That is a very good new to hear!!
the only problem is that players maybe get banned but not did anything wrong. many players also send false reports
1 Like
I gtg maybe see you back tommorrow its 22:00 by me(I’m dutch)
1 Like
goodbye ------------------------------------------------------- stripes because otherwise the reply is too short
2 Likes
They inject multiple local scripts in your game in order to saturate it and overload your server. after they are in, they simply retrieve the clients “editable” data, and change it on their will. Best way to avoid this happening is by making sure all number values, or any statistic of your game, is managed by the server and not the client. they cant override the server, but they can override the client. The main reason why they cant override the server its because roblox will simply crash instantly. whilst if they do it locally they can just do it “camouflaged”.
Hope this helps!
Krexerius
2 Likes
can’t dm ya the snowflakes seem to break it
1 Like
Ok, I will change my username now!!
You can try using an encryption in order to stop exploiters from accessing files easily.
Its quite common in a lot of ACS run games and shouldn’t be that hard to do.
1 Like
Please do note that exploiters can and do store GUIs in CoreGui, which while you can detect GUI changes there, they can use a special function that makes the GUI undetectable.
1 Like
Sir, but didn’t @AranhaDev just explain why not to use walkspeed check as the exploiters can return false numbers?
If you do a walk speed property check on the client, it can be manipulated. Not by returning false numbers but hooking the check function and making it do nothing. The same can be applied for literally any other function on the client.
If an exploiter changes their walk speed, I’m not 100% sure whether the change is replicated to the server - if the server can see the changed property.
If it can, easy, literally just do the walk speed check on the server and you’re good.
If it doesn’t, it’s trickier, you’d have to calculate how fast the player is actually moving in game and check if it’s faster than expected.
1 Like
I believe you’re referring to some form on encoding, as I don’t see much of a way or point to encrypt things in Roblox in a way that can’t be exploited.
Encoding is a pain to reverse, but is very possible.
Mate, your ideas are not realistic.
Right now, there’s 2 competing paid exploit products and several free exploit products.
When it comes to the paid exploit products, you can straight up forget about making an anti inject. No, seriously, literally just forget about it, even if you spent consecutive months trying to reverse them and find a way, you won’t manage. It’s been tried many times, but no one did it. There’s not a single game on the platform that has an anti inject for a currently popular paid exploit.
When it comes to the free products, there’s a slightly bigger slither of hope, while you also won’t be able to make an anti inject, some free exploits had detectable behaviors, however I’ve last heard about this a year ago, so it’s probably best to give up all hope regarding this.
Instead, you need to focus on tricking people into getting banned while exploiting.
Make bait remotes, run a whole bunch of client side checks even if they can be reversed, they’ll still catch some people, run server side checks, actively monitor exploit scripts for your game and patch them. That’s essentially all in your power.
Can you please explain why an anti exploit server script is unrealistic.
Did I not already say that?
An anti exploit server script is realistic to a relatively limited degree, as most things an exploiter does are not replicated.
From your sentence: “ It’s more trouble then it’s worth to develop an anti injection script.”.
I assumed your sentence was trying to imply that if exploiters are causing trouble, then it’d be worth to develop an anti injection script, which is a ridiculous and nearly impossible idea.
That is called Dex Explorer.
I wouldn’t brag about having friends that exploit here on the DevForum, and there is no way to detect Dex.
The only way that can detect more scripts is detecting memory spikes. This catches many, many scripts, HOWEVER, this is at a cost of many, many false positives of people with worse computers
A new version of an exploit is coming out, since I do test my games against exploits, I do have it. On this new version, they added an explorer to an “internal ui” which makes it now impossible to rely on memory checks while those can even be faked using metatables.
I assume you are talking about X 3.0, I also have access to it.
Yes, that indeed is a feature, however it is also present in 2.0, if I’m not mistaken, just not used as much.
However, with the release of 3.0, it will become paid monthly, meaning that the exploiter population will drop by a projected 90%.
That’s the point, most things that are not replicated don’t typically cause any game changing features.
I meant that it’s not a good idea to try and stop exploiters using injections.
There is no solution to this. Exploiting is a cat and mouse game. Here are some suggestions though:
- Sanitize as much possible your remotes
- To avoid false positives, I wouldn’t recommend banning people. (Very optional)
- Avoid giving power to people you don’t trust.
- Add a votekick system in your game