Every script related to the product has the whitelist at the top of it.
It doesn’t matter. You can no longer protect script content in Roblox. There isn’t a single obfuscator, or whitelist script on the market capable of it.
3 Likes
Which is why I’m making a whitelist…
And actually there are ones on the market. For example, PodTech.
Whitelists. Do. not. work.
I can just remove your code from the top of the script. Or falsify my PlaceId to your script. Or one of a thousand other things.
3 Likes
You can argue it was possible when private modules were still a thing, but Roblox literally doesn’t give developers the tools required to create and distribute protected source code to the extent that you’re trying to.
I could prove it to you if you posted a link to your whitelist or any whitelist that you’d like.
I will send a link when it’s made. I don’t see the issue. Literally. It checks cards in a Trello list. If your ID is not on any of the cards, the script is destroyed with a simple script:Destroy(). Yes, they can just rejoin the game and it will be back, but it will just be destroyed again every time they play the game.
What exactly is it that you’re loading that’s protected with a whitelist? A model, other scripts?
Just a script. It doesn’t load anything.
Example, for a simple script that prints when a player joins.
-- here, it has all the Trello stuff, like board id, list id, Trello API. It uses “for i,v in pairs(TrelloAPI:GetCardsInList(ListID)) do”, and if the Card name is the game owner’s user ID, it adds 1 to “Approved Cards”.
-- then, if the value is >=1, it prints “Authorised”
-- but, if the value is =0 (I.e none of the cards in the list contain their user ID), the script is destroyed with “script:Destroy”
-- and then just the normal script.
game.Players.PlayerAdded:Connect(function(player)
print(player.Name .. “ has joined the game.”)
end)
It doesn’t load models. It doesn’t load scripts. It simply destroys the script if they aren’t whitelisted. Then none of it works.
What is stopping me from deleting that code from your script … ?
It would be obfuscated… which is kinda the whole reason of this thread
I’d like to note obfuscation doesn’t do anything against sandboxing. An user would need to know absolutely nothing about what your obfuscation is doing to just set up a bit of boilerplate at the top of it that replaces some common functions and instances. It’s pretty much completely undetectable if done right and your code will be none the wiser.
3 Likes
Sandboxing? What is that? Probs a stupid question but I don’t know
Iron brew can be constant dumped easily… use Perth Scripting Utilities at least (it requires a discord server though) also i’m not sure but I think their source was also leaked which means people can fully deobfuscate it.
It’s wrapping objects that a script would normally use inside of fake copies. The copies emulate the object perfectly (best case) with the added functionality of being able to intercept methods and properties.
A script that whitelists over HTTP, for example, could have HttpService hooked to return values determined by the sandbox.
2 Likes
PSU is used for exploits. It has many exploiters in their server. I do not recommend PSU.
1 Like
Yeah I agree with that part. Don’t they ban people for exploits though?
1 Like
If you’re going to release this obfuscation publicly, it probably won’t be trusted as much, as many backdoors and malicious code is obfuscated.
2 Likes
PSU was created for exploiters, and the server is full of exploiters. Aztupbrew (Ironbrew) was created by Aztup, creator of Aztup Hub, one of the top paid Roblox script hubs. Unfortunately, Roblox obfuscators are usually used by exploiters.
2 Likes
