This is how exploiters can edit your guns settings

HolisThaDev · February 21, 2022, 1:02pm

Basically most of all exploiters use exploits such " Syanpse X " or " Script-Ware " Wich allows them to edit the modules of scripts of some services of your game like the players or some times the workspace.

Here is an example of it:

As we can see the gun has a module that has the settings of the gun wich are:

They basically get the gun module path from the players with scripts of exploiting like dark dex.

The gun should be like this with no exploiting:

GUN SETTINGS PATH ( thats also how exploiters can see your whole game even save some scripts and EVEN save your whole map )

Then they watch the settings and they will edit the settings of the gun making them for exmaple inf. ammo or even explosive guns:

Then they require the gun path editing the settings…

For evit this exploit you should move the gun modules to ReplicatedStorage or places like these so they can’t edit them, or if you are using guns like FE Gun Kit just get the lastest update, I don’t really know how to patch it, if you know how to patch it reply this post so other people can evit exploiters.

Avanthyst · February 21, 2022, 1:10pm

If you’re sending that data to an event then yes they can pretty much edit the info. I would do server checks to make sure the value received matches with the server, or even require the Settings module itself from the server and just have the client send the request - the server would handle the rest.

ItzEthanPlayz_YT · February 21, 2022, 1:16pm

Not fool proof, exploiters can spy on remotes and modify contents sent/received, instead do damage on the server and have a ammo counter on the client seperate, and at random ocassions sync it with the server, so even if they modify the values the damage would still be the expected one the developer set for everyone else except the exploiter

Mememoxzine · February 21, 2022, 1:16pm

Making sure the value matches is unreliable, they can easily spoof the module that will be sent to match the original one while keeping the modified one.

HolisThaDev · February 21, 2022, 1:16pm

Also, if someone knows an ACS dev please tell him that exploiters can edit the settings

banktoner · February 21, 2022, 5:31pm

It has Built-in Anti Exploit inside so Exploiters cannot edit it with Script editor in game (except in Studio) however it is also easy to get rid of it and all of the version had it only if module is deleted, (Kicks you from the server)

This is not recommended to do since it’ll ended up breaking since it requires Settings module (2 scripts hooked to this module) unless if you want to spend 2 months of painful editing

It doesn’t function like other Tool made from scratch

0xA2CAD3 · February 21, 2022, 5:51pm

This setup you gave an example of is fine BUT the only reason exploiters can actually edit configs is because ammo, debounce, etc is handled on the Client and not the Server.

Anything on the Client can be modified by exploits.
To get around most things you should just fire a remote and the only data that’s given is the mouse position. Then the Server would check the last time the gun was shot, if it has ammo, etc

tl;dr: try to put everything on the server (there are a few exceptions)

Edit: Also it’s a lot more complicated then the example you gave

HolisThaDev · February 22, 2022, 4:11pm

I know but I explain it very very short