generic image
Processing...
  • Games
  • Catalog
  • Develop
  • Robux
  • Search in Players
  • Search in Games
  • Search in Catalog
  • Search in Groups
  • Search in Library
  • Log In
  • Sign Up
  • Games
  • Catalog
  • Develop
  • Robux
   
ROBLOX Forum » Game Creation and Development » Scripters
Home Search
 

Re: Worst Case Scenario Exploiter

Previous Thread :: Next Thread 
mattscy is online. mattscy
Joined: 06 May 2011
Total Posts: 1079
09 Oct 2017 03:34 AM
What are the best exploiters able to influence in your game with FilteringEnabled? For example, are any exploiters able to read your scripts, or fire server to client remote events and functions? Are they able to see arguments passed between scripts and module scripts? How much damage can a skilled exploiter do?
Report Abuse
yin_yang is not online. yin_yang
Joined: 24 Feb 2016
Total Posts: 537
09 Oct 2017 03:37 AM
There have been cases where an exploiter was able to fetch every RF/RE's and their arguments. Heck, they even made their code open-sourced.

But you won't ever have to worry about a thing if you know what you're doing.
Report Abuse
GodShowsTheWay is not online. GodShowsTheWay
Joined: 27 Oct 2014
Total Posts: 7180
09 Oct 2017 03:42 AM
Not much they can do as long as you don't make your Remotes do anything powerful.


Report Abuse
LotsOfViolence is not online. LotsOfViolence
Joined: 29 Jun 2011
Total Posts: 8375
09 Oct 2017 03:49 AM
1. Yes they can view all arguments passed via remote events / functions. At one point they were even able to spoof returns (Not sure if they can still do this)

2. They can read all code of scripts on the client.

3. They can require module scripts.

So yeah, they have a lot of power.
Report Abuse
mattscy is online. mattscy
Joined: 06 May 2011
Total Posts: 1079
09 Oct 2017 03:52 AM
Hold up, they can read your code? Is there any way to stop this?


Report Abuse
LotsOfViolence is not online. LotsOfViolence
Joined: 29 Jun 2011
Total Posts: 8375
09 Oct 2017 03:54 AM
@mattscy

"Hold up, they can read your code? Is there any way to stop this?"

I don't think so. Unless you obfuscate your code, but even then that doesn't guarantee anything.

The general rule is that if you put anything on the client, automatically assume the client can read it / abuse it.
Report Abuse
mattscy is online. mattscy
Joined: 06 May 2011
Total Posts: 1079
09 Oct 2017 04:02 AM
Are they by any chance also able to get the exact tick() at the server's starting time? And are they able to read the values of local variables at different times within the local script?


Report Abuse
LotsOfViolence is not online. LotsOfViolence
Joined: 29 Jun 2011
Total Posts: 8375
09 Oct 2017 04:03 AM
" Are they by any chance also able to get the exact tick() at the server's starting time? And are they able to read the values of local variables at different times within the local script?"

"Are they by any chance also able to get the exact tick() at the server's starting time"

I don't think so, but I don't really know.

"read the values of local variables at different times within the local script?""

They can view script source of local scripts, but I don't really know what this means.

That's why when people say "oh just make the client generate a code to send as an argument to the server" It's useless and does not work.
Report Abuse
mattscy is online. mattscy
Joined: 06 May 2011
Total Posts: 1079
09 Oct 2017 04:06 AM
Ok thanks heaps, I'll keep this all in mind.


Report Abuse
mattscy is online. mattscy
Joined: 06 May 2011
Total Posts: 1079
09 Oct 2017 06:11 AM
Actually, does anyone know what "viewing the script source" exactly means, and if they are able to see the values of local variables at different times?
Report Abuse
GodShowsTheWay is not online. GodShowsTheWay
Joined: 27 Oct 2014
Total Posts: 7180
09 Oct 2017 08:56 AM
it means they are able to see the code inside the script


Report Abuse
RBX_Lua is online. RBX_Lua
Joined: 23 Nov 2010
Total Posts: 627
09 Oct 2017 09:27 AM
In my opionion the biggest threat is their ability to move their character. An exploiter can move their character at will including teleportation and you'll have to manually detect that.

They can also pass arguments and read/change all variables you store locally.
Report Abuse
JarodOfOrbiter is not online. JarodOfOrbiter
Joined: 17 Feb 2011
Total Posts: 20029
09 Oct 2017 09:30 AM
"Unless you obfuscate your code, but even then that doesn't guarantee anything."
Unless you're a master genius, obfuscation won't do anything anymore due to everything being stored in Roblox's bytecode now.


Report Abuse
LotsOfViolence is not online. LotsOfViolence
Joined: 29 Jun 2011
Total Posts: 8375
09 Oct 2017 10:44 AM
@Jarod

/pSYkMKXg

paste

I think that's the most successful obfuscator on ROBLOX tbh.
Report Abuse
Previous Thread :: Next Thread 
Page 1 of 1
 
 
ROBLOX Forum » Game Creation and Development » Scripters
   
 
   
  • About Us
  • Jobs
  • Blog
  • Parents
  • Help
  • Terms
  • Privacy

©2017 Roblox Corporation. Roblox, the Roblox logo, Robux, Bloxy, and Powering Imagination are among our registered and unregistered trademarks in the U.S. and other countries.



Progress
Starting Roblox...
Connecting to Players...
R R

Roblox is now loading. Get ready to play!

R R

You're moments away from getting into the game!

Click here for help

Check Remember my choice and click Launch Application in the dialog box above to join games faster in the future!

Gameplay sponsored by:
Loading 0% - Starting game...
Get more with Builders Club! Join Builders Club
Choose Your Avatar
I have an account
generic image