The Full Guide to Exploiting.
Written by Discgolftaco231
This is 1 of 5 guides that will come out on Wednesday of every week.
Before we get started, I just want to confirm that this is not a “How to exploit” guide. I repeat, this is NOT a guide about how to to exploit.
First of All, What is Exploiting?
Exploiting is when a person decides to be stupid and make everyone’s day bad. Tbh, I do not think I’m that off about that
Exploiting can usually be classified into two categories. Game Exploiting and Account Exploiting. There is also Website Exploiting, but we do not need to get into that.
Game Exploiting is when a player enters the game, activates their gamer hax, and decides to break the game and cause chaos in it. No one really likes them, but somehow, they still end up doing it, even though they know in the back of their head: I am making people sad.
Game Exploiters usually like to exploit because they think that exploiting makes then cool or something like that. Maybe it is to impress a girl or boy idk lol. Whatever it is, they do it because they feel power when they know they have control over other people. It makes them feel overly good about themselves, and this does affect them in their future.
Account Exploiting is when someone is able to break into an account and affect it negativally. For example, last night at approx. 9:48 pm, my account was broken into and it’s password was changed. Thankfully, I got an email from Roblox when it happened and I was able to change my password, turn 2FA on, and log all of my devices out of my account before any harm was done. This morning, I woke up to an email with a 2FA verification code that was sent at 2 am. So obviously someone tried to get in my account again, but failed… miserably.
The reason exploiters would exploit into an account would be to cause personal mental (and maybe physical) harm to the account owner. The invader might use up all the Robux on your account, or if you had Premium, continue to bill things from the credit card the account was attached too. All in all, you do not want your account to be exploited.
How Could I Prevent Exploiting?
Very good question. Although there is not a 100% Guarantee you would be able to ever stop exploiters, there are a few ways to at least slow them down to a stop.
If you are a game developer, I recommend making an Anti-Cheat system. What an Anti-Cheat system does is it detects certain player behavior and determines if the player might be cheating or exploiting. Here is a free to use Anti-Cheat made by @UnknownParabellum.
Exploiting in games can also be caused by a backdoor in your game. Backdoors usually come from Free Models and can allow certain users to exploit your game without needing to do too much work. Backdoor scripts are usually named:
-
Loader
-
Anti-Lag
-
Anchor
-
Weld
-
Handler
-
�����������������
And so on.
There are many plugins you can use to detect backdoors; just make sure they are the official plugin by the official owner. You do not want to get a fake anti-backdoor plugin.
Exploiting into accounts is a little bit easier to prevent. First of all, if you think you are a targeted user (devs, youtubers, other popular people, etc.), you need to create a strong password. After you create your strong password, you need to turn on Account Pin. What this does is it makes you input a 4 number pin every time you edit your account settings. Lastly, you need to turn on 2 Factor Authentication. This makes it so when you log into your account for the first time on another device, It will ask you to input a 6 number pin that is sent to the email you have attached to your account. Btw, make sure you have an attached email and phone number. They will become extremely helpful if your account is compromised.
If you have already been exploited into, you only have minutes to save your account. Here are what you need to do in order:
-
Change your password. This could be found in the Account Info tab of your account settings. If it does not allow you to change it, Log Out and click Forgot Username/Password and then follow the on-screen instructions.
-
Turn on 2 Factor Authentication. This can be found in the Security tab of your account settings.
-
Click Log out of all sessions at the bottom of the Security tab in your account settings.
You should be done now. The exploiter is now logged out of your account and cannot log back in because you changed your password. Good Job!
Everything Else you Should Know.
Exploits are always changing. There is never a fool-proof way to prevent exploiting, and there never will be. It is just how the online world works!
I personally know an exploiter and I do not like what he does. He even exploits in my own game. Many times, my Anti-Exploit gets him; but sometimes it does not. Once, he even got auto-banned by my system for 24 hours because he was automatically added to a watch-list I implemented.
Even though you know an exploiter personally, you should still report them. If you do not report them, you are most likely going to get banned for concealing an exploiter. The person I was talking about earlier is my friend, but I still reported him.
As for Game Exploiting, here are a few tips if you are making your own Anti-Cheat:
-
Detect if any instances are added into the Workspace at a certain rate. This could mean that an exploiter is inserting many parts at once to crash the server.
-
Detect player changes on the Server. Any Anti-Cheat on the Client can easily be bypassed.
-
Secure your Remotes. Make sure your Remote Events and Functions are secured on the Server. If they are not, exploiters can spam them; and crash your game.
Many Thanks to you!
I would just like to end this off by saying thank you for taking your time out of your day to read this. This took me over an hour to set up, and your participation really will make my day. Stay safe out there!
Resources and contributions:
Written and created by Discgolftaco231, 2020. Re-share permitted. Plain copy is not permitted.
Special thanks to @UnknownParabellum for showcasing his Anti-Cheat Framework.
Links used (in Order):
https://en.wikipedia.org/wiki/Video_game_exploit#:~:text=In%20video%20games%2C%20an%20exploit%20is%20the%20use,a%20manner%20not%20intended%20by%20the%20game's%20designers
https://www.techopedia.com/definition/24632/account-hijacking#:~:text=Account%20hijacking%20is%20a%20process%20through%20which%20an,information%20to%20carry%20out%20malicious%20or%20unauthorized%20activity.
Website Hacking: How to avoid a hacker attack.
Urban Dictionary: hax
https://www.marketwatch.com/press-release/us-anti-cheat-software-market-global-industry-analysis-size-share-growth-trends-and-forecast-2020-2025-2020-09-04#:~:text=Anti-cheat%20software%20is%20designed%20to%20prevent%20players%20of,tools%20and%20techniques%20to%20cheat%20in%20online%20games.
Anti-Exploit Framework | UnknownParabellum
Backdoor Definition & Meaning | Dictionary.com
Free model | Roblox Wiki | Fandom
Password Definition & Meaning | Dictionary.com
Roblox
https://i.ytimg.com/vi/4wcmTLO9oxU/maxresdefault.jpg
Server Definition & Meaning | Dictionary.com
Custom Events and Callbacks | Documentation - Roblox Creator Hub
More guides coming soon!..