FleetyPix
|
  |
| Joined: 14 Jan 2017 |
| Total Posts: 45 |
|
|
| 06 Oct 2017 11:12 PM |
When making a remote event without a psscode you are endangering your entire game. This is why exploiters can manipulate the server that is filtering enabled. Exploiters use remote events that YOU created to manipulate the server.
NOTE : Filtering Enabled doesn't affect exploiters firing a remote event
The only way to avoid exploiters from abusing your remote event is to create a pscode, Like this:
game.Workspace.GetMoney.OnServerEvent:connect(function(player, psscode, money) if psscode == "asdfgh" then player.leaderstats.Money.Value = player.leaderstats.Money.Value+money else player:Kick("stop exploiting :D") end end) |
|
|
| Report Abuse |
|
|
chimmihc
|
  |
| Joined: 01 Sep 2014 |
| Total Posts: 17143 |
|
| |
|
gryphunk2
|
  |
| Joined: 04 Mar 2013 |
| Total Posts: 10872 |
|
|
| 06 Oct 2017 11:20 PM |
no the script won't exist on the server and the server wont even receive the message
|
|
|
| Report Abuse |
|
|
FleetyPix
|
  |
| Joined: 14 Jan 2017 |
| Total Posts: 45 |
|
|
| 06 Oct 2017 11:22 PM |
| Are you guys nuts, exploiters can inject lua or lua c code in a game server using their little programs |
|
|
| Report Abuse |
|
|
gryphunk2
|
  |
| Joined: 04 Mar 2013 |
| Total Posts: 10872 |
|
|
| 06 Oct 2017 11:24 PM |
no they can't youd literally have to hack into roblox's servers to inject scripts on the server side not even rc7 can do that
|
|
|
| Report Abuse |
|
|
FleetyPix
|
  |
| Joined: 14 Jan 2017 |
| Total Posts: 45 |
|
|
| 06 Oct 2017 11:28 PM |
dude LOCAL bro LOCAL
Do you even know how Remote Events work?
Remote Events are used to connect a Server Side Script and a Local Script together
Local Script: game.ReplicatedStorage.Event:FireServer()
Server Sided Script: game.ReplicatedStorage.Event.OnServerEvent |
|
|
| Report Abuse |
|
|
FleetyPix
|
  |
| Joined: 14 Jan 2017 |
| Total Posts: 45 |
|
|
| 06 Oct 2017 11:30 PM |
When players inject code in to the game and is Filtering Enabled The server will treat it as a Local not Server Sided That means the code has the power to fire a server event |
|
|
| Report Abuse |
|
|
| |
|
|
| 06 Oct 2017 11:32 PM |
| Exploiters can see any arguments you pass to a RemoteEvent when you fire it. This is useless. |
|
|
| Report Abuse |
|
|
FleetyPix
|
  |
| Joined: 14 Jan 2017 |
| Total Posts: 45 |
|
|
| 06 Oct 2017 11:34 PM |
BRUH UR USING AN IF STATEMENT THE SERVER WONT RETURN THE VALUE YOU NEED TO TYPE BUT THEY WILL JUST RETURN THE CLASS |
|
|
| Report Abuse |
|
|
|
| 06 Oct 2017 11:35 PM |
you are wrong and this is a stupid thread you are not funny you are not trolling
you are wasting your time |
|
|
| Report Abuse |
|
|
|
| 06 Oct 2017 11:35 PM |
you can always just make a randomized string that is 128 characters long and if its been used before don't use it again in this server, will prevent them hardcoding it in easily
attempt to index global 'soul' (a nil value) |
|
|
| Report Abuse |
|
|
Beartikal
|
  |
| Joined: 16 Jan 2012 |
| Total Posts: 275 |
|
|
| 06 Oct 2017 11:35 PM |
Yes, what 33123 said. Exploiters can read ANY code in a localscript. Including any "secret" codes. If you make any game and want it to be REALLY secure, just hold ALL STATS on the SERVER.
|
|
|
| Report Abuse |
|
|
WoolHat
|
  |
| Joined: 19 May 2013 |
| Total Posts: 1873 |
|
|
| 06 Oct 2017 11:36 PM |
| *exploiter reading local scripts* "oh, looks like I need to add a ############# string as the third argument for this remote event. there we go" what exactly does this ######## do besides add a 20 second annoyance? |
|
|
| Report Abuse |
|
|
FleetyPix
|
  |
| Joined: 14 Jan 2017 |
| Total Posts: 45 |
|
|
| 06 Oct 2017 11:38 PM |
Lol bro
Put the OnServerEvent on a Server Sided Script NOT local |
|
|
| Report Abuse |
|
|
FleetyPix
|
  |
| Joined: 14 Jan 2017 |
| Total Posts: 45 |
|
|
| 06 Oct 2017 11:39 PM |
| Btw Exploiters can't read Server Sided Script only Local Script |
|
|
| Report Abuse |
|
|
Laedere
|
  |
| Joined: 17 Jun 2013 |
| Total Posts: 23601 |
|
|
| 06 Oct 2017 11:39 PM |
So what happens when the exploiter looks at the arguments sent in the localscript? This doesn't work.
|
|
|
| Report Abuse |
|
|
|
| 06 Oct 2017 11:40 PM |
| That "randomized" string will be determined by a function that can would be stored in a localscript, which can be viewed from the client. |
|
|
| Report Abuse |
|
|
FleetyPix
|
  |
| Joined: 14 Jan 2017 |
| Total Posts: 45 |
|
|
| 06 Oct 2017 11:41 PM |
I MEAN NO THE EXPLOITER CAN'T READ BOTH LOCAL AND SERVER SIDED BECAUSE
WHEN I TRIED EXPLOTING IN A explorer script. I SAW THE LOCAL SCRIPT BUT I CANT READ THE CODE |
|
|
| Report Abuse |
|
|
|
| 06 Oct 2017 11:42 PM |
He means opposed to
game.ReplicatedStorage['ThisRemoteEventHandlesMoneyIncrease']:FireServer(50000000)
doing
game.ReplicatedStorage['ThisRemoteEventHandlesMoneyIncrease']:FireServer('security',500)
it would prevent some exploiters but not if they have a script to view the arguments fired. |
|
|
| Report Abuse |
|
|
Laedere
|
  |
| Joined: 17 Jun 2013 |
| Total Posts: 23601 |
|
|
| 06 Oct 2017 11:42 PM |
"THE EXPLOITER CAN'T READ BOTH LOCAL AND SERVER SIDED"
actually they can read localscripts and modulescripts
|
|
|
| Report Abuse |
|
|
FleetyPix
|
  |
| Joined: 14 Jan 2017 |
| Total Posts: 45 |
|
|
| 06 Oct 2017 11:43 PM |
| Did you read the last one? :D I tried exploiting with an explorer script but I can't read the damn code |
|
|
| Report Abuse |
|
|
FleetyPix
|
  |
| Joined: 14 Jan 2017 |
| Total Posts: 45 |
|
|
| 06 Oct 2017 11:44 PM |
Only Server Sided Script can view the Source property of a local script A Local Script can't do anything with another local script |
|
|
| Report Abuse |
|
|
Laedere
|
  |
| Joined: 17 Jun 2013 |
| Total Posts: 23601 |
|
|
| 06 Oct 2017 11:49 PM |
publish this to a place with a random code and i'll prove to you that it doesnt work
|
|
|
| Report Abuse |
|
|
FleetyPix
|
  |
| Joined: 14 Jan 2017 |
| Total Posts: 45 |
|
|
| 06 Oct 2017 11:52 PM |
btw to shut u up read this scriptinghelpers (.) org/questions/10293/how-do-i-view-a-scripts-source-code |
|
|
| Report Abuse |
|
|