The user’s first account has already been terminated from Roblox it’s pointless alternative accounts exist no point in kicking just one account every time it joins, I believe this issue is on kohls end at this point.
2 Likes
Not worth doing, the exploiter can just make an alt
2 Likes
I’m sorry, what new chat? I’ve not been aware Roblox has implemented a new chat.
1 Like
What was his name?
You can see it here
1 Like
I believe the name was sub_due.
1 Like
Ah, thank you so much I will look into this. Just really sucks I have to do this I would think the owner of kohls admin would have been on this a while ago considering it’s a big admin used by many games.
1 Like
I see, Ip banning him would be very hard to do but if you find a backdoor in Localization service then go for it.
1 Like
I’m so sorry, I just now saw this yes I’m 100% sure I am using the original model and I was not aware that kohls uses a backdoor that’s another bummer this is honestly a shame.
2 Likes
I would recommend people use a custom admin because HD admin has at least 2 backdoors I’ve found before.
Honestly, I believe those must of been backdoored models as well as fake ones as I know HD admin wouldn’t have backdoors in it he’s a very known developer.
1 Like
HD admin is made by trusted people such as Oblivious.
and No it doesn’t have a backdoor.
The backdoor was a fake HD admin model.
and it was confirmed.
2 Likes
Glad, I was right on the statement I just made.
2 Likes
What you’re experiencing at the moment is completely unrelated to Kohl’s admin commands. The last time it had a major vulnerability was before FilteringEnabled was a thing. Kohl’s utilized loadstring() on a StringValue object to execute code via the :s and :ls commands.
Now that FilteringEnabled is mandatory for all Roblox experiences, this is no longer an issue. You are either using a fake version of the admin script, or there is another script/plugin that is allowing exploiters to remotely execute server-sided code from your game.
1 Like
This can’t be the case, the users were server banned by the exploiter I saw a clip of it, and I’m 100% sure I’m using the original kohls but I can double check once more.
1 Like
This is 100% possible if your game was backdoored – which it most likely was.
In order to verify you’re running on the real version of Kohl’s source code, open the “Loader” script and find the segment of code that invokes require(). From there you can navigate to the library and paste the ID that is being imported.
For example:
This whole ordeal is kinda freaking me out to be honest.
1 Like
Kohls is just super outdated, I know it’s unprotected that’s 100% for sure my friend made a crash script a while ago which I patched.