I was working on a collaboration project today when I suddenly stumbled upon this script. It seems to require something.
It’s likely to be a backdoor, but either way I’m really curious to know what it does. Can someone decipher the ADDR variable? I tried doing it myself, but didn’t succeed.
ADDR is a hexadecimal representation of the id of the module this script is trying to require. Print it out in the command bar and it becomes 6972600074.
By looking at the Code, I can tell it might be a backdoor, It makes the word “require”, And ADDR is most likely the Asset/ModuleScript ID. If i were you, I wouldn’t trust it.
A poor attempt at obfuscating a backdoor.
It really depends on what the script does. In the image, it seems like it’s a welding script, however, you should probably just use qPerfectionWeld instead of that, as that’s a bit sketchy.
I saw GnomeCode video talking about backdoor scripts, it can gave people ‘admin’ to crash, ban players, lock servers, etc.
But in this video, he only shows the the backdoor script that will give out the information of the game into a discord webhook link (offsite)
The script requires a module that requires another module thats an admin console.
Alright, thank you. Was just curious to know what it was.
No this is definitely not an admin command.
I checked the code and it gives a group of hackers full backdoor access to your game and it sends a webrequests to their discord webhook so they can know they infected your game.
You should absolutely remove this script!
It contains an admin console. The point of the webhook is to inform the exploiters that the game is infected and that they can mess with it as much as they want. In particular, it contains an executor.
Yes you are right, but the OP might mistake you saying it’s an admin console for the game creators. It’s not, it’s a backdoor.
The admin console is the backdoor, it’s only gives to the exploiters.
And it actually isn’t classified as an admin console but a “Server Side Executor / SS”.
(Just clearing things up)
The backdoor script is, that hackers like tubers93 could use a script like:
require:(id)("HD")
if you were tubers, you could go to the developer console, and go to log and enter the script. then you could use the HD Admin. but it’s not the official HD Admin. it’s a fake HD Admin Uploaded by someone with a backdoor script. not only that, the hacker could easily get in HD Admin and ban everyone. and do that what he wants.