[PATCHED] Instantly detect most executors that exist even before their executor's UI loads

EDIT: This method has been patched.

Hi,

Here’s a funny detection method to detect and punish exploiters that use executors such as Arceus X, Wave and etc. This currently works to detect all mobile executors, and most people moved into mobile exploiting due to Hyperion being added on Windows!

-- average corescript function name:
local function OnPerformanceStatisticsShouldBeVisibleStateChangedEventTriggeredReactionFunctionalityHandlerMethodProcedureModuleSystemComponentSoftwareArchitectureDesignImplementationMaintenanceMonitoringAnalysisOptimizationPerformanceEnhancementTrackingVisualizationNotificationUserInterfaceInterfaceElementControlPropertyConfigurationModificationUpdateManagementAutomationIntegrationCustomizationExtensionDevelopmentCoaborationTestingValidationVerificationDebuggingDocumentationDeploymentScalingMigrationSecurityComplianceAccessibilityLocalizationIntertionalizationErrorHandlingExceptionHandlingLoggingReportingAnalyticsDataCollectionProcessingStorageRetrievalPresentationUserFeedbackIterationRefinementDocumentationReviewApprovalRelease()
	return warn("Your executor is ULTRA DTC ⚠⚠⚠") -- you can replace this with anything, i recommend crashing the client because this is a client sided detection and they can hook functions like Player.Kick, to crash the client simply replace this with "while true do end"
end

local Success, Error = pcall(function()
	game:GetService("MarketplaceService"):PromptGamePassPurchase()
end)

if Success then
	-- solara
	OnPerformanceStatisticsShouldBeVisibleStateChangedEventTriggeredReactionFunctionalityHandlerMethodProcedureModuleSystemComponentSoftwareArchitectureDesignImplementationMaintenanceMonitoringAnalysisOptimizationPerformanceEnhancementTrackingVisualizationNotificationUserInterfaceInterfaceElementControlPropertyConfigurationModificationUpdateManagementAutomationIntegrationCustomizationExtensionDevelopmentCoaborationTestingValidationVerificationDebuggingDocumentationDeploymentScalingMigrationSecurityComplianceAccessibilityLocalizationIntertionalizationErrorHandlingExceptionHandlingLoggingReportingAnalyticsDataCollectionProcessingStorageRetrievalPresentationUserFeedbackIterationRefinementDocumentationReviewApprovalRelease()
else
	if Error ~= "Argument 2 missing or nil" or Error ~= "Argument 1 missing or nil" then
		-- mobile executors and wave
		OnPerformanceStatisticsShouldBeVisibleStateChangedEventTriggeredReactionFunctionalityHandlerMethodProcedureModuleSystemComponentSoftwareArchitectureDesignImplementationMaintenanceMonitoringAnalysisOptimizationPerformanceEnhancementTrackingVisualizationNotificationUserInterfaceInterfaceElementControlPropertyConfigurationModificationUpdateManagementAutomationIntegrationCustomizationExtensionDevelopmentCoaborationTestingValidationVerificationDebuggingDocumentationDeploymentScalingMigrationSecurityComplianceAccessibilityLocalizationIntertionalizationErrorHandlingExceptionHandlingLoggingReportingAnalyticsDataCollectionProcessingStorageRetrievalPresentationUserFeedbackIterationRefinementDocumentationReviewApprovalRelease()
	end
end

Detects Arceus X before the UI loaded

This detection works due to the fact that executors block some functions for security purposes in their executor, they’re not a fan of malicious scripts being executed in the executor and getting their users robux drained. Some executors have started to modify the Roblox Lua environment (which includes your LocalScripts that runs in your game) to block malicious functions from being called. This opened up a gateway for us developers to detect their executors. And since all executors that exist in mobile, and the Wave executor all have the same developers (Tiahh and Rexi) all of these executors can be detected with the same method.


You can use this by simply creating a LocalScript and pasting the code in. This will detect them before the UI of their executor even loads.

Goodbye!

10 Likes

why is the function name so long :sob: :sob: :sob:

10 Likes

Is this a troll post or real and why the hell is the function name so long?

5 Likes

was it necessary to make the functiun soo long

2 Likes

This isn’t a troll post, you can get the Arceus X executor for yourself and test it out.

Because why not?

2 Likes

Classic metamethod hook errors and being unable to discern if a function is safe or unsafe or in which thread it runs.

Exploit devs are suffering right now, I had issues like this when doing RbxStu V2, Adonis could probably detect them as well I believe, took around an hour to fully fix it, but by the time I did, I had made RbxStu slightly more vulnerable, depressingly.

2 Likes

yeah it’s more funny if the functiun Name is long

1 Like

I have a question that’s pretty unrelated to the topic but, what’s the current UNC percentage rate of RbxStu V2?

2 Likes

I haven’t tested it for quite, I believe 75% or so and up? I’m not sure truly, the debug library needs fixing, but I’m planning a complete rewrite in V3 of it, hopefully the last version, probably not keeping most of UNC, as in just a whole new RbxStu specific environment targeted towards debugging and development

Exploit security is really annoying to deal with, Synapse and Script-Ware deserved more praise back in the day, because right now is either of the two for exploiters:

  • Be safe & Detected
  • Be unsafe & Undetected

(Also I already kinda thought of a way to fix this issue, but I’m not sure if it could work truly, I’d have to check later, and imma not yap it here to avoid it being used lmao)

1 Like

Can’t believe skids still think UNC is a real thing

1 Like

UNC is a real thing, still alive and breathing, there just isn’t anything decent enough to take over developing the standard lol.

So there are many things that aren’t accounted for, i.e: Native code may bypass hooks, for example

As in, a native closure may not have problems with hooks, as the code generated for it will not be the same as the proto that was hooked with

Which is something no one accounts for and probably results in broken hooks in some cases I suppose

3 Likes

UNC for executors is like best before dates on food. It means nothing, was invented by someone to boost the reputation of their product (which to my knowledge in the case of UNC wasn’t even best of its kind at the time), and to this day has zero actual impact on if the product is good or not. Who cares that some random paste can’t run some niche function that nobody uses?

2 Likes

That is where you fall flat and wrong, all functions in UNC fulfill a purpose, if you cannot use them or do not know how to, perhaps that is where your r
hate comes from, that aside no one has iterated on the environment because no one has gotten big enough, and the current scene for exploiting is maintaining compatibility with previous scripts, because as it currently stands, all the good exploiters are long gone, the only good ones that remain are working on big projects, or have turned to mixing rodev and other things.

UNC isn’t a waste of time, it’s just for compatibilities sake, I could grab and make my own standard, but as I am a studio executor no one would support it, for example. Moreover, a lot of the functions inside of UNC fit the bill for debugging in a client environment or for setting up testing scripts on clients, the most niche one can get in UNC is the cache library, (excluding cloneref…) and that is it, all the other ones fulfill a real purpose.

3 Likes

Hell yeah. I am currently working on a similar project, but written in pure Luau. Me and my friend are attempting to create an executor for Roblox Studio written in Luau for fun and I’d say we got far, as we reached 82% actually working UNC support. Right now, we are trying to improve the security of the executor and blocking functions that can be utilized for malicious purposes. This has been a real pain to deal with, as we are just using Instance wrappers/proxies to simulate an actual Instance and then from there we attempt to prevent malicious functions from being called. But almost every single day, I find a way to bypass my own security.

About our 82% UNC, we have massive limitations, such as our hookmetamethod, getrawmetatable, setrawmetatable, and etc only works within our executor’s environment, and does not actually do changes to the actual metamethods of Instances, but rather just a simulation of it achieved by making Instance proxies/wrappers with newproxy.

Here’s a video showcase of the executor, I’m posting this here because why not:
(This video was taken a while back, when we still had 77% UNC.)

3 Likes

Being in pure luau is limiting truly, never tried doing it in full Luau because some things are plain and simply impossible without elevating to higher identities, whilst people hate in Solara, quiving has put his time in to trying to make it as safe as possible in pure Luau, and that is something is a feat of its own.

Good luck on ur project, looks g from what I can see, I gotta put myself to work on V3, hopefully last time I work in an executor myself :sob:

2 Likes

Okay but what in the world is UNC

1 Like

Unified Naming Convention.
It was an attempt to make all roblox exploits have exactly the same named functions.

An example could be:
Non-UNC: is_syn_closure()
UNC: is_executor_closure()

The idea of UNC in roblox exploiting is to make roblox scripts supported on multiple executors at once, without having to add support for each unique method in executors. Check this repository for more information GitHub - unified-naming-convention/NamingStandard: The standard for the Unified Naming Convention.

2 Likes

Damn. He wrote Solara in pure Luau? Didn’t know that, that’s pretty cool. Does he have support for gethiddenproperty? If not, maybe he could use this for a 1% UNC boost. I’m telling you this because I’m pretty sure you have contact with quiving. This method can get hidden properties and non scriptable properties.

gethiddenproperty = function(object: Instance, property: string): (any, boolean)
	local Success1, Check1 = pcall(function()
		return object[property]
	end)
	
	if Success1 then
		return Check1, false -- property is not hidden
	else
		local Success2, Check2 = pcall(function()
			return game:GetService("UGCValidationService"):GetPropertyValue(object, property)
		end)
		
		if Success2 then
			return Check2, true -- property is hidden
		else
			error("Property " .. property .. " does not exist in instance " .. tostring(object) .. ".") -- property does not exist
		end
	end
end

It is currently completely impossible to implement sethiddenproperty and setscriptable in pure Luau, but it may be possible if Roblox implements a SetPropertyValue function at some point in the future.

2 Likes

I don’t know what I’m talking about, but would that make it easier to patch exploits?

3 Likes

No since you will never access exploit environment unless theres a huge vulnerability. It only helps script users to run scripts made for UNC without worrying about executor incompatibility.

1 Like