Is there any example scripts of this? I’m horrible at remotes.
Edit: I figured it out, feeling very smart.
Wanted to let you all know that deleting things in the character is going to be patched soon. They recently added a new property in workspace called RejectCharacterDeletions. Its not active yet though.
@TheShowCaseMaker sorry for ping, but from your post:
“Hackers can view and edit local scripts in a client service (such as StarterPlayer)”
I thought that client side could only see ModuleScripts and LocalScripts, with the exception that hackers can edit and run module scripts (but the server won’t see the values changed in the module script). Perhaps we need some more details for the post (btw, nice job with all the explanations and useful info)?
Technically that’s still correct, they can read the compiled bytecode of LocalScripts and ModuleScripts as well as decompile it. In terms of runtime exploits and changing things, the more specific thing they’re doing is modifying memory and making your variables point to different values.
An exploiter doesn’t directly edit a script but they can run a tampered copy if they render the original copy ineffective or just change certain things in the environment.
is it possible to prevent “instance.new” on the StarterGui? Like deleting them when its added
Because hackers can use exploiting guis like that…
no, also exploiters use CoreGui
which is a protected service
Yes, it’s possible to prevent/detect a new gui instance being inserted into the startergui, it’s very useless to do this though as mostly exploiters use CoreGui which can be accessed using hacky methods which are very private.
This should work.
while true do
game:GetService("RunService").Stepped:Wait(1)
game.StarterGui.DescendantAdded:Connect(function(T)
if T:IsA("ScreenGui") then
warn("new gui added") -- Detect
T:Destroy() -- Destroy
end
task.wait(1)
end)
end
That will warn when a new screengui is inserted inside startergui or destroy it, if you have other guis which the game adds which I’m assuming you do you need to make a whitelist table of those gui names to make sure that it doesn’t false positive those. Hope that helps!
Wrong, it’s very possible to detect both instances for both services just coregui requires hacky methods.
that is already patched by roblox and syn.protect_gui()
there are no longer methods to detect coregui.
Wrong, there is still methods of detecting coregui just very hacky methods I won’t be elaborating on them.
That’s for coregui not startergui, nobody with the right brains who makes a exploit gui will put it in startergui.
the method you posted publicly was a very outdated method to detect coregui guis.
and running that coregui remover script no longer works.
Once again the script I posted was for StarterGui not CoreGui please learn how to read, if you read what the person said they were asking for a way of detecting when a new screenGui instance is inserted inside of StarterGui.
bro i havent logged in to this threat for like 5 months what happened
Sorry to bump, but if I had a modulescript that returned some sort of false value at the end would an exploiter be able to get the original module? Kinda like this:
local module = {}
module.coolThingy = 12
return game:GetService("RunService"):IsClient() and {"haha no hax 4 u"} or module
--would an exploiter be able to read the source of the module and find the value of coolThingy?
They can, you won’t be able to deter them like that.
@mhmdsndb3 the post you’re replying to is three months old and has 75 existing answers which cover everything you’ve mentioned.
they can change stuff in their character + the stuff they have network ownership to(including npcs like bosses so you have to change their network owner)
dont forget about the nsfw stuff they can run on their characters with their hats (you can find it on youtube by searching for roblox fe scripts)
why its on the top of the lastest posts bruh
Because someone had a new question related to the topic and decided to ask it here. Creating a new post on a thread bumps the topic and moves it to the top of the forum, even if the topic still isn’t all that relevant. There’s nothing particularly wrong with that, it just means that years-old stuff shows up in the same place as new stuff from time to time.
as someone who worked with this before, My worst mistake is trusting client
I remember when I thought the most secure way is sending an encrypted messages but then the hacker can actually just gib what was being sent by hooking the metatable to it
my entire system is completely vulnerable and I abandon it entirely