 Likes
I agree, I made a slight oversight when creating the topic because it was rushed 
__namecall is for the : operator being called on a service method
__index is for getting/indexing an object
Some of the points made in your posts are sadly false. But this does not invalidate your post I do like the insight that you provided that client-side exploit detection is never the way to go. It is much better to secure your game with proper server-side methods instead of using hacky client methods. Preventing the injection of a exploit client should never be a large part of securing your game from exploiters as a whole.