RemoteEvent Password Tutorial

ByeDeveloper · July 20, 2023, 12:10pm

Hello Developers!

~ RemoteEvents Password Tutorial ~

~~ [a password for events is needed so that attackers do not attack your game] ~~

example shown on GUI

~ Creating “BoolValue” and rename to “Status” ~
~ moving "Status’ to regular script ~

Regular Script:

local Debris = game:GetService("Debris") -- Debirs

script.Parent.MouseButton1Click:Connect(function() -- Click on button
	local remPass = Instance.new("StringValue") -- passString
	remPass.Parent = script 
	local genPass = math.random(0,999999) -- password
	remPass.Name = genPass
	remPass.Value = game.ReplicatedStorage.AntiFire.Name -- Way To RemoteEvent
	Debris:AddItem(remPass,.5) -- timeDeletePassword
	script.Status.Value = true -- Status Activated
	task.wait(.1) -- using "local function" to remove the button cooldown
	script.Status.Value = false -- status Deactived
end)

~ Local Script using for FireEvent ~

LocalScript:

local Debris = game:GetService("Debris")

script.Parent.ActivatedScript.Status:GetPropertyChangedSignal("Value"):Connect(function() 
	if script.Parent.ActivatedScript.Status.Value == true then -- check status
		for i,v in script.Parent:GetDescendants() do -- search pass file
			if v.ClassName == "StringValue" and v.Value == game.ReplicatedStorage.AntiFire.Name then 
				local genPass = v.Name -- password to fire
				game.ReplicatedStorage.AntiFire:FireServer(genPass) -- the event will check the codecode
			end
		end
	end
end)

EventScript:

game.ReplicatedStorage.AntiFire.OnServerEvent:Connect(function(player, genPass)
	for i,v in player.PlayerGui.ScreenGui.TextButton:GetDescendants() do -- search pass file
		if v.ClassName == "StringValue" and v.Name == genPass then -- pass file
			-- Code
		end
	end
end)

GoodLuck!

Deb0rahAliWilliams · July 20, 2023, 12:18pm

Will test this out in Studio and see if there are any vulnerabilities with this. Thanks for sharing this!

ByeDeveloper · July 20, 2023, 12:24pm

There are vulnerabilities only if you look at the source code.
it will be very difficult to find a vulnerability through dex and simplespy!

COUNTYL1MITS · July 20, 2023, 12:47pm

This offers minimal protection as exploiters can easily access both the password and the data transmitted through remotes. If you want to safeguard against exploiters triggering your remote events, it is crucial to ensure the validity of each request on the server side.

ByeDeveloper · July 20, 2023, 1:29pm

a script does not see the server, it can’t be done.

Synitx · July 20, 2023, 1:33pm

Exploiters can easily bypass that, the only way to protect remote events is fake arguments or cooldown or serverside checking within the event.

An exploiter can use remotespy to check its arguments.

I am planning to make a module that will watch your remote events.
This method can easily fix the server crash exploit.

and since this is a tutorial it should be in #resources:community-tutorials

ByeDeveloper · July 20, 2023, 1:37pm

That’s right, module! I completely forgot about him

ByeDeveloper · July 22, 2023, 10:57am

I made a normal anti-cheat for remotevents [Password]*

VSCPlays · July 22, 2023, 1:58pm

first off, passwords won’t add protection as exploiters can get it by a script, if it’s from the server, they can get to a client script that uses the remote and view the source, so it obviously won’t work

commitblue · July 22, 2023, 4:16pm

You can just remotespy to see the remoteevent password.

ByeDeveloper · July 23, 2023, 2:57am

no, it’s impossible, I’ve tried everything

ByeDeveloper · July 23, 2023, 2:58am

nothing will help, just copy these scripts and add to your studio, and try to get the password, it’s impossible!.

ByeDeveloper · July 23, 2023, 3:00am

the password from the button is transmitted through RemoteEvent, and the correct password is only in the module, when the player presses the button, only if the password is generated and transmitted to the module, it is impossible to get the password without pressing the button, because it is in the module

nombreincorrectodepn · July 23, 2023, 3:01am

too annoying to use for everything important in your game, there are better strategies other than that.

ByeDeveloper · July 23, 2023, 3:02am

give examples, I’m very interested. and I made this system for fun

ByeDeveloper · July 23, 2023, 3:05am

nombreincorrectodepn · July 23, 2023, 3:06am

just check on the server, you have just given an example for a case that would occur very rarely in fact

ByeDeveloper · July 23, 2023, 3:06am

sorry, I confused this forum with another

alksjdfl · July 23, 2023, 4:28am

This has to be one of the easiest password systems to bypass.

game:GetService("Players").LocalPlayer.PlayerGui.ScreenGui.TextButton.ActivatedScript.ChildAdded:Connect(function(child)
    local password = child.Name
    game:GetService("ReplicatedStorage").AntiFire:FireServer(password)
end)

Forgot to mention, when firing remotes faster than 0.1 seconds, packets will be dropped.
Also forgot to mention, make the instructions (and scripts) clearer.

2jammers · July 23, 2023, 4:37am

You’ve clearly tried nothing. If you actually need to implement a password system then you need to rethink your codebase. Obviously you are using a classic SetMoney:Fire(1091991991919) remote form the client