source: played around with exploits for a bit before byfron released
Exploiters can intercept remotes(from their own client), and modify/read anything local.
bro i have first hand experience developing anti cheats, do you seriously believe if it was that simple as making a password using 1 if statement, people wouldnt have done it already?
I mean everyone’s saying that they can, even though I’m sure all of us wish they couldn’t. Do you have any sources?
people tend to overcomplicate things out of ego, the most complicated issues in the world have simple solutions. Also, did you ever try making a remote event anti cheat or just anti fly and stuff?
there’s like nothing on what you sent 
Congratulations Sherlock. You figured out something every programmer already knows. This also isn’t “100%” secure - remote loggers exist where the client can intercept things sent and received through events. Pre-Byfron this wouldn’t work for advanced exploiters.
You should stop arguing with someone so blatantly trolling, just report and move on, no need to waste time entertaining this guy
2 Likes
The person actually talking about dex explorer says they can see local scripts here… Also its not like dex is the only exploit possible.
oh youre right sorry XD thanks
The DEX explorer is capable of viewing and decompiling local scripts. In this case you could just look for the client sided script that fires the event with the passcode and then do it yourself when you view the script using DEX and find the code out.
Not to mention the amount of remote logger exploit softwares that exist which can directly intercept and read incoming and sent data in remotes. This isn’t secure at all and won’t be until Byfron is completely rolled to all devices… until a bypass is found in future.
1 Like
I just read the thing and it says nothing about remote events lol
so then you use a different exploit that can
You can right click on scripts and are provided with the option to view them and others.
This is widely public information you can find by simply searching for it, as well it has been discussed before on DevForum.
An exploiter can inject a script, which loops through and reads all remote events, and all remote signals sent to the exploiter’s client from the server. They can connect to all the remote events with the injected script.
They can inject exactly anything other local scripts can do, which is loop through and read remote event signals.
I would like to refer back to my original reply which provides other possibilities for securing remotes, although are neither true solutions. You just have to make sure the server checks and modifies things, not the client.
2 Likes
I don’t think he gets the hint of he clearly just isn’t knowledgeable in this area. Don’t bother wasting your time trying to explain it to someone in denial and chooses to not understand it regardless of how many times it’s explained to them.
1 Like
This is not new and really isn’t secure. Exploits can read what arguments you send and can see the calling script’s bytecode and reconstructed source. Nevertheless, this is obsolete.
3 Likes