What do you want to achieve? Keep it simple and clear!
There’s an issue that I’m trying to fix with a script but can’t figure out how to.
What is the issue? Include screenshots / videos if possible!
There’s some sort of issue that causes the servers ping to go from 90ms to up to 90k ms before crashing the server entirely.
We have determined the script they are using, but the script is obfuscated so there is little to no way to read what is causing this issue (be warned that if you click on the link to see the script, there is a large amount of profanity and horrible things written throughout.)
What solutions have you tried so far? Did you look for solutions on the Developer Hub?
we have tired to add both a local weld script that boots a player if there is more than one weld inside of them at once and a chat function script that boots a player trying to bypass the chat filtering system and sends too many long messages too quickly as well as kicks a player for sending a message with more than 300 characters.
There is also a youtube video linked to better understand what the exploiter looks like while executing this script, and the immediate lag spikes that follow.
Please help us fix this issue… it is not only affecting our player count, but also causing mass dislikes towards our game.
I think what the script does is by the large amounts of assets I’m not sure because the script is confusing I wanted to help you since I don’t like exploiters but I can’t read the script since it has Arabic writings. The solution I can only offer is to identify what the script is doing by downloading a hack client(for purposes) and executing the script and lastly observing the explorer. Also, add a ban script and manually put the name of the exploiter
Assuming you have thoroughly checked your game for backdoors, I doubt there is much you can do. I believe DDos exploits generally just go straight to the server, instead of through remote events. You should probably introduce some form of cross server party system, and make the hub servers single player. This would mean that a DDos exploiter could, at worst, break their own server.
I don’t know if this helps, but try going to the “Find All/Replace All” button at the top bar under one of the tabs (in studio, I forgot which one). This will allow you to find specific strings in Scripts, (sort of like how Cmd/Ctrl F works, but for all scripts). After you do that, try searching for these phrases:
getfenv Getfenv is usually the functions itself, followed by a bunch of numbers. If you see this, delete it. require The require statement is also commonly used for backdoors. Don’t delete this statement if you know it’s a module you’ve created. RoSync Rosync is another common backdoor developers use string.reverse / :reverse This method/function is also commonly used in correlation with getfenv, it can be used to create confusing codes and characters, specifically to mask backdoors.
The issue turned out to be an unsecured RemoteEvent. The exploiter was able to access my RemoteEvent and call it continuously until the server crashed. I’ve since fixed this, we ended up just adding verification to our RemoteEvent so that if it isn’t called by the correct script then it will detect and kick the exploiter.
