generic image
Processing...
  • Games
  • Catalog
  • Develop
  • Robux
  • Search in Players
  • Search in Games
  • Search in Catalog
  • Search in Groups
  • Search in Library
  • Log In
  • Sign Up
  • Games
  • Catalog
  • Develop
  • Robux
   
ROBLOX Forum » Game Creation and Development » Scripters
Home Search
 

Someone is using a script reader to exploit my game to death

Previous Thread :: Next Thread 
DylanBuildar is not online. DylanBuildar
Joined: 14 Jun 2008
Total Posts: 20782
08 Jul 2017 08:52 PM
I have FE, and I have secured my events, but unfortunately it seems it doesn't matter because someone is using something to check keys inside my security scripts which I'm using to try and prevent exploitation of remoteevents/functions.

I don't know what to do anymore, since my game is 30-40 players, servers come down quickly..


Help :(


Report Abuse
DylanBuildar is not online. DylanBuildar
Joined: 14 Jun 2008
Total Posts: 20782
08 Jul 2017 08:56 PM
How do top developers on the front page prevent this? I must be missing something.


Report Abuse
Wrathsong is online. Wrathsong
Joined: 05 Jul 2012
Total Posts: 22393
08 Jul 2017 08:57 PM
"to check keys inside my security scripts which I'm using to try and prevent exploitation of remoteevents/functions."

well they can see all the arguments you pass right


Report Abuse
Inductive is not online. Inductive
Joined: 28 May 2012
Total Posts: 6480
08 Jul 2017 08:57 PM
How broad are your remote events? Are they something like NewObject(player, object) that inserts whatever is sent to it, or are they specific?
Report Abuse
Mr_Crunch is not online. Mr_Crunch
Joined: 16 Jul 2016
Total Posts: 275
08 Jul 2017 09:00 PM
Clients can't access the server regardless, so its most likely the Event being fired. All the exploits out currently have no serversided permissions or execution. Only way to get past that is exploiting your RemoteEvents.
Report Abuse
Inductive is not online. Inductive
Joined: 28 May 2012
Total Posts: 6480
08 Jul 2017 09:07 PM
Alright, so I visited your game, and it seems like you have a RemoteEvent which allows players to alter money directly or allows them to insert something to alter money. If I'm right, you definitely want your Remote Events to be less broad/powerful/whatever.
Report Abuse
DylanBuildar is not online. DylanBuildar
Joined: 14 Jun 2008
Total Posts: 20782
08 Jul 2017 09:20 PM
Suggestion as far as that goes? Not sure what you mean by making them less powerful.


Report Abuse
JiggIypuffs is online. JiggIypuffs
Joined: 04 Feb 2011
Total Posts: 4346
08 Jul 2017 09:22 PM
store stuff in places where the client cant access them

make america great again
Report Abuse
Inductive is not online. Inductive
Joined: 28 May 2012
Total Posts: 6480
08 Jul 2017 09:25 PM
Make it so that the arguments passed from the user are specific. For example, let's say you're making a bullet. You could do this by making a Remote Event that puts a passed object on the server, or you could do this by passing arguments to the event and then having it create the bullet exclusively.

I think that you're doing the former, that is, you have a Remote Event which allows someone to insert whatever they please, so they can insert and object with a script as a child, or something along those lines, and subsequently destroy your game.

That being said, I don't have all of the details, so this is a rough guess.
Report Abuse
bafw is not online. bafw
Joined: 10 Nov 2012
Total Posts: 142
08 Jul 2017 09:32 PM
The best way I find is like, doing this
game.Blahblahblah.RemotEevent.OnServerEvent:connect(function(key, otherstuff)
if key == "GHERSGDKGOWEROGRSKHPESRHLBSFBNAKWERHGOSKSKTMNOSGJKKGTERKKGSROEWRAKGSDKF" Then
--blah blah blah
end
end)


#print("Hello world!")
Report Abuse
SinisterMemories is not online. SinisterMemories
Joined: 21 Mar 2013
Total Posts: 4892
08 Jul 2017 09:35 PM
store them in serverstorage so client can't read or access them


#code print("oh no an errorz!")
Report Abuse
Wrathsong is online. Wrathsong
Joined: 05 Jul 2012
Total Posts: 22393
08 Jul 2017 09:39 PM
@inductive and bafq
they can see all passed arguments


Report Abuse
bafw is not online. bafw
Joined: 10 Nov 2012
Total Posts: 142
08 Jul 2017 09:41 PM

But if you make it longer, it just gets boaring copying every exact letter and number...
And plus if they print the remote event to the client log, you cant read the full thing because it goes off the console.


#print("Hello world!")
Report Abuse
DylanBuildar is not online. DylanBuildar
Joined: 14 Jun 2008
Total Posts: 20782
08 Jul 2017 09:44 PM
That's what I'm doing @ baf- it's not working, btw.


Report Abuse
bafw is not online. bafw
Joined: 10 Nov 2012
Total Posts: 142
08 Jul 2017 09:45 PM
Odd, I guess they might have a decompiler for scripts or something and they can copy it. so basiclly if you have any local scripts they can see em as well as module scripts.


#print("Hello world!")
Report Abuse
Lord_Narwhal is not online. Lord_Narwhal
Joined: 05 May 2012
Total Posts: 3242
08 Jul 2017 09:51 PM
you must be giving the client too much power somewhere without server sided checks


Report Abuse
DylanBuildar is not online. DylanBuildar
Joined: 14 Jun 2008
Total Posts: 20782
08 Jul 2017 11:25 PM
I think I was. I think I fixed it. Haven't seen server shutdowns the past few hours, that or they got bored.


Report Abuse
Inductive is not online. Inductive
Joined: 28 May 2012
Total Posts: 6480
09 Jul 2017 12:48 AM
Wrath, I wasn't saying anything about the key. I was saying that he needs to alter his Remote Events so that even if they are activated when they shouldn't be, they can't do anything game-destroying.
Report Abuse
RedstoneMic is not online. RedstoneMic
Joined: 13 Feb 2016
Total Posts: 25
09 Jul 2017 01:34 AM
Try to have the argument never passed, Like you can call the server with the key but the server will never send the key to you.
Report Abuse
DragonGameYT is not online. DragonGameYT
Joined: 13 Jun 2016
Total Posts: 41
09 Jul 2017 02:05 AM
First there is two level of exploiting.

Normal exploiting Where it it just basic exploiting it is like simple and other that is the most easy to Blocked

Level 7 exploiting
It is a script reader which it is a Premium thing
so it is harder to stop beacuse they are buit to run
pass stops and stuff like that and some one them
read scripts so they can read it and make the game
think o you have that all ready well ok lol

Concussion
You have a level 7 exploiting your game
Ways to stop these
Cheap
Keep coding Until you find a way to stop they exploiting
Not so cheap
Hire a developer to stop the exploring





DragonGameYT Good Luck And Have fun
Report Abuse
Auddacity is online. Auddacity
Joined: 31 May 2009
Total Posts: 428
09 Jul 2017 02:38 AM
if player = hacker then;
player:remove[];


Report Abuse
Apostasla is not online. Apostasla
Joined: 24 Oct 2015
Total Posts: 55
09 Jul 2017 02:46 AM
for i,v in pairs (game.Players:GetChildren()) do
if v.Name == "DylanBuildar" then
v:Kick("ur fat")
end
end

hi dylan

Apostasla, Apostasia#9801
Report Abuse
InfectCode is not online. InfectCode
Joined: 08 Dec 2013
Total Posts: 690
09 Jul 2017 02:49 AM
Try using Scripts as much as you can.


https://www.roblox.com/library/280697715/Weird-Duck
Report Abuse
Inductive is not online. Inductive
Joined: 28 May 2012
Total Posts: 6480
09 Jul 2017 03:05 AM
I'm pretty sure OP is using RemoteEvents where he really shouldn't, in places where no server-client interaction is involved, but just server interaction, which means that the exploiter can just mess with them.

For example, the exploiter placed landmines at everyone's position. That raises the question of why, exactly, there's a RemoteEvent for placing landmines when it requires no player interaction to do so.
Report Abuse
Apostasla is not online. Apostasla
Joined: 24 Oct 2015
Total Posts: 55
09 Jul 2017 03:57 AM
You just gotta go out there and do it Dylan, send me a message over discord or send me a message via roblox and ill tell you how ok

Apostasla, Apostasia#9801
Report Abuse
Previous Thread :: Next Thread 
Page 1 of 2Go to page: [1], 2 Next
 
 
ROBLOX Forum » Game Creation and Development » Scripters
   
 
   
  • About Us
  • Jobs
  • Blog
  • Parents
  • Help
  • Terms
  • Privacy

©2017 Roblox Corporation. Roblox, the Roblox logo, Robux, Bloxy, and Powering Imagination are among our registered and unregistered trademarks in the U.S. and other countries.



Progress
Starting Roblox...
Connecting to Players...
R R

Roblox is now loading. Get ready to play!

R R

You're moments away from getting into the game!

Click here for help

Check Remember my choice and click Launch Application in the dialog box above to join games faster in the future!

Gameplay sponsored by:
Loading 0% - Starting game...
Get more with Builders Club! Join Builders Club
Choose Your Avatar
I have an account
generic image