Despite me despising Mano from the bottom of my heart, I can advise you to use CTRL+SHIFT+F while in ROBLOX studio to search through scripts, most backdoor scripts will contain loadstring() in them, so looking for that will probably show the issue.
1 Like
Uh oh! What’s this thing in “ServerScriptService.cv”? This might be the main source of your issue.
game.ReplicatedStorage.change.OnServerEvent:connect(function(plr,obj,proper,value)
obj[proper] = value
print'change'
end)
This is a serious vulnerability! You’re letting clients change properties of any object they can see. I don’t know how far an exploiter can go with this, but exploiters can at least delete almost everything in the game.
Here, let me show you with some evil scripts:
-- Kill a player.
game.ReplicatedStorage.change:FireServer(workspace.ForbiddenJ.Humanoid, "Health", 0)
-- Destroy everything!
for i, thing in ipairs(workspace:GetChildren()) do
if thing ~= workspace.Terrain then
game.ReplicatedStorage.change:FireServer(thing, "Parent", nil)
end
end
20 Likes