Username Lookup V1.5 - Swoop exploiters away (Made for cafes and other other games like that)


When you work at your cafe game or etc u see these exploiters with 0 name, you’re like, I will get his avatar and you not find him any where with this model u will be able to find anyone.

Q:How to use it?
A:Just take the tool and click someone it should show their name and also a button that allows to directly kick the selected person.

Q:Can I edit the tool if there is something that I don’t like?
A:Sure it’s open source u can do what ever you want.

Q:Can exploiters abuse to tool to get a kick exploit
A:No.

There is also a new script going around lately, that abuse the network to get animations and also use their hats inside their avatar. Whats cool with the Username Lookup u click on the hats or the player it will still get their username even if they make a fake player script just click it and its supposed to give their name.

Screenshot:

Model link:https://www.roblox.com/library/5499801803/Username-Lookup-V1-Made-for-Cafes

If you have any problems or question with the tool tell me by replying to this topic.

-Mimi

22 Likes

Awesome, I will try to use it for my military game which used to be a hot-spot for exploiters. I will reply back when I use it.

3 Likes

Cool, I hope it will fix your exploiter problem ^^

And if someone ask no there isn’t any backdoor in that model it’s full clean u can check via using a roblox chrome extension (BTRoblox) and u will be able to see it’s full clean

1 Like

Mentioning this was a bit suspicious, but I can confirm there is indeed no backdoor in here.

I see you’re handling the Remote per client which also odd but then it turned out there is some protection on the RemoteEvent (simple if Player == Player then operation) but I have to ask:

  1. What if the client you’re trying to check just simply removes their humanoid?
  2. Why kick an exploiter when they can just simply rejoin? Seems tedious, DataStoreService should be used.
6 Likes

The Script who checks the player username will be dropped in PlayerGui when u equip the tool soo the script will go to the main Player and get his name and then if someone is firing it and plr.Name ~= as the one we took then it will just kick the player and no I don’t wanna do a ban just a kick because I don’t want to see there is a ban bug with the tool
and the first question Imma update the Module I didn’t thought of that Imma fix it and Imma tell u when I update it

New Version has been released v1.5
1.5 Changelog:
-Fixed checks when u clicked the player because exploiters can remove their humanoid soo they don’t get detected that has been fixed

Updated it soo u can check if there is any issues with it

What’s the use of this? If an exploiter makes a change to their character which replicates then detecting it is trivial. Same thing with exploiters removing their names, if they remove their username (presumably a BillboardGui under their character) then you should be able to look for that.

Bypassed it. I made a fake serverside in studio and snagged the tool from Player2’s backpack with serversided Dex Explorer and kicked them. I managed to load normal Dex in studio and it didn’t work as expected.
It doesnt work while the player is holding the tool. Only if its in the backpack. Like if an admin at a backdoored cafe had it sitting in their backpack some guy named XxDeathVxbing2323xX could use Little Johnny SS and load dex to kick everyone. Here is the footage

Please make it a GUI instead of a tool or else it will make this quote a lie!

I did this all in studio but it is more than possible with a serverside!

2 Likes

I’m not sure what you were trying to get out of this. If an exploiter has access to the server directly they are able to do anything the server can regularly do with basically no way to prevent execution. And not to mention, if an exploiter had server access they are able to kick players without the use of this tool.

Preventing abuse through server sided access is probably not possible and is at fault for the game developers deciding to use models with backdoors to them.

Finally, making it a GUI doesn’t help, the server can modify any player’s GUI if they so desire.

9 Likes

Sure you bypassed but at the same time what you are doing isn’t hard to stop at all. If you have a script that handles ranks you can simply just add a script that will only allow you to use the tool if you have a certain rank which would be stored on the Server therefore an exploiter can’t do anything with it since it is stored on the server and if you attempted to use that item without the rank, the item would simply just not work, you can destroy it, or whatever you want to do if such happens @mimi235664556655 what I just said is a good security practice,

xZytler here makes a very good point here as well if the user has access to the ServerSide which really won’t happen as most exploiters executors are client sided and only execute LocalScripts they wouldn’t need to even bother stealing the tool from on that does have the tool.

Like @xZylter said, if the exploiter has serverside on the game, there is literally no use for this.

They can just ban the owner / staff of the game anyways if they have serverside.

2 Likes

Why should I use this over a basic admin script, or something like HD Admin. This seems pointless.

This is not a admin script, since exploiters can somehow hide their names to prevent getting them banned(as op said) the tool allows you to click the player with hidden name and get their name so you can ban them.

By the way, instead of making a tool like this it would be better if you just kicked everyone with a hidden name, i think you have tried this but couldnt know which method they use to hide their name but just saying

Server sides are easy to detect I already made a detection which detects all of them Lol and I was talking about fe hackers not about server sides

Yes but this was made to stop fe hackers not server sides if u want a server side detection it’s easy u just need to check the scripts regularly

This is a addon with the admin scripts because some fe hackers try to hide their username not server side hackers

  1. They can make bypasses easily
  2. Will take lots of time