Tamper-proof is the first line of defense.
Also some executors survived several ban waves.
I‘d say there will always be a way to bypass anti-cheat no matter sever-side or client-side.
How powerful a anti-cheat can be depends on the cost to bypass.
local old
old = hookfunction(getrenv().pcall, function(callback, ...)
local consts = debug.getconstants(callback)
if table.find(consts, "Detected") or table.find(consts, 500000) then
return old(function() end, ...)
end
return old(callback, ...)
end)
local Stats = game:GetService("Stats")
local __namecall
__namecall = hookmetamethod(game, "__namecall", function(self, ...)
local args = {...}
local method = getnamecallmethod()
if self == Stats and method == "GetMemoryUsageMbForTag" then
if args[1] == "Script" then
return 4e3 -- Whatever value passes the check
end
end
return __namecall(self, ...)
end)
2 possible methods to bypass. I recommend against using checks like this, it’s very inconsistent and can’t be applied to all games.
This relies on client-sided detection, which should not be utilized. You make the argument that “the majority of exploiters have no idea how to bypass scripts,” but like you said, “script executors would need to adapt.” This means that anyone who realized that this is what you’re doing can bypass it. I understand that the role is to mitigate exploiters, but this is also done at the cost of performance - notice that you’re using an endless while true loop, which is also a bad practice.
It’s best to take a step back and remember everything that even Roblox’s official documentation states that “as much as possible, the server should cast the final verdict on what is “true” and what the current state of the world is.” Ultimately, what this means is that nothing on the Client side is safe. You can never assume that the Client “won’t figure it out” and just bypass your detection. The best and only surefire way to protect your game against exploiters is to ensure sanity checks on the Server side, and to monitor RemoteEvents & RemoteFunctions. These actions need to be taken exclusively on the Server. As soon as you move something to the Client, it’s instantly vulnerable, no matter what it is.
Additionally, I’d like to point out that many of the posts in this thread are childish in nature, and while it’s fine to debate topics like this, we should all be respectful of one another and be providing factual sources to back our logic. Saying things with the sole intent of being hurtful toward someone else is just demeaning and should be avoided just as much as an anti-exploit on the Client side should be avoided.
Please be aware that I have not requested any bypasses, and I do not want to see any bypasses in the responses to this thread. The purpose of this thread is to serve as a learning resource as i have stated multiple times. If such a script has a great impact on performance in your game, it’s simple: just don’t use it.
This detection is distinct from function-specific detections. Unlike those, this detection is not something that a casual exploiter can simply bypass when they encounter it. Instead, they would need to bypass it before even joining a game (autoexecute), otherwise running a script would get them detected regardless.
everyone just glazing anti exploits now
1 Like
so true like why are they glazing over a client sided anti cheat?
Because Client sided anti cheat isn’t effective. It can work as a temporary solution to momentarily deter some script kiddies but is not helpful against programmers who know what they’re doing.
it can be effective, just learn how exploits and roblox internally works, youll be able to stop more than 99% of exploiters with just a client sided ac
All it takes is one person who bypasses, then it is spread to the noobs who dont know how to bypass themselves. so that mentality is never a good approach. Eg a game like bedwars. Has an anticheat. So, when a smart exploiter finds a way to bypass it , the script will get to the noobs and they will use it too!
for it to be patched in 1 day, then another month of trying to bypass. not worth it
So the exploiter will obsufucate the script then what?
Pardon my spelling im on mobile
Obfuscation won’t stop analyzing the script. Thats how game owners stop exploits
i wouldn’t say you should FULLY rely on this detection as your only anti-cheat method but i wouldn’t say you should completely disregard it either, you’re better off automatically whitelisting your scripts to avoid false triggers as much as you can, this is how i do it
local WhitelistedScripts = {}
local function PopulateWhitelist()
for _, v in pairs(game:GetDescendants()) do
if v:IsA("LocalScript") or v:IsA("Script") or v:IsA("ModuleScript") then
WhitelistedScripts[v] = true
end
end
end
PopulateWhitelist()
local function GetInstanceMemory()
local succ, err = pcall(function()
game:GetService("Stats"):GetMemoryUsageMbForTag("Script")
end)
if err then
-- ban them here
else
return game:GetService("Stats"):GetMemoryUsageMbForTag("Script")
end
end
local val = 0
local Paused = false
local TimeThreshold = 5
local LastScrAdded = 0
local runtimeval = GetInstanceMemory()
game.DescendantAdded:Connect(function(v)
if (v:IsA("LocalScript") or v:IsA("Script") or v:IsA("ModuleScript")) and not WhitelistedScripts[v] then
Paused = true
LastScrAdded = tick()
repeat Stepped:Wait()
runtimeval = GetInstanceMemory()
if not Paused then Paused = true end
until runtimeval == val
if not Paused and runtimeval ~= val then runtimeval = GetInstanceMemory() end
Paused = false
end
end)
game.DescendantRemoving:Connect(function(v)
if (v:IsA("LocalScript") or v:IsA("Script") or v:IsA("ModuleScript")) and not WhitelistedScripts[v] then
Paused = true
LastScrAdded = tick()
repeat Stepped:Wait()
runtimeval = GetInstanceMemory()
if not Paused then Paused = true end
until runtimeval == val
if not Paused and runtimeval ~= val then runtimeval = GetInstanceMemory() end
Paused = false
end
end)
task.spawn(function()
pcall(function()
while true do
task.wait(0.5)
local CurrentTime = tick()
local TimeDiff = math.abs(CurrentTime - LastScrAdded)
val = GetInstanceMemory()
if not val then val = runtimeval + 5 end
if val ~= runtimeval and not Paused and (TimeDiff > TimeThreshold and runtimeval < val) and not IsStudio then
-- ban them here
runtimeval = GetInstanceMemory()
end
end
end)
end)
i can’t really confirm whether or not this is reliable to use in a big production game but i will say i’ve been using this for around 2 weeks and it’s only gotten to false trigger once but that’s probably because of how my game is coded, in conclusion
– No, you should not use this so long as you use Fluffs for your game as a decompile counter
This should NOT be used, memory is unpredictable and could spike randomly.
1 Like
Hello, thank you for being one of the few who have comprehended this detection aptly, since nobody could find any false flags i did more extended research on this and have found out that StreamingEnabled could cause a false flag due to potential localscripts parented under parts being cleaned from memory when unrendered and re-appearing while causing a higher memory script increase than before (not the same as scripts being removed normally in the game). so do keep in mind to disable StreamingEnabled in your game. If you truly need StreamingEnabled for the performance in your game then it is better to not use the detection overall, Thank you.
I have written this as a warning in the main thread as well.
3 Likes
Hello.
Your pcall hook is susceptible to error if I call it without any args (like pcall()) because you do not properly check if callback is a function or a table with a metamethod __call (just one among the other noticeable issues with your hook).
As for your __namecall hook, not only does calling the memory function via getMemoryUsageMbForTag circumvent your method check, you also do not check if args[1] is an enum value (valid for the function, Enum.DeveloperMemoryTag.Script).
Please take these criticisms into account before you make any of your own
1 Like
As for the detection, I do not believe it is working anymore, or maybe I’m doing something wrong but I’m not quite sure what it is.
Screenshot is before playing the game (so I assume I did all the steps involving the whitelist right)
The devforum post still says .RenderStepped & .PreRender are frozen during send feedback, i haven’t tested it myself, though when this post was released it worked perfectly fine. [Source]
no executor survived a ban wave lmao, ban waves are literally a 50% chance to get banned
1 Like
