I'm a seasoned software engineer just picking up Roblox, I'm apalled by the amount of exploits that even something as simple as a game about picking up apples can have. Thanks for explaining these concepts in such a clear and structured way. I'm saving this video for future reference and I have subbed to your channel.
Wow! Very well explained and very educational. Im an advanced scripter, and all anti cheat tutorials on RUclips are normally not the best, efficient. This video teaches anti cheat in a more uplevel and acceptable way.
You actually have no idea how much your teaching. I have been scripting on ROBLOX Studio for a while just a habit and small projects but didn’t know everything is so vulnerable! I will know all of this for my future projects
your channel is REALLY underrated. Simple, enjoyable tutorial that goes over everything we need to know about roblox anti-exploit. Good job! btw you sound like Tom Scott
This video for some reason was enjoyable to watch and learning at the same time without having to skip through the video, and just sit through the whole video in the most simplest ways on how you can prevent this kind of stuff. Very informative video, I'd give that a 10/10 for this explanation.
Tbh I clicked on this video thinking I knew everything about anti-exploits and didn't expect to learn anything, but some of this stuff I didn't even knew could be exploited, ty very good video
Hey man I want to say thank you for your videos bro. I been going through hard stuff mainly on the summer break.. mainly because at school I did not have many friends to hangout with.. I am a shy person who barely made friends with anyone. When I was 13 I wanted to program so I could make my parents proud and to be successful despite my hard times in life when having no one really there for me a long the way of my dreams. I want to thank you for your tutorials. Every one of them, because you have given me knowledge that has been able to reach me and everyone else closer to there dreams. I thank you, my friend. Thank you so much.
When I was first learning how to script, I was in a discord server having troubles. Someone suggested to watch your videos and ever since I've loved them
Gotta say your content has been some of the best stuff related to Roblox Studio I've seen in a long time! great to see you keep going with it, Love the channel, Keep it up! :D
great vid liked and subbed. one of the things discouraging me from being a roblox dev is my ability (or lack thereof) to counter exploiters so thank u for this vid
Thanks for the sub and try to not be discouraged the same problems are there for developing anything that sends data over the network even when you make a website and you have PHP that takes input from a textbox you have to do checks on the server side to make sure that the text being sent from the client is valid data. If you do fail just pick your self up learn from your mistakes and try again. I wish you the best of luck on all your projects and thanks again for liking and subbing
Thank you so much! Even tho i've been scripting for almost 2 or even more years,i found this video really helpful since i've never did any anti cheats but i already have a good game with unprotected remote events. You've motivated me and gave me an idea of how i should protect the remote events correctly and taught me new things. Thank you so much!!
These videos are seriously amazing; it's hard to find any learning resources that go as in-depth as you do. Btw, would it be appropriate to kick the player off the server if they are suspected of exploiting except in cases when there might be a false positive?
you can but like you said the problem is false positives another option is to set there characters network owner to nil as a punishment for like 5 minutes
1. Check 2 touching or colliding parts position difference in magnitude is less than certain distance. 2. SetNetworkOwner(nil) for all character body parts and all descendent parts in the workspace. 3. Check previous position and current position, divide their difference in magnitude by difference in time or delta time, then check this speed with max speed allowed. 4. With debounce, repeated touching events are convergent to 1. 😁
I wish ROBLOX would hire you to write the wiki and do a video vlog. Should genuinely make a paid video log of teachings because this is master classes of gold and I’d buy them and follow them all.
Another trick to try and catch hackers is to add fake remote events that might appeal to the hacker. The only way to fire the remote event is if a hacker added a script that can fire it. If the remote event does get fired, then the game can punish the hacker.
This might work but they could check your LocalScripts to see that the events are never used but it's possible they won't check your LocalScripts but don't forget that If you ban them they could make a alternative account and they would not fire that event again on there secondary account
We can also insert a fixed vector3 Value check inside of the player's Torso to track down it's position, if any of x,y,z gets too far in half a second then it automatically kicks the player. Note: also add an boolvalue to the player's torso saying it just teleported to a new location, so that if it gets teleported, the script detects the boolean, sets to false and allows that specific teleport to occur!
Be careful with the order scripts run make sure the vector3 checker runs first also be careful as a hacker can also check when the boolvalue is true and quickly teleport to a different location in that moment
This is a very useful tutorial and setting the network owner of the hrp to nil seems very useful in stopping some movement hacks and I'll probably use it quite a bit
Thanks A lot For this Amazing video . that's a lot of extra work for a game that have only apples and coins I can't and don't want to imagine How many Security Checks will big games need or even games outside roblox It's a bit sad, but knowing the truth is better than not knowing it at all. Thanks again.
I think there is still one problem with this Anti-Hack method which is: suppose there at time t = 0, the player's position is 0, and suppose there is an apple located at 1000 studs, theoretically, suppose if a player's time taken to travel distance is minimum 10 seconds according to it's speed of 100 studs per second. so the player can wait 20 seconds and can teleport to the 1000 studs. and that anti hack will check and will get the speed of 1000/20, which is half of the max speed. Since this is about the average speed where overall speed is calculated whether player has stopped in between or not. Another solution is the check the speed in a loop, that way we don't have to save player's position, but that introduces another server load, if there are many players and server has to do a lot of tasks beside it. So somehow this is an acceptable way. as the hacker has to wait to avoid getting detected by anti hack, for each apple. So this is great.
Correct if an exploiter stands afk and does not interact with anything in its area that updates the antihack then they can teleport but then at this point the exploiter has kinda lost its advantage you could think of the character as just decorative but if you really wanted to you can have a loop on the server that keeps updating the antihack but I personally feel that just updating the antihack for any kind of interaction is good enough it's really down to the style of game your making if your making a hyper competitive game then you most likely want a loop but if your making a more casual game then you should be ok without looping So this means if a player interacts with something at position 0, 0, 0 and waits 20 second without interacting with anything then they can teleport and interact with something at 0,0,320 if there max allowed speed is 16 because [16 speed] * [20 seconds] = [320 studs] but a normal player that is not hacking can also walk from 0,0,0 to 0,0,320 in 20 seconds so there is no extra advantage only difference is one teleported where the other walked but both take the same time to get there
Ok so I started learning scripting 2 months ago and I will save this video because I saw that type of hack (the one where the players tp to the apple ), in another game called blox fruits, where the hacker would tp to the player and kill it. So obviously I want to make a really big game in the future, inspired by souls games. And I'm sure that this video will help me a lot to prevent exploiters. Thanks for helping the community
As a Game Developer and having experience with the Roblox Studio Engine i could say they have NetworkOwnerShip of the player and they can teleport the player to the part and they would achieve the same thing ! And i think they can even teleport thier legs to the orb or remove the PrimaryPart of thier character and teleport thier HRP not quite sure
I think that we must check if the apple actually exists on the server instead of checking if the apple part has a Parrent. In the setup from the Video the Hacker can create a fictional apple and just send it to the server if I’m not wrong.
Hi suphi i know this video is 2 years old but I've been watching alot of your videos as they've helped me alot, so thank you for making these. I wanted to ask, if you were to secure clickdetectors in workspace, how would you go about it? Specifically what kind of checks you would put in place, outside of the magnitude checks you demonstrated in your video with the anti-cheat. Appreciate any help!
@@5uphi no offense but Why is that typing so So . . . . So .... Odd Like There is no sound There is no pause And it stays at a consistent speed How It looks unhuman ? Edit: nice vid tho
Wow! Very well explained and very educational. Im an advanced scripter, and all anti cheat tutorials on RUclips are normally not the best, efficient. This video teaches anti cheat in a more uplevel and acceptable way. (Copied)
So I do have a question on making the part ownership on the server, Wouldn't this bring down the server in performance alot if you have a really big game and it all has to deal with physics? almost like lumber tycoon but thats not on the server. if so do I need to just take the risk of giving players ownership of this situation? or should I really keep pushing for the server?
Yes setting network ownership to nil will make the server do all the physics calculation so you have a few options one option is instead of setting the ownership to nil you can do a distance check from the original spawn location and when the player tries to pickup the apple if the apple is far away from the original spawn location you can not accept the pickup another option is you can make every client spawn a apple on there own computer and then the client will send a event saying that they picked up the apple and you will only accept the pickup if there standing close to the spawn location
Also it's possible to use the antihack module on normal parts so let's say you have a car in your game that is owned by a player you could set the car with the antihack module to keep track of the cars position
Well it's impossible to stop someone from seeing your localscripts but anything you put in serverscriptservice and serverstorage will not be sent to the client so make sure all your important scripts are inside serverscriptservice and serverstorage
Can you stop EVERY type of exploit that could be helpful to the hacker in the game,or is there always gonna be one or more things that you just cant script to stop hackers from accessing it
the best you can do is only accept key inputs from the client and nothing else but that does not mean the exploiter cant use AI to press the keys for them
So I've been trying to use the Infinite terrain plugin, but whenever I use it, only a tiny slice of land is generated and it only makes more when I spam the generate button, and doing that just makes a ribcage design and doesn't even fill in everything. Do you possibly know how to solve this? Edit: So I just found out it only happens when I add a model. Do you know why that is? Edit but again: I named the model after the part, not the model, it's fixed.
If the plugin can't find the model it will fail to load the chunk so make sure the model has the correct name and is at the correct location good job working it out
I just make my games fully server side and if I half to use client I just use wait loops so even if you used scripts to fire events it would still have the wait time just as if you would hit the button normally
At the end of the day the server has no power over the client to force them to do something locally on there computer or stop them from doing something so this technically means using localscripts and having something run on the client side is not giving any extra power to a exploiter they never already had The 2 mains areas where exploiters can gain access to the server is Remote events/functions and network ownership
Does not automatically mean your game is safe for instance if your raycasting from the players character that is not safe because the client has network ownership of there character allowing them to position there character anywhere and allowing them to control the origin and direction of the ray
Well yes they just have to wait depending on the max speed you set so if you set a speed of 16 they will have to move the same speed normal none hacking players are moving so while this don't not prevent them from going afk it does stop them from collecting 10000s of apples in 1 second
Yes they should be able to send all types of events touch events, click events, touch interest so make sure you do all your checks in all events that are sent from clients
Probably not a good video to comment on but, when models spawn with your infinite terrain plugin, they are invisible, despite having no transparency and existing in the foulder.
This could be a few things 1) the models are not anchored and have collision turned off so there falling through the terrain 2) there pivot point is not set correctly and there spawning under the terrain 3) the models LevelOfDetail value is not set to Automatic
I ended up lowering the volume which helped immensely. I apologize for my sensitive ears. Your videos are really helpful for intermediate scripters. Thank you so much for posting all of your content! :D. @@5uphi I do have a question though, with all of the content you post on youtube, have you made a game with any of your knowledge?
Exploiters can do anything that they want locally but some things replicate back to the server check out this video ruclips.net/video/Ng1uYpFcpOA/видео.html
OMG you are so good. Now I understand how some hackers can summon Blox Fruits and teleport coins to them easily. Why Roblox has this big loophole anyway?
This is not Roblox's fault all multiplayer games have this problem it's the job of the developer to make sure that they design there game so its not hackable sometimes you have to sacrifice features or sometimes you can think of very cool ways to get a feature you want while making it not hackable
*[* *Read More* *]* ROBLOX doesn't have an anticheat ( *For now atleast, Byfron Anti-Cheat going to go brrr* ), but every now then they try to patch the client to stop executors ( *Executors, Script Executors, Or whatever you would like to call them, Inject dll(s) and execute luau code. they are often called exploits.* ) from attaching ( *another word for injecing* ). Byfron is going to detect executors installed on your device, when they attach to ROBLOX, and in-game too. Edit: NaN means Not a Number which occurs when a mathmatical statement or problem is impossible, wrong, whatever it's not specific to lua or luau only but in all programing languages in general.
Byfron? Ym the thing sw bypassed in about a week? Hmm alr also uwp platform exists ig which bypasses it completely. But srs rip the 11 million roblox spent (atleast for now)
wouldent hackers be able to change these values though, if so would adding an if check in the script to make sure the attributes values are what they use to be?
I'm not sure if my question is silly (it probably is since I'm a script illiterate), but how are hackers able to know what your scripts and localscripts have written on them? Do they just send many localscripts in the hopes that something works?
Hackers are able to read and modify localscripts the same way you can modify webpages HTML/JavaScript etc... Because it runs locally on there computer Checkouts my replication video to learn more
@@5uphithey can still fly around then they have this script about Dex that removes anti cheat but don't trust the client always use server side script
if you want to provide proof id be happy to look at it in discord but at this current time I believe that all the information provided in this video is 100% correct
Its a way a exploiter can detour a method to call a custom function but you don't need to worry about that all you need to know is that all localscripts that run on the clients local computer can be changed to do what ever they like so we can not trust any information sent from the client to the server
Some exploits work for all games for instance if they have a fly exploit it will work with all games that don't have a anti fly but if your not worried about it then you don't need a anti cheat I also don't use anti cheats sometimes
The things I cover in this video can not be cracked but other things like flying that are not covered in this video can obviously be exploited, hopefully this video is the starting point to help you continue making scripts to stop hackers in your game
@@5uphi I can also explain better how exploits works, I am good exploiter and helping devs making anti-cheats, and making anti-cheat for my self, also it's easy to do autofarm on your game
but there is no way to bypass the code shown in the video no mater what the exploiter does they can not collect a apple until the server gives them permission to
I'm a seasoned software engineer just picking up Roblox, I'm apalled by the amount of exploits that even something as simple as a game about picking up apples can have. Thanks for explaining these concepts in such a clear and structured way. I'm saving this video for future reference and I have subbed to your channel.
i have hate in my heart for exploiters, now i have to actually server-client communication safe and secure.
Wow! Very well explained and very educational. Im an advanced scripter, and all anti cheat tutorials on RUclips are normally not the best, efficient. This video teaches anti cheat in a more uplevel and acceptable way.
You actually have no idea how much your teaching.
I have been scripting on ROBLOX Studio for a while just a habit and small projects but didn’t know everything is so vulnerable!
I will know all of this for my future projects
It makes me very happy that my video has helped you good luck on your future projects
Welp i cant be hacking no more
your channel is REALLY underrated. Simple, enjoyable tutorial that goes over everything we need to know about roblox anti-exploit. Good job!
btw you sound like Tom Scott
This video for some reason was enjoyable to watch and learning at the same time without having to skip through the video, and just sit through the whole video in the most simplest ways on how you can prevent this kind of stuff. Very informative video, I'd give that a 10/10 for this explanation.
this is AMAZING for beginners to understand what's going on with their games. I'm glad that i learned more about anti exploits
Astonishing! I would recommend my viewers to watch your videos!
Thank you
Tbh I clicked on this video thinking I knew everything about anti-exploits and didn't expect to learn anything, but some of this stuff I didn't even knew could be exploited, ty very good video
Hey man I want to say thank you for your videos bro. I been going through hard stuff mainly on the summer break.. mainly because at school I did not have many friends to hangout with.. I am a shy person who barely made friends with anyone. When I was 13 I wanted to program so I could make my parents proud and to be successful despite my hard times in life when having no one really there for me a long the way of my dreams. I want to thank you for your tutorials. Every one of them, because you have given me knowledge that has been able to reach me and everyone else closer to there dreams. I thank you, my friend. Thank you so much.
I'm proud of you for working hard to achieve your dream and wish you the best of luck in your future success
When I was first learning how to script, I was in a discord server having troubles. Someone suggested to watch your videos and ever since I've loved them
Gotta say your content has been some of the best stuff related to Roblox Studio I've seen in a long time! great to see you keep going with it, Love the channel, Keep it up! :D
Thank you :)
im giving this Tutorial a rate of 10/10! I always wanted to make my games more secure and I will definitly be using these method. +sub
Great tutorial! The way you teach everything by explaining the vulnerabilities and trying each edge case on by one is awesome!
great vid liked and subbed. one of the things discouraging me from being a roblox dev is my ability (or lack thereof) to counter exploiters so thank u for this vid
Thanks for the sub and try to not be discouraged the same problems are there for developing anything that sends data over the network even when you make a website and you have PHP that takes input from a textbox you have to do checks on the server side to make sure that the text being sent from the client is valid data.
If you do fail just pick your self up learn from your mistakes and try again.
I wish you the best of luck on all your projects and thanks again for liking and subbing
Thank you so much! Even tho i've been scripting for almost 2 or even more years,i found this video really helpful since i've never did any anti cheats but i already have a good game with unprotected remote events. You've motivated me and gave me an idea of how i should protect the remote events correctly and taught me new things. Thank you so much!!
These videos are seriously amazing; it's hard to find any learning resources that go as in-depth as you do. Btw, would it be appropriate to kick the player off the server if they are suspected of exploiting except in cases when there might be a false positive?
you can but like you said the problem is false positives another option is to set there characters network owner to nil as a punishment for like 5 minutes
So well explained and demonstrated. I’ll be sure to recommend you to anyone who asks for a good tutorial channel.
This was really well made and informative, thank you!
1. Check 2 touching or colliding parts position difference in magnitude is less than certain distance.
2. SetNetworkOwner(nil) for all character body parts and all descendent parts in the workspace.
3. Check previous position and current position, divide their difference in magnitude by difference in time or delta time, then check this speed with max speed allowed.
4. With debounce, repeated touching events are convergent to 1.
😁
Chatgpt?
the hackers have come for our apples. is anything safe? are our children next? what has the world come to...
Sad times
I wish ROBLOX would hire you to write the wiki and do a video vlog. Should genuinely make a paid video log of teachings because this is master classes of gold and I’d buy them and follow them all.
I did not know all of this… Thank you for taking the time to make this video.
No problem I'm happy you found it helpful
This is a very informative and cool video,and it has just 294 likes... shame guys, shame.
Another trick to try and catch hackers is to add fake remote events that might appeal to the hacker. The only way to fire the remote event is if a hacker added a script that can fire it. If the remote event does get fired, then the game can punish the hacker.
This might work but they could check your LocalScripts to see that the events are never used but it's possible they won't check your LocalScripts but don't forget that If you ban them they could make a alternative account and they would not fire that event again on there secondary account
We can also insert a fixed vector3 Value check inside of the player's Torso to track down it's position, if any of x,y,z gets too far in half a second then it automatically kicks the player.
Note: also add an boolvalue to the player's torso saying it just teleported to a new location, so that if it gets teleported, the script detects the boolean, sets to false and allows that specific teleport to occur!
Be careful with the order scripts run make sure the vector3 checker runs first also be careful as a hacker can also check when the boolvalue is true and quickly teleport to a different location in that moment
This is a very useful tutorial and setting the network owner of the hrp to nil seems very useful in stopping some movement hacks and I'll probably use it quite a bit
Thanks A lot For this Amazing video .
that's a lot of extra work for a game that have only apples and coins
I can't and don't want to imagine How many Security Checks will big games need or even games outside roblox
It's a bit sad, but knowing the truth is better than not knowing it at all.
Thanks again.
uzukee needs to watch this
Nice video btw
Thank you
I think there is still one problem with this Anti-Hack method which is:
suppose there at time t = 0, the player's position is 0, and suppose there is an apple located at 1000 studs, theoretically, suppose if a player's time taken to travel distance is minimum 10 seconds according to it's speed of 100 studs per second.
so the player can wait 20 seconds and can teleport to the 1000 studs. and that anti hack will check and will get the speed of 1000/20, which is half of the max speed.
Since this is about the average speed where overall speed is calculated whether player has stopped in between or not.
Another solution is the check the speed in a loop, that way we don't have to save player's position, but that introduces another server load, if there are many players and server has to do a lot of tasks beside it.
So somehow this is an acceptable way. as the hacker has to wait to avoid getting detected by anti hack, for each apple. So this is great.
Correct if an exploiter stands afk and does not interact with anything in its area that updates the antihack then they can teleport but then at this point the exploiter has kinda lost its advantage you could think of the character as just decorative but if you really wanted to you can have a loop on the server that keeps updating the antihack but I personally feel that just updating the antihack for any kind of interaction is good enough it's really down to the style of game your making if your making a hyper competitive game then you most likely want a loop but if your making a more casual game then you should be ok without looping
So this means if a player interacts with something at position 0, 0, 0 and waits 20 second without interacting with anything then they can teleport and interact with something at 0,0,320 if there max allowed speed is 16 because [16 speed] * [20 seconds] = [320 studs] but a normal player that is not hacking can also walk from 0,0,0 to 0,0,320 in 20 seconds so there is no extra advantage only difference is one teleported where the other walked but both take the same time to get there
Great video! Greetings from Brazil!
Ok so I started learning scripting 2 months ago and I will save this video because I saw that type of hack (the one where the players tp to the apple ), in another game called blox fruits, where the hacker would tp to the player and kill it. So obviously I want to make a really big game in the future, inspired by souls games. And I'm sure that this video will help me a lot to prevent exploiters. Thanks for helping the community
Are you speeding up footage when you type the code? Or do you have a program that does it?
I use autohotkey
As a Game Developer and having experience with the Roblox Studio Engine i could say they have NetworkOwnerShip of the player and they can teleport the player to the part and they would achieve the same thing !
And i think they can even teleport thier legs to the orb or remove the PrimaryPart of thier character and teleport thier HRP not quite sure
I think that we must check if the apple actually exists on the server instead of checking if the apple part has a Parrent. In the setup from the Video the Hacker can create a fictional apple and just send it to the server if I’m not wrong.
If the client creates a instance and sends it to the server the server will see it as nil because that instance does not exist on the server
good video but the background piiii sound is killing me 😭
I now have a new microphone so my newer videos have better audio quality
@@5uphi ye i watched ur new vids too, but theres no new one of this one hehe
Can you do a video about function environments (getfenv() & setfenv())?
When a Exploiter fires a Remote Event Illegally the Exploiter gets kicked how to make that?
player:Kick()
Nice bro !
Bro this is masterpiece
Thank you
Hi suphi i know this video is 2 years old but I've been watching alot of your videos as they've helped me alot, so thank you for making these.
I wanted to ask, if you were to secure clickdetectors in workspace, how would you go about it? Specifically what kind of checks you would put in place, outside of the magnitude checks you demonstrated in your video with the anti-cheat. Appreciate any help!
Magnitude check with the antihack is most likely the main one other things kinda are based on what your game is doing with the click
@@5uphi no offense but
Why is that typing so
So . . . .
So ....
Odd
Like
There is no sound
There is no pause
And it stays at a consistent speed
How
It looks unhuman ?
Edit: nice vid tho
Very intesting, now i can really secure my game from hacker !
Wow! Very well explained and very educational. Im an advanced scripter, and all anti cheat tutorials on RUclips are normally not the best, efficient. This video teaches anti cheat in a more uplevel and acceptable way.
(Copied)
thank you so much! i would subscribe 100 times if i could
So I do have a question on making the part ownership on the server, Wouldn't this bring down the server in performance alot if you have a really big game and it all has to deal with physics? almost like lumber tycoon but thats not on the server. if so do I need to just take the risk of giving players ownership of this situation? or should I really keep pushing for the server?
Yes setting network ownership to nil will make the server do all the physics calculation so you have a few options one option is instead of setting the ownership to nil you can do a distance check from the original spawn location and when the player tries to pickup the apple if the apple is far away from the original spawn location you can not accept the pickup another option is you can make every client spawn a apple on there own computer and then the client will send a event saying that they picked up the apple and you will only accept the pickup if there standing close to the spawn location
Also it's possible to use the antihack module on normal parts so let's say you have a car in your game that is owned by a player you could set the car with the antihack module to keep track of the cars position
I really hope roblox releases its anti cheat to all games soon
Patch synapse like deepwoken did. I’d kill to know how that was done and instantly implement it 😂
synapse?
Synapse?
Synapse is a uh type of hack that steals the scripts/stuff inside the game,
I think thats what it is
Well it's impossible to stop someone from seeing your localscripts but anything you put in serverscriptservice and serverstorage will not be sent to the client so make sure all your important scripts are inside serverscriptservice and serverstorage
Can you make another version?
Can you stop EVERY type of exploit that could be helpful to the hacker in the game,or is there always gonna be one or more things that you just cant script to stop hackers from accessing it
the best you can do is only accept key inputs from the client and nothing else but that does not mean the exploiter cant use AI to press the keys for them
22:01 How are you typing while moving your mouse? o_0
Subscribe to learn the way of the master my child
@@5uphi i already have, show me your ways master
thank you helped me how to bypass anti exploits
So I've been trying to use the Infinite terrain plugin, but whenever I use it, only a tiny slice of land is generated and it only makes more when I spam the generate button, and doing that just makes a ribcage design and doesn't even fill in everything. Do you possibly know how to solve this? Edit: So I just found out it only happens when I add a model. Do you know why that is? Edit but again: I named the model after the part, not the model, it's fixed.
If the plugin can't find the model it will fail to load the chunk so make sure the model has the correct name and is at the correct location good job working it out
Even me, the least person who knows scripts, understands this video!
I just make my games fully server side and if I half to use client I just use wait loops so even if you used scripts to fire events it would still have the wait time just as if you would hit the button normally
At the end of the day the server has no power over the client to force them to do something locally on there computer or stop them from doing something so this technically means using localscripts and having something run on the client side is not giving any extra power to a exploiter they never already had
The 2 mains areas where exploiters can gain access to the server is
Remote events/functions and network ownership
@@5uphi i get what your saying but what if your game fully runs on server scripts?
Does not automatically mean your game is safe for instance if your raycasting from the players character that is not safe because the client has network ownership of there character allowing them to position there character anywhere and allowing them to control the origin and direction of the ray
well they can use tweenservice to tp to the apples
Well yes they just have to wait depending on the max speed you set so if you set a speed of 16 they will have to move the same speed normal none hacking players are moving so while this don't not prevent them from going afk it does stop them from collecting 10000s of apples in 1 second
@@5uphi True! can they fire touch interest
Yes they should be able to send all types of events touch events, click events, touch interest so make sure you do all your checks in all events that are sent from clients
People come here to learn how to stop hackers, I come here to learn how to become one. 😎
(⌐⊙_⊙)
Fr bro taught me other methods to abuse in games without good anti-cheat/protection, also I already have other methods to get the apples.
Dont, exploiting is scummy behavior and can ruin other players experiences.
Probably not a good video to comment on but, when models spawn with your infinite terrain plugin, they are invisible, despite having no transparency and existing in the foulder.
This could be a few things
1) the models are not anchored and have collision turned off so there falling through the terrain
2) there pivot point is not set correctly and there spawning under the terrain
3) the models LevelOfDetail value is not set to Automatic
@@5uphi Ooh a real response :0
It worked thanks!
There's a high pitched ringing at the start of the video. It kind of hurts my ears even though I want to watch this :(
Sorry about that I recently updated my mic but for this video I was not using a good mic try watching the video with different speakers it might help
I ended up lowering the volume which helped immensely. I apologize for my sensitive ears. Your videos are really helpful for intermediate scripters. Thank you so much for posting all of your content! :D. @@5uphi
I do have a question though, with all of the content you post on youtube, have you made a game with any of your knowledge?
I have a game called RO-DRONE and I'll be starting my second game after the summer
I'll be looking forward to it!!@@5uphi
are these all the ways a game like this could be exploited or just a handful or most common examples?
Exploiters can do anything that they want locally but some things replicate back to the server check out this video ruclips.net/video/Ng1uYpFcpOA/видео.html
An amazing video
Thank you
never trust the client, do sanity checks
Yup
Subscribed
:)
why is nan in my apples?🤣🤣
Thanks now i know how to evade this.
No problem
Have fun evading Byfron 🤣
@@bigfoothunter8080 I already stopped making hack scripts for roblox a few months ago sadly
great vid
I hope rip indra sees this 😢😢
may i ask what is the "~=" purpose of? im confused a little bit.
value -= 1 is the same as value = value - 1 it's just a shorter way to write that
@@5uphi they said "~=" not "-=".
"value ~= 1" is the same as "value not 1". its just a shorter way to type it.
Thx❤
No problem 😊
Is it possible that Adonis anti exploit can kick these exploiters reliably?
I think Adonis anti exploit is a virus I would not trust it
OMG you are so good. Now I understand how some hackers can summon Blox Fruits and teleport coins to them easily. Why Roblox has this big loophole anyway?
This is not Roblox's fault all multiplayer games have this problem it's the job of the developer to make sure that they design there game so its not hackable sometimes you have to sacrifice features or sometimes you can think of very cool ways to get a feature you want while making it not hackable
If i execute scripts in local scripts in roblox studio to test out my game, will byfron detect it?
no
amazing
When you started scripting?
I started scripting for roblox around 2019 but IV been programming for a long time before Roblox
@@5uphi ohh cool
I was told they can see stuff in serverstorage and serverscript service
50% of what others say is false so make sure you get evidence before accepting other people's claims
you are unironically helping hackers lol
I'm happy to help anyone who wants to learn
@@5uphi well yeah that knowledge will probably be put too good use sometime else
@@bandi10xx31This will help developers more than hackers
we have to show this video to Badimo
couldn't you just set network owner to nil anytime suspicious activity is detected
yes you could
Smile of happiness 😊😊😊😊
😊
is there a way so if you click on a gui it shows you a gui where you can execute code
If you press F9 and press server there you will be able to execute code you can also use the command bar
@@5uphi ok but i want it to act like the command bar but in an actual game
Press F9 and click server in a actual game
*[* *Read More* *]* ROBLOX doesn't have an anticheat ( *For now atleast, Byfron Anti-Cheat going to go brrr* ), but every now then they try to patch the client to stop executors ( *Executors, Script Executors, Or whatever you would like to call them, Inject dll(s) and execute luau code. they are often called exploits.* ) from attaching ( *another word for injecing* ). Byfron is going to detect executors installed on your device, when they attach to ROBLOX, and in-game too.
Edit: NaN means Not a Number which occurs when a mathmatical statement or problem is impossible, wrong, whatever
it's not specific to lua or luau only but in all programing languages in general.
Byfron? Ym the thing sw bypassed in about a week? Hmm alr also uwp platform exists ig which bypasses it completely. But srs rip the 11 million roblox spent (atleast for now)
But yes roblox does try to patch some executors in updates and sometimes having it trigger unexpected client behaviour
@@nopfp416 yes, what does "sw" mean though?
debug library: hi
Good luck stoping harkinian and unverified lol
Blox fruit should o it who deal with me
a quick question but how do you hack games :skull:
by hacking games
I was half expecting another queaky 12 year old making the tutorial like always lol
they can bypass it
Would you mind explaining why?
wouldent hackers be able to change these values though, if so would adding an if check in the script to make sure the attributes values are what they use to be?
Checkout my replication video it might help you ruclips.net/video/Ng1uYpFcpOA/видео.html
@@5uphisorry for late reply - ok thanks!
Apple debt!
I'm not sure if my question is silly (it probably is since I'm a script illiterate), but how are hackers able to know what your scripts and localscripts have written on them? Do they just send many localscripts in the hopes that something works?
Hackers are able to read and modify localscripts the same way you can modify webpages HTML/JavaScript etc...
Because it runs locally on there computer
Checkouts my replication video to learn more
noice
asynkwale korporacja hacking roblox!!!!
Ben de kendimi scrpiter sanıyordum.
real
fo sho
my eyes hurt by how you print, you can make newline by adding
where you want it to go to new line then type stuff as usual
I looked at your code but its still bypassable
Would you like to explain
@@5uphithey can still fly around then they have this script about Dex that removes anti cheat but don't trust the client always use server side script
Well in the video we did not cover flying
The anti cheat we made in the video is server sided so cannot be removed by the client
@@5uphi they can still spoof the speed and the player will go fast without detection
And how would spoofing their speed allow them to collect apples any quicker?
nooo L rizz
this is all bypassed with metahook...
if you want to provide proof id be happy to look at it in discord but at this current time I believe that all the information provided in this video is 100% correct
what's metahook?
Its a way a exploiter can detour a method to call a custom function but you don't need to worry about that all you need to know is that all localscripts that run on the clients local computer can be changed to do what ever they like so we can not trust any information sent from the client to the server
Some exploits work for all games for instance if they have a fly exploit it will work with all games that don't have a anti fly but if your not worried about it then you don't need a anti cheat I also don't use anti cheats sometimes
@@5uphi Okay
No way 🙅♂️ 🤦♂️ bruh this is dukb😢
We live in a society
Hey you cant stop any hacker in this anti cheat still some hacker can crack your anti cheat
The things I cover in this video can not be cracked but other things like flying that are not covered in this video can obviously be exploited, hopefully this video is the starting point to help you continue making scripts to stop hackers in your game
Im exploiter, you'renfunny, one metahookfunction and i can bypass most of your anti cheat
Would you like to message me on discord and explain how?
I'm an exploiter; you're funny. One metahookfunction and I can bypass most of your anti-cheat.*
@@5uphi I can also explain better how exploits works, I am good exploiter and helping devs making anti-cheats, and making anti-cheat for my self, also it's easy to do autofarm on your game
I'm always in discord if you want to chat
you just leaked a code lol exploiters can make an anti cheat bypass
It can not be bypassed
it can
How?
it is because exploiters know the vulnerability of the anti cheat because he showed the code
but there is no way to bypass the code shown in the video no mater what the exploiter does they can not collect a apple until the server gives them permission to