|
| 18 Jul 2016 09:29 PM |
I'm making my own build to survive game; in an attempt to make one better than the free models, because none of those are fun anymore, I decided to use filtering enabled, and make everything myslef. I'm sacrificing the ease of making for the quality it will provide. However, I ask for advice - how can I securely make sure the player isn't cheating. How can I make sure they cant place off they're plot, load there own models, etc.
Also, how can I make a debounce secure (although that might seem less important, I don't need them to throttle my events)
#code print("While I may look like a cataclysmic god of the eggs from the future, I am not.") |
|
|
| Report Abuse |
|
|
Soybeen
|
  |
| Joined: 17 Feb 2010 |
| Total Posts: 21462 |
|
|
| 18 Jul 2016 09:34 PM |
If you have FE on, and you're performing all checks on the server, and not trusting the client with anything, then you're fine.
|
|
|
| Report Abuse |
|
|
|
| 18 Jul 2016 09:39 PM |
My concerns are, though:
-How am I even supposed to do a debounce on the server, because at that point the event has already been fired. -I'm not sure exactly what order to do things in, like
-create brick on client -position on client with checks client sided -when clicked fire server if debounce on the client is okay -no debounce on server because it's only 0.5 anyways and it wouldn't be asynchronous -if the server says the block is bae and needs to be placed then place it
or??
#code print("While I may look like a cataclysmic god of the eggs from the future, I am not.") |
|
|
| Report Abuse |
|
|
Soybeen
|
  |
| Joined: 17 Feb 2010 |
| Total Posts: 21462 |
|
|
| 18 Jul 2016 09:41 PM |
Use a RemoteFunction instead of a RemoteEvent. The local script will wait for the return
|
|
|
| Report Abuse |
|
|
Soybeen
|
  |
| Joined: 17 Feb 2010 |
| Total Posts: 21462 |
|
|
| 18 Jul 2016 09:44 PM |
asynchronous also means not synchronous
|
|
|
| Report Abuse |
|
|
|
| 18 Jul 2016 09:46 PM |
@soybeen
just now realizing that...
#code print("While I may look like a cataclysmic god of the eggs from the future, I am not.") |
|
|
| Report Abuse |
|
|
|
| 19 Jul 2016 02:20 AM |
soy, some exploiters can get into the games directories and use RemoteEvents against us letting the client through to the server. I strongly suggest using FE and a good anti exploit model, like RDS or something. |
|
|
| Report Abuse |
|
|
Soybeen
|
  |
| Joined: 17 Feb 2010 |
| Total Posts: 21462 |
|
|
| 21 Jul 2016 05:25 PM |
Not if you are properly using RemoteEvents/RemoteFunctions.
They could fire the server all day but it won't matter because the server has the final say. Pass all the bogus information you'd like, as long as the server is checking the validity of it, you're fine.
|
|
|
| Report Abuse |
|
|
|
| 21 Jul 2016 05:27 PM |
What you don't get is server sided debounces only get you so far with the delays of firing events accounted for and whatnot - so for the most part people do it on the client because it is inaccurate if handled by the server with small, say (< 0.7), debounces. So therefore, I could spam an input event and you would have no say, for the server cannot handle input and could not validate it.
#code print("While I may look like a cataclysmic god of the eggs from the future, I am not.") |
|
|
| Report Abuse |
|
|
Soybeen
|
  |
| Joined: 17 Feb 2010 |
| Total Posts: 21462 |
|
|
| 21 Jul 2016 05:31 PM |
"delays of firing events" that's just as fast as ping
"people do it on the client because it is inaccurate if handled by the server with small, say (< 0.7), debounces. " "I could spam an input event and you would have no say,"
If you're telling me that they're spam-firing the server, then all you need to do is throttle the rate of input with :kick(), assuming ROBLOX isn't already built with this precaution.
"you would have no say, for the server cannot handle input and could not validate it." if it can't validate it then nothing happens
abc 123 ez
|
|
|
| Report Abuse |
|
|
|
| 21 Jul 2016 05:32 PM |
this is probably a stupid stupid idea but
debounce client side
fire to server with val of debounce
they can only fire to server legitimately against the debounce timeframe if they are not firing the remote event themselves
so pass the debounce val as an argument and if it's, let's say, true, kick the player?
Add 13,000 posts |
|
|
| Report Abuse |
|
|
|
| 21 Jul 2016 05:33 PM |
oh wait they can just pass a faulty val
Add 13,000 posts |
|
|
| Report Abuse |
|
|
|
| 21 Jul 2016 05:34 PM |
Okay, a developer could add that feature. But that's 1 game. Not all games do that, or ever will. Many wont.
On top of that, I could still spoof input like every 10 seconds. Also if they can't validate it, nothing will happen? Have fun taking user input, lmao.
One way or another. I could cheat in your game, and you can do nothing about it :)
#code print("While I may look like a cataclysmic god of the eggs from the future, I am not.") |
|
|
| Report Abuse |
|
|
Soybeen
|
  |
| Joined: 17 Feb 2010 |
| Total Posts: 21462 |
|
|
| 21 Jul 2016 05:40 PM |
I welcome you to try, but you can't.
> "But that's 1 game. Not all games do that, or ever will. Many wont." You are foolishly assuming that there are no built in precautions to prevent clients from lagging ROBLOX's servers by spamming them with input. I can almost guarantee that this is one of the first things they looked into when making the game.
Also, you'll likely lag yourself out by spamming input WAY before you have an affect on ROBLOX servers.
>"could still spoof input like every 10 seconds." wow that is so taxing on the server, slow down you might damage something lmao
>"Also if they can't validate it, nothing will happen?" correct, if the client sends fake information, ignore it
|
|
|
| Report Abuse |
|
|
|
| 21 Jul 2016 06:08 PM |
They throttle after a while, yes, but that's it. Your foolishly assuming I haven't.
Your a mere fool, and your not worth my time. I won't bother to examine the rest of your argument ;)
#code print("While I may look like a cataclysmic god of the eggs from the future, I am not.") |
|
|
| Report Abuse |
|
|
|
| 21 Jul 2016 06:11 PM |
You know, I'll go ahead and take your bait.
1. Every 10 seconds is taxing, I'm spoofing input not to crash (in the case that they DO implement kick) but to cheat in other ways.
2. HOW CAN YOU TELL IF I REALLY PRESSED THE KEY IF I'M FAKING IT HOW ARE YOU GOING TO TELL ME IF I HOOKED MY DRIVERS OR SOME CRAP OR AM USING SEND KEYS HOW DUMB ARE YOU? IS YOUR IQ 0?
3. YOU KNOW NOTHING OF EXPLOITING. STOP ARGUING WITH SOMEONE WHO HAS DONE IT, READ IT, LIVED IT. I HAVE CREATED MANY HACKS FOR FPS GAMES AND A FEW EXPLOITS FOR ROBLOX. JUST STOP. IT'S EASY TO DO AND ANY STUPID KID CAN DO IT, INCLUDING ME. YOU CANNOT STOP ALL EXPLOITING. THERE WILL ALWAYS BE A WAY.
And no, I'm not mad. Just maybe you need glasses.
#code print("While I may look like a cataclysmic god of the eggs from the future, I am not.") |
|
|
| Report Abuse |
|
|
Soybeen
|
  |
| Joined: 17 Feb 2010 |
| Total Posts: 21462 |
|
|
| 21 Jul 2016 06:12 PM |
Did you recently have your brain replaced with a small angsty teenager in a hamster wheel?
Because that's the vibe I'm getting.
|
|
|
| Report Abuse |
|
|
Soybeen
|
  |
| Joined: 17 Feb 2010 |
| Total Posts: 21462 |
|
|
| 21 Jul 2016 06:15 PM |
Literally none of what you said above has any merit and/or meaning. Everything you just said is refuted by my above posts where I clearly explain to you why you are totally and completely wrong.
You think you know, but you do not, and you are aggressive when you're confronted about potentially being wrong.
^ That defines the worst trait a person can have, and I wish anyone upholding that mindset a swift demise.
|
|
|
| Report Abuse |
|
|
|
| 21 Jul 2016 06:17 PM |
Okay. Show me how you detect me hooking my drivers. Also, show me how you detect me using SendKeys.
Please. Please do.
I will pay $500000000 to anyone who can figure out a way with 100% accuracy.
#code print("While I may look like a cataclysmic god of the eggs from the future, I am not.") |
|
|
| Report Abuse |
|
|
Soybeen
|
  |
| Joined: 17 Feb 2010 |
| Total Posts: 21462 |
|
|
| 21 Jul 2016 06:18 PM |
https://www.youtube.com/watch?v=STxWIuFnBDI
|
|
|
| Report Abuse |
|
|
Soybeen
|
  |
| Joined: 17 Feb 2010 |
| Total Posts: 21462 |
|
|
| 21 Jul 2016 06:21 PM |
do you think that you're gonna lag/hack a roblox game by using WINDOWS SENDKEYS? LMAO Are you dense?! XDD
|
|
|
| Report Abuse |
|
|
|
| 21 Jul 2016 06:22 PM |
Were talking about for ROBLOX here, if I was playing your game. Do it in Lua.
Let's raise the stakes, If you can do it, you get the money. If you cant, you leave this subforum forever.
#code print("While I may look like a cataclysmic god of the eggs from the future, I am not.") |
|
|
| Report Abuse |
|
|
|
| 21 Jul 2016 06:23 PM |
And oh my god are you dense? You are. Because I'm NOT SAYING LAG THE SERVER. WHILE THAT IS ONE THING THAT COULD BE DONE BY THROTTLING THE EVENT, I'M SAYING SPOOFING INPUT RIGHT NOW. AS IN FAKING THAT I'M WALKING, FAKING THAT I'M JUMPING, FAKING THAT I'M AIMING MY MOUSE. THINGS THAT WOULD HELP MY CHARACTER NAVIGATE.
#code print("While I may look like a cataclysmic god of the eggs from the future, I am not.") |
|
|
| Report Abuse |
|
|
|
| 21 Jul 2016 06:26 PM |
@Soy when using a local script (RemoteFunction) to fire the server... How can I get rid of the delay that I have between click to firing the RemoteFunction to the server creating the object... (big delay)
Example: https://www.roblox.com/games/406035191/Zombie-Storm-Reborn-Alpha |
|
|
| Report Abuse |
|
|
DevVince
|
  |
| Joined: 08 Nov 2008 |
| Total Posts: 9245 |
|
|
| 21 Jul 2016 06:27 PM |
Soybeen just ignore this guy, look at his join date he's an 8 year old. Plus a few days ago he said FE was bad and super hackable and made it easier to exploit the game. XD
Aka OP is a total idiot.
|
|
|
| Report Abuse |
|
|