|
| 14 Sep 2011 08:56 PM |
I never actually have tried my hand at exploiting, so I really know nothing of how the know roblox exploits work
Hax0rs: Can they keep scripts from running, or do they just patch them? If they patch them, can they just overwrite the running thread? If say I run a script and make its parent nil, can they still access them? Can they change server side scripts?
What else can they do that I have left out (in general)? @popinman What can you do with your program (I wont use the name so that way no one starts using it because of this thread)?
Sorry for all the questions, but I got bored and wanted to try my hand at making a working anti exploit script. I already know how to ban them even after their player is removed, but if they can even do half of what I asked above, it will be a pain to make something work effectively. |
|
|
| Report Abuse |
|
|
mew9O3
|
  |
| Joined: 10 Jun 2011 |
| Total Posts: 179 |
|
|
| 14 Sep 2011 08:57 PM |
no
I'll quit foruming forever at 3:50 AM tomorrow morning, KK? --Did math :) |
|
|
| Report Abuse |
|
|
| |
|
mew9O3
|
  |
| Joined: 10 Jun 2011 |
| Total Posts: 179 |
|
|
| 14 Sep 2011 09:07 PM |
| idk, i just like saying no, much shorter than yes :3 |
|
|
| Report Abuse |
|
|
swmaniac
|
  |
| Joined: 28 Jun 2008 |
| Total Posts: 15773 |
|
|
| 14 Sep 2011 09:07 PM |
The way I understand it, exploiters can do the following:
Get a read-only copy of the server's memory. Write to and read their own client's memory (including adding their own scripts or localscripts), they can also run their own scripts/localscripts at any security context they please, so just putting your script in the CoreGui or some other locked instance will not help.
What you can do to make your place difficult to exploit:
Do not permit scripts to be added mid-game (not always possible). Store vital data on the server, with multiple hidden backup locations. Obfuscate your code with luac.exe (get it from the Lua website, NOT anywhere else).
Ultimately, the responsibility to block exploit programs is Roblox's. They need to stop trusting the client with so much. It IS possible however to take measures against exploiting. |
|
|
| Report Abuse |
|
|
mew9O3
|
  |
| Joined: 10 Jun 2011 |
| Total Posts: 179 |
|
|
| 14 Sep 2011 09:07 PM |
oh noes MY SIGGY BROKE
< nuttin here D: > |
|
|
| Report Abuse |
|
|
|
| 14 Sep 2011 09:08 PM |
| And I like saying "biotic" because it's shorter than "shotgun" |
|
|
| Report Abuse |
|
|
mew9O3
|
  |
| Joined: 10 Jun 2011 |
| Total Posts: 179 |
|
|
| 14 Sep 2011 09:09 PM |
| and i like saying "mew903" because its shorter than "TheCrapacitor" |
|
|
| Report Abuse |
|
|
|
| 14 Sep 2011 09:11 PM |
| ^ fail. It's not "TheC-apacitor" it's "TheF-pacitor" fool. |
|
|
| Report Abuse |
|
|
mew9O3
|
  |
| Joined: 10 Jun 2011 |
| Total Posts: 179 |
|
| |
|
mew9O3
|
  |
| Joined: 10 Jun 2011 |
| Total Posts: 179 |
|
| |
|
blocco
|
  |
| Joined: 14 Aug 2008 |
| Total Posts: 29474 |
|
| |
|
|
| 14 Sep 2011 10:07 PM |
| hmm, seems like it will be easier than I thought... except for popinmans program, I am fairly certain that can do a bit more than I would like... |
|
|
| Report Abuse |
|
|
|
| 14 Sep 2011 10:13 PM |
"Mew, what would you know?"
"idk"
whaaaaaaaaa |
|
|
| Report Abuse |
|
|
|
| 14 Sep 2011 10:17 PM |
by the way, is it possible to remove scripts that are parented to nil? I have it set to a
script.Parent = nil script.Disabled = true while true do --loop goes here end
so that way it runs like an anonymous coroutine except it doesnt end when the script gets disabled or removed |
|
|
| Report Abuse |
|
|
|
| 14 Sep 2011 10:26 PM |
| "Get a read-only copy of the server's memory" Is that active memory like running scripts or entire memory like objects, names string values, etc... even if those are :remove()'d from the game and not parented to nil? |
|
|
| Report Abuse |
|
|
dap300
|
  |
| Joined: 23 Nov 2009 |
| Total Posts: 4738 |
|
|
| 15 Sep 2011 07:50 AM |
| BTW, Popin's studio allow hard-coded exploits. |
|
|
| Report Abuse |
|
|
swmaniac
|
  |
| Joined: 28 Jun 2008 |
| Total Posts: 15773 |
|
|
| 15 Sep 2011 04:36 PM |
@Donny
To my knowledge that is ALL running memory, including scripts parented to nil as long as the garbage collection hasn't deleted it yet. |
|
|
| Report Abuse |
|
|
belial52
|
  |
| Joined: 10 Oct 2009 |
| Total Posts: 8074 |
|
| |
|