I heard from a friend that viruses/backdoors are able to be inputted without a script, internally inside a part. Is this true?
How do you expect for this virus to even be executed if there is no script in the first place.
2 Likes
Technically this is trueā¦ kinda.
Backdoors can be inserted into a place by fake plugins. Some plugins have viruses built in them. When they are activated, the virus is injected.
One way to stop this is by looking over all of your plugins and removing ones that are unfamiliar.
Some viruses are in Free Models. They are able to cause a lot of damage to ur game if you are not careful.
One way to prevent viruses is by looking up in the Explorer Search āscriptā and review all of your scripts. Remove ones you find unfamiliar.
Backdoors can exist in hidden elementsā¦ such as CoreGui. To view hidden elements, go into File > Settings > Studio. Then check the box below.
Check on Show Hidden Elements In Explorer and look through all the new elements.
I mean like, the transfer of just a few meshparts in a rbx file
1 Like
Kind of, see it CAN be done without a script, though canāt do to much damage. Some models contain a body colors thing that is a virus. Installing plugins can have harmful impacts, and correct me if Iām wrong. but I think sound files can be a virus.
Edit: Idk if this counts as a script, but their are invisible backdoor scripts that can only be removed from viewing the game in an XML file, this happened to a group Iām inās game.
1 Like
If you insert a Part from the Insert Part button on Studio, there is no virus in it.
1 Like
Sound files themselves cannot be viruses, but a script could be inside of them which is a virus
1 Like
Even if a backdoor were to get into a hidden service, they would not be able to run as they need to be a descendant of Workspace, PlayerGui, ReplicatedFirst (for LocalScripts) or Backpack in order to function. There is no golden rule of spotting backdoors, as the name can also literally imply that they are an intended vulnerability, however with garden variety backdoors such as from the asset catalog front page, you could try:
- Typing in āScriptā into the explorer filter bar and check if there is some blatantly obvious places where there should not be a script (for example in some random part/lighting/ParticleEmitter);
- Using Ctrl + Shift + F and search for common keywords across every script such as: ārequireā, āgetfenvā, āsetfenvā.
Obviously cases where these techniques apply to real, safe scripts are possible of happening. Itās up to common sense at that point.
2 Likes
Technically this isnāt correct. A script does not only have to be in what you listed to run. Scripts can continue to run if :Destroy() is used on them, or they are parented to Nil (which is what :Destroy() does, along with a few other stuff).
If you did not realize, I am trying to say that scripts are not able to be initialized if they are parented outside of those locations. If you know how a script may parent itself or a counterpart to nil before the game starts, please let me know as that is quite interesting. I hope you are claiming that an already ran script can change the ancestry of its/another script variable in runtime, even tho that does not comply with the static nature that the studio explorer works with.