(SOLVED) Hackers are taking over my game

FungusGenerator · July 12, 2022, 8:43pm

I just read that message, yes thats the issue

uwuCulturist · July 12, 2022, 8:43pm

did you shut down all the running servers after updating it?

marbzle · July 12, 2022, 8:44pm

Are you sure there isn’t a backdoor in the game? They can’t kick people from your game if they’re actually exploiting, because exploits are client sided only. Check your scripts and see if you see anything suspicious in them.

Do you know their usernames? You can also press CTRL+SHIFT+F and search their usernames to find the scripts easier.

Or you could look in the DevConsole to see what’s happening.

imNiceBox · July 12, 2022, 8:44pm

You probably have a backdoor in your game which allows people to run server-sided scripts.
Check all the free models you’ve used and run an anti-virus check on your place.

niceeadam · July 12, 2022, 8:44pm

Can you link your game real quick?

eatabler0ck · July 12, 2022, 8:44pm

Yes. I still keep getting inappropriate kick messages.

eatabler0ck · July 12, 2022, 8:44pm

How do I run such a thing? I really wanna know.

FungusGenerator · July 12, 2022, 8:45pm

Backdoor scripts usually use require() to execute foreign code, searching for the exploiter’s username wont work

uwuCulturist · July 12, 2022, 8:45pm

don’t install those, they’re usually backdoors that just hijack all of your scripts
manually searching is way better

marbzle · July 12, 2022, 8:45pm

Oh that’s right, forgot about that. But yeah, search require() too if you don’t find anything

eatabler0ck · July 12, 2022, 8:46pm

I have no idea who he is, but I suspect he’s the main hacker. I added him to a blacklist, but he’s still spreading his name.

I also added a script that kicks people if their account was made less than 3 days ago.

imNiceBox · July 12, 2022, 8:47pm

For example this, not sure if it works but this is what I found.
Also, make sure to shutdown all the servers and make the game private while you investigate the issue.

eatabler0ck · July 12, 2022, 8:47pm

The only possible backdoor I could truly see is a free anti exploit called HexAE. It had good reviews, so I inserted it, and I’ve never had any problems before.

eatabler0ck · July 12, 2022, 8:48pm

I’ve disabled my custom commands, lemme see if that works real quick.

Daw588 · July 12, 2022, 8:48pm

There is most likely a backdoor or unsecured remote event.

Solution: Check every script for any malicious code (pay close attention since backdoor creators add tons of spaces to hide the code from your view).

imNiceBox · July 12, 2022, 8:49pm

There’s nothing about this anti-exploit on the Devforum, this script could possibly allow exploiters to access your game.
Type “Script” in your explorer search box and see what scripts do you have there.

FungusGenerator · July 12, 2022, 8:49pm

Try removing that, free anti-exploits are often just backdoors. If that doesnt fix it and you are sure your admin system isnt it, you can use Ctrl + Shift + F to search for getfenv and require.

marbzle · July 12, 2022, 8:49pm

Can you send the script link? I would like to have a look.

I was looking for this myself, and i don’t see anything. This might have been a scam.

NicoleSydor · July 12, 2022, 8:49pm

@eatabler0ck Try using this as your script

local BanDataStore = game:GetService("DataStoreService"):GetDataStore("BanDataStore_1")
local Players = game:GetService("Players")
local ReplicatedStorage = game:GetService("ReplicatedStorage")

local adminIDs = {
	game.CreatorId,
}

local function addBan(userId, msg)
	if msg == nil then msg = "unspecified reason" end
	local preferredScope = "Player_"
	local success = pcall(function()
		BanDataStore:SetAsync(preferredScope..userId, {Reason = msg})
		local BannedPlr = game.Players:GetPlayerByUserId(userId)
		if BannedPlr then
			BannedPlr:Kick("Banned: "..msg)
		end
	end)
	return success
end

local function removeBan(userId)
	local preferredScope = "Player_"
	local success = pcall(function()
		BanDataStore:RemoveAsync(preferredScope..userId)
	end)
	return success
end

local function findBan(userId)
	local preferredScope = "Player_"
	local success, response = pcall(function()
		return BanDataStore:GetAsync(preferredScope..userId)
	end)
	if success and response then
		return response
	end
end

local function kickPlr(player, target, msg)
	if not table.find(adminIDs, player.UserId) and player.UserId ~= game.CreatorId then
		print(player.Name,"tried tampering with KickPlr event! (they have been banned)")
		return addBan(player.UserId, "Tampering with KickPlr event")
	end
	target:Kick(msg)
end

ReplicatedStorage:WaitForChild("KickPlayer").OnServerEvent:Connect(kickPlr)

Players.PlayerAdded:Connect(function(player)
	local plrBan = findBan(player.UserId)
	if plrBan then
		local reason = plrBan.Reason or "unspecified reason"
		player:Kick("Banned: "..reason)
	end
end)

It bans and prints the name of the person who isn’t an admin when the event fires.

Your custom commands isn’t the problem! It’s that script which allows the KickPlr function to go through.

marbzle · July 12, 2022, 8:50pm

You don’t need to keep sending this script.