I keep finding a script under my camera called Antilag and it requires another script called LPT7, I don’t know where it comes from but here is the link:
You probably have installed backdoor plugin.
3 Likes
Oh okay is there a way to find out which plugin inserted it?
Disable all plugins and remove the script and slowly enable them one by one till you notice the script has returned, the one that you last enabled is probably the malicious one you should uninstall.
Either that or it’s from a free model
I’ve replaced the code inside with a comment, so it shouldn’t replace the script
Obvisouly a backdoor and seems to be a plugin causing this. Mind showing me your plugins?
Update: The script gives access to a player whitelisted and they will get this gui, source is obfuscated with IronBrew.
That is what I found. Also found their Discord and it is fully active. I took a look at your plugins and you have a ton of real and malicious plugins. But mind showing me what plugins are active?
1 Like
That’s not what @EmbatTheHybrid meant.
What he meant you to do is disable each and every one of your plugins. Destroy the whole script (instance, not the code!) and enable a plugin. Run your game and see if it showed up again. If not? Enable another plugin. (You’ll have 2 enabled now) Check again if the script showed up again. If it did you know the last plugin you enabled is the one causing this and is the one you should uninstall.
You need to keep enabling plugins 1-by-1 and checking if it showed up until you found the source. If it’s not caused by the plugins, it is a free model.
If it is that last, you should search in all scripts for the following;
getfenvreverseloadstringrequire
To search through every script in the game do CTRL + SHIFT + F.
If one of those matches the ID (4821417050) then you know that’s the script inserting your “LPT7 - Roblox” script.
The 1-by-1 method is not really great as you can see the plugin’s sources with just 1 line of code.
It for sure is the most secure way (that I’m aware of)
Sources as in source code?
If so,
since when is this a thing? I’ve never heard of this.
Run this on your command bar to get the source.
You can check for script droppers, getfenv and all that stuff in the plugin source as well.
It is 100% secure as ROBLOX LUA scripts can not interact with your real computer. For example: a script or plugin can not get you a trojan to your system.
for _, object in pairs(game:GetObjects("rbxassetid://IDOFPLUGIN")) do
object.Parent = workspace
endDamn, you’re right. Never knew that this existed haha
It has existed for quite long actually. I am a reverse engineer & scripter so yeah. Anyways incase you want to talk, head to my DevForum PM’s.