[PLUGIN] Kronos - Backdoor Scanner | Kronos Premium

Hello there!

About Kronos
Kronos is a plugin that scans your whole game for infections.

The current source is a bit messed up however I will rewrite it, again, for a better performance. A full scan should take like 10 seconds if the game is big.

It now scans your models (in your inventory) and plugins (installed plugins)!
Kronos currently warns the backdoor info (such as full parent, what it got detected for) in output however you can make a Folder in ServerStorage called ‘Backdoors’ to see the backdoors source.

False positives shouldn’t be happening at all.
You can take a copy here!

Stay safe!

Kronos Premium

This is the paid version of Kronos. It’s basically everything you need for a safe game.
Currently being worked on. ^

95 Likes

Good job! Works perfectly for me.

9 Likes

Thanks !
Tomorrow I will make this better and will make a way to see if the scripts or modules are using require. I will also remove some useless things I forgot to remove (2 things to be exact).

3 Likes

This seems great! You should turn this into a plugin so it would be easier than copy and pasting the code all the time.

1 Like

Thanks! I will think of your idea because it would be easier for everyone, including me. I won’t have to modify the pastebin all the time like that.

2 Likes

Otherwise, you could have the source pulled from Pastebin then ran in a LVM. Although that would require HttpService to be enabled :confused:

1 Like

Updated!
Now a plugin :stuck_out_tongue:

2 Likes

Nice plugin name,

If you don’t mind me asking, how exactly does it find these backdoors?

1 Like

I like. Works pretty well. I’m curious to what methods you use to locate the backdoors.

1 Like

Thanks! :slight_smile:

It finds the backdoors by checking all scripts / modules if they have require(id) or getfenv()["…"] (in their source). I am trying to work on better/new ways to find them and will work on this more.

2 Likes

Haven’t tried the plugin yet, but does the plugin detect obfuscated scripts?

1 Like

Yes!

Most of them are detected.
If you find any obfuscated script that isn’t detected and it’s a backdoor/virus, leave a link here.

Thanks!

2 Likes

image

Looks like you got an extra ) here.

2 Likes

Yeah, currently not home so I can’t fix it.
I tried to release an update before I left the home and I couldn’t check for errors.

1 Like

That’s an oof, I just reuploaded and it to work. First experience is a lot of false positives with the require checker. Other than that, looks good so far.

2 Likes

Thanks!

Removed the require checker for now.
Fixed the error.

3 Likes

Why does this not work on tycoon game?

How does your plugin determine that my game is a tycoon?

I already edited the post. It does work on tycoon games now.

All cool, but my question is, why did you whitelist a (now deleted) backdoor with id 306895131 in your plugin here:

local WhitelistedIDs = {359948692,306895131,2373505175,2373501710}
2 Likes

I am pretty sure it was an admin script …
Not Sure tho

1 Like