Patching an Exploit

Someone keeps exploiting my game. I’m not sure if it’s a backdoor. They keep kicking people, killing people, uncolliding all parts and the whole map just falls. They also color the whole map whatever color they want. They also have access to btools.

5 Likes

You can’t patch an Exploit, but can try detecting them.
It’s impossible to follow most of exploits on your game since they can disable your anti-cheat since a anti-cheat can only detect exploiters on client-side.

You shouldn’t just be posting the same issue everywhere. Make one post, wait for some responses, and engage in conversation when you have questions and such.

1 Like

Can I get a link to the game? I think I know the reason but don’t want to say it without being sure.

https://www.roblox.com/games/3270518370/Iloilo-Airport-Flight-Simulator

1 Like

I believe I found the issue.

The “Segway” model (the one by @Q_Q) has some insecure remotes that let exploiters destroy games. I had a friend who had a similar issue with his game and we fixed it by switching out the model of the segway for the Roblox Gear “Red Rolling Hoverboard”.

3 Likes

You got a model link for it? I can’t insert it from a gear.

1 Like

If you use the https://chrome.google.com/webstore/detail/btroblox-making-roblox-be/hbkpclpemjeibhioopcebchdmohaieln?hl=en-US Extension you can download them. Here’s a copy of it.

Red-Rolling-Hoverboard.rbxmx (13.4 KB)

Alternatively you can search the toolbox, but theres many virus models on there so I would be careful.

1 Like

Backdoor script most likely. I doubt it could be anything else. Check through your scripts and maybe check with all your developers who recently added things.

That definitely sounds like a backdoor. People have found ways to implement infections into plugins. Try searching through some of the sketchy-looking plugins.

You can make serversided anti cheats that detections exploiter using magnitude and raycast checks (for teleportation and flying checks).

1 Like

What remotes do you have and what kind of admin stuff is currently implimented.