generic image
Processing...
  • Games
  • Catalog
  • Develop
  • Robux
  • Search in Players
  • Search in Games
  • Search in Catalog
  • Search in Groups
  • Search in Library
  • Log In
  • Sign Up
  • Games
  • Catalog
  • Develop
  • Robux
   
ROBLOX Forum » Game Creation and Development » Scripters
Home Search
 

Re: Secure building tool?

Previous Thread :: Next Thread 
RemasteredBox is not online. RemasteredBox
Joined: 19 Jun 2016
Total Posts: 2140
18 Jul 2016 09:29 PM
I'm making my own build to survive game; in an attempt to make one better than the free models, because none of those are fun anymore, I decided to use filtering enabled, and make everything myslef. I'm sacrificing the ease of making for the quality it will provide. However, I ask for advice - how can I securely make sure the player isn't cheating. How can I make sure they cant place off they're plot, load there own models, etc.

Also, how can I make a debounce secure (although that might seem less important, I don't need them to throttle my events)


#code print("While I may look like a cataclysmic god of the eggs from the future, I am not.")
Report Abuse
Soybeen is not online. Soybeen
Joined: 17 Feb 2010
Total Posts: 21462
18 Jul 2016 09:34 PM
If you have FE on, and you're performing all checks on the server, and not trusting the client with anything, then you're fine.


Report Abuse
RemasteredBox is not online. RemasteredBox
Joined: 19 Jun 2016
Total Posts: 2140
18 Jul 2016 09:39 PM
My concerns are, though:

-How am I even supposed to do a debounce on the server, because at that point the event has already been fired.
-I'm not sure exactly what order to do things in, like

-create brick on client
-position on client with checks client sided
-when clicked fire server if debounce on the client is okay
-no debounce on server because it's only 0.5 anyways and it wouldn't be asynchronous
-if the server says the block is bae and needs to be placed then place it

or??


#code print("While I may look like a cataclysmic god of the eggs from the future, I am not.")
Report Abuse
Soybeen is not online. Soybeen
Joined: 17 Feb 2010
Total Posts: 21462
18 Jul 2016 09:41 PM
Use a RemoteFunction instead of a RemoteEvent. The local script will wait for the return



Report Abuse
Soybeen is not online. Soybeen
Joined: 17 Feb 2010
Total Posts: 21462
18 Jul 2016 09:44 PM
asynchronous also means not synchronous


Report Abuse
RemasteredBox is not online. RemasteredBox
Joined: 19 Jun 2016
Total Posts: 2140
18 Jul 2016 09:46 PM
@soybeen

just now realizing that...


#code print("While I may look like a cataclysmic god of the eggs from the future, I am not.")
Report Abuse
kyleconner11 is not online. kyleconner11
Joined: 18 Oct 2009
Total Posts: 37
19 Jul 2016 02:20 AM
soy,
some exploiters can get into the games directories and use RemoteEvents against us letting the client through to the server. I strongly suggest using FE and a good anti exploit model, like RDS or something.
Report Abuse
Soybeen is not online. Soybeen
Joined: 17 Feb 2010
Total Posts: 21462
21 Jul 2016 05:25 PM
Not if you are properly using RemoteEvents/RemoteFunctions.

They could fire the server all day but it won't matter because the server has the final say. Pass all the bogus information you'd like, as long as the server is checking the validity of it, you're fine.


Report Abuse
RemasteredBox is not online. RemasteredBox
Joined: 19 Jun 2016
Total Posts: 2140
21 Jul 2016 05:27 PM
What you don't get is server sided debounces only get you so far with the delays of firing events accounted for and whatnot - so for the most part people do it on the client because it is inaccurate if handled by the server with small, say (< 0.7), debounces. So therefore, I could spam an input event and you would have no say, for the server cannot handle input and could not validate it.


#code print("While I may look like a cataclysmic god of the eggs from the future, I am not.")
Report Abuse
Soybeen is not online. Soybeen
Joined: 17 Feb 2010
Total Posts: 21462
21 Jul 2016 05:31 PM
"delays of firing events"
that's just as fast as ping

"people do it on the client because it is inaccurate if handled by the server with small, say (< 0.7), debounces. "
"I could spam an input event and you would have no say,"

If you're telling me that they're spam-firing the server, then all you need to do is throttle the rate of input with :kick(), assuming ROBLOX isn't already built with this precaution.

"you would have no say, for the server cannot handle input and could not validate it."
if it can't validate it then nothing happens

abc 123 ez


Report Abuse
Lord_Narwhal is not online. Lord_Narwhal
Joined: 05 May 2012
Total Posts: 3242
21 Jul 2016 05:32 PM
this is probably a stupid stupid idea but

debounce client side

fire to server with val of debounce

they can only fire to server legitimately against the debounce timeframe if they are not firing the remote event themselves

so pass the debounce val as an argument and if it's, let's say, true, kick the player?


Add 13,000 posts
Report Abuse
Lord_Narwhal is not online. Lord_Narwhal
Joined: 05 May 2012
Total Posts: 3242
21 Jul 2016 05:33 PM
oh wait they can just pass a faulty val


Add 13,000 posts
Report Abuse
RemasteredBox is not online. RemasteredBox
Joined: 19 Jun 2016
Total Posts: 2140
21 Jul 2016 05:34 PM
Okay, a developer could add that feature. But that's 1 game. Not all games do that, or ever will. Many wont.

On top of that, I could still spoof input like every 10 seconds. Also if they can't validate it, nothing will happen? Have fun taking user input, lmao.

One way or another. I could cheat in your game, and you can do nothing about it :)


#code print("While I may look like a cataclysmic god of the eggs from the future, I am not.")
Report Abuse
Soybeen is not online. Soybeen
Joined: 17 Feb 2010
Total Posts: 21462
21 Jul 2016 05:40 PM
I welcome you to try, but you can't.

> "But that's 1 game. Not all games do that, or ever will. Many wont."
You are foolishly assuming that there are no built in precautions to prevent clients from lagging ROBLOX's servers by spamming them with input. I can almost guarantee that this is one of the first things they looked into when making the game.

Also, you'll likely lag yourself out by spamming input WAY before you have an affect on ROBLOX servers.

>"could still spoof input like every 10 seconds."
wow that is so taxing on the server, slow down you might damage something lmao

>"Also if they can't validate it, nothing will happen?"
correct, if the client sends fake information, ignore it





Report Abuse
RemasteredBox is not online. RemasteredBox
Joined: 19 Jun 2016
Total Posts: 2140
21 Jul 2016 06:08 PM
They throttle after a while, yes, but that's it. Your foolishly assuming I haven't.

Your a mere fool, and your not worth my time. I won't bother to examine the rest of your argument ;)


#code print("While I may look like a cataclysmic god of the eggs from the future, I am not.")
Report Abuse
RemasteredBox is not online. RemasteredBox
Joined: 19 Jun 2016
Total Posts: 2140
21 Jul 2016 06:11 PM
You know, I'll go ahead and take your bait.

1. Every 10 seconds is taxing, I'm spoofing input not to crash (in the case that they DO implement kick) but to cheat in other ways.

2. HOW CAN YOU TELL IF I REALLY PRESSED THE KEY IF I'M FAKING IT
HOW ARE YOU GOING TO TELL ME IF I HOOKED MY DRIVERS OR SOME CRAP
OR AM USING SEND KEYS
HOW DUMB ARE YOU? IS YOUR IQ 0?

3. YOU KNOW NOTHING OF EXPLOITING. STOP ARGUING WITH SOMEONE WHO HAS DONE IT, READ IT, LIVED IT. I HAVE CREATED MANY HACKS FOR FPS GAMES AND A FEW EXPLOITS FOR ROBLOX. JUST STOP. IT'S EASY TO DO AND ANY STUPID KID CAN DO IT, INCLUDING ME. YOU CANNOT STOP ALL EXPLOITING. THERE WILL ALWAYS BE A WAY.

And no, I'm not mad. Just maybe you need glasses.


#code print("While I may look like a cataclysmic god of the eggs from the future, I am not.")
Report Abuse
Soybeen is not online. Soybeen
Joined: 17 Feb 2010
Total Posts: 21462
21 Jul 2016 06:12 PM
Did you recently have your brain replaced with a small angsty teenager in a hamster wheel?

Because that's the vibe I'm getting.



Report Abuse
Soybeen is not online. Soybeen
Joined: 17 Feb 2010
Total Posts: 21462
21 Jul 2016 06:15 PM
Literally none of what you said above has any merit and/or meaning.
Everything you just said is refuted by my above posts where I clearly explain to you why you are totally and completely wrong.

You think you know, but you do not, and you are aggressive when you're confronted about potentially being wrong.

^ That defines the worst trait a person can have, and I wish anyone upholding that mindset a swift demise.


Report Abuse
RemasteredBox is not online. RemasteredBox
Joined: 19 Jun 2016
Total Posts: 2140
21 Jul 2016 06:17 PM
Okay. Show me how you detect me hooking my drivers.
Also, show me how you detect me using SendKeys.

Please.
Please do.

I will pay $500000000 to anyone who can figure out a way with 100% accuracy.


#code print("While I may look like a cataclysmic god of the eggs from the future, I am not.")
Report Abuse
Soybeen is not online. Soybeen
Joined: 17 Feb 2010
Total Posts: 21462
21 Jul 2016 06:18 PM
https://www.youtube.com/watch?v=STxWIuFnBDI


Report Abuse
Soybeen is not online. Soybeen
Joined: 17 Feb 2010
Total Posts: 21462
21 Jul 2016 06:21 PM
do you think that you're gonna lag/hack a roblox game by using WINDOWS SENDKEYS?
LMAO
Are you dense?! XDD


Report Abuse
RemasteredBox is not online. RemasteredBox
Joined: 19 Jun 2016
Total Posts: 2140
21 Jul 2016 06:22 PM
Were talking about for ROBLOX here, if I was playing your game. Do it in Lua.

Let's raise the stakes,
If you can do it, you get the money.
If you cant, you leave this subforum forever.


#code print("While I may look like a cataclysmic god of the eggs from the future, I am not.")
Report Abuse
RemasteredBox is not online. RemasteredBox
Joined: 19 Jun 2016
Total Posts: 2140
21 Jul 2016 06:23 PM
And oh my god are you dense? You are. Because I'm NOT SAYING LAG THE SERVER. WHILE THAT IS ONE THING THAT COULD BE DONE BY THROTTLING THE EVENT, I'M SAYING SPOOFING INPUT RIGHT NOW. AS IN FAKING THAT I'M WALKING, FAKING THAT I'M JUMPING, FAKING THAT I'M AIMING MY MOUSE. THINGS THAT WOULD HELP MY CHARACTER NAVIGATE.


#code print("While I may look like a cataclysmic god of the eggs from the future, I am not.")
Report Abuse
Lua_Basics is not online. Lua_Basics
Joined: 04 Jun 2012
Total Posts: 9977
21 Jul 2016 06:26 PM
@Soy when using a local script (RemoteFunction) to fire the server... How can I get rid of the delay that I have between click to firing the RemoteFunction to the server creating the object... (big delay)

Example: https://www.roblox.com/games/406035191/Zombie-Storm-Reborn-Alpha
Report Abuse
DevVince is not online. DevVince
Joined: 08 Nov 2008
Total Posts: 9245
21 Jul 2016 06:27 PM
Soybeen just ignore this guy, look at his join date he's an 8 year old. Plus a few days ago he said FE was bad and super hackable and made it easier to exploit the game. XD

Aka OP is a total idiot.



Report Abuse
Previous Thread :: Next Thread 
Page 1 of 1
 
 
ROBLOX Forum » Game Creation and Development » Scripters
   
 
   
  • About Us
  • Jobs
  • Blog
  • Parents
  • Help
  • Terms
  • Privacy

©2017 Roblox Corporation. Roblox, the Roblox logo, Robux, Bloxy, and Powering Imagination are among our registered and unregistered trademarks in the U.S. and other countries.



Progress
Starting Roblox...
Connecting to Players...
R R

Roblox is now loading. Get ready to play!

R R

You're moments away from getting into the game!

Click here for help

Check Remember my choice and click Launch Application in the dialog box above to join games faster in the future!

Gameplay sponsored by:
Loading 0% - Starting game...
Get more with Builders Club! Join Builders Club
Choose Your Avatar
I have an account
generic image