All about exploits #1 - Filtering Enabled Vulnerabilities
Vložit
- čas přidán 17. 08. 2023
- Links:
Intro song made by:
/ gibberish
Join The Cursors Roblox group:
www.roblox.com/groups/7103305...
Discord server:
/ discord
#roblox #robloxdev #robloxhack #anticheat #programming #gamedev - Hry
cant wait for part 2, ill have my notify on for that! fantastic tutorial and i think you had a smart use of visual elements because it kept me very engaged, good luck on anything you do in the future!
gotta put those graphics for those ADHD kids
I've recently started working on a game that has almost 1000 players at any time, this of course was a new experience for me and was struggling to fend off the huge amount of exploiters storming at the game. Each time I patched an exploit one of them would just find a fix and share it to the others. It eventually got so bad that exploits were being made to crash servers, we had to pay them to find out how they were doing it. You have been of great help to help me fend of these zombies.
Exploiters can do many things, such as repeating/firing events that either are supposed to happen (example : You reload a weapon, sending an event to the server to change your ammo data) once or twice, and is not supposed to be tampered with by the user of the client or device. Exploiters can also Replicate their own lag, basically making it so that the sever takes 1 second to send info from you or you to the server, as in artificial ping.
I wouldnt really call fps unlocker exploiting... Because then half of the obby community are exploiters.
all of the things you said depend on a game's programming, so I won't talk about them for now.
My game doesnt has those flaws because I dont trust the client with anything except inputs.
@@ozymandeez What do you mean FPS Unlocker?
@@ozymandeez Any program injecting into the roblox process is automatically an exploit. Thus making half the obby community "exploiters", altrough unintentionally unlike malicious exploiters.
By that definition, a simple overlay such as MSI/RivaTuner would be classified as an exploit. That is not the case. @@wedoalittletrolling723
Thanks for the video, almost no other video on youtube actually properly explains FilteringEnabled and how exploiters bypass it.
dang bro you pumping out so much content thats dedication congrats 👏
Hey man, awesome video! Keep up the good work, you're super underrated!
Amazing video! You really explained stuff, and now Roblox makes so much sense now. Thank you! :)
Bro i love your videos. I always wanted to know how do exploits work in roblox. Gotta love the simple and useful videos you do! Keep up the good job my guy!
honestly, this helped a lot
Thanks for teaching something that I didn't know
New Sub and I liked :D
Great video, you always fail to disappoint!
My brain stopped working twice while reading that.
Dude that intro was cool as heck eith awesome transitions
it has been years since I've seen someone use an intro, I was surprised to see one, it looks so good!
Yeah i miss the yt era with intros
@@CopperCogStudioepic tpot intro btw
I believe this is important and you should've brought it up!
Exploiters can only play Animations made by Roblox or the game's creator (which could also be tied to a group)!
Exploiters can only play malicious animations for themselves using joints and tweens! (Unless of course you have a backdoor from a free model)
Theres was way to use animations without needing to be from creator.
@@SomeDudeCauseYes That still exists but its only on client.
Before its was Cframe animation
Oh hell ye, as a dev I always wondered how most exploits work, like definitely not just how I'd imagen it goes about.
Great work.
Love the intro man
Will you discuss remote events next video?
Really nice video, keep up the good work
Holy shit that intro is so good!
Nice, a deeper dive into this with things like remotes and such would be cool
They're essentially the same thing. Client sends a signal to the server, the server trusts the signal is legit and then it'll replicate whatever is happening to the other clients.
@@r50142 I know, im not talking about the basic stuff
keep growing my pal
nice new intro, also great vid!
Veery interesting, I'd love to hear you talk about actions occurring on the client but not the server next
The issue with this is that a client can do anything with the data in its world state so there's not really a point on talking about that.
Really well made video
another great vid bro
This video helped stop my intrusive thoughts from unplugging my grand auntie’s life support since she would not give me her cranberry pie recipe 😭
WHAT THE FUCK
really well explained ! i love your content, really simple and straight to the point
Loved the video!!! As an exploiter i understood everything so easily, It would be great if you would talk about rejectcharacterdeleting being added on roblox meaning you cant do cool tricks with your hats anymore
Damn so you ruin fun for other people?
@@kristopher3623 nah i dont use scripts like autofarms and those shit and even if i do i use it in vip servers, i mostly use like hat scripts to look cool and paid hubs for that
@@kristopher3623 why assume ruin fun? 99% are just to do cool stuff or ignore boring parts of a game
@@fitmotheyap I agree, there are some people (Decaying winter exploiters) Who can make the game more fun, but sometimes it's just not fun, specially in pvp focused games.
whyd i get recommened this i dont even know what the title means, great vid anyways
I was thinking about making my own server-sided anti-cheat, that can patch alot of exploits, thanks this video helps alot.
LOVE THE INTRO MAN
Bro almost hit 3k rn good job 👍
That's a very informative video for beginners, you compressed the details nicely and made it understandable!
WAIT THATS THE TPOT INTRO
RRRRAAHHHHH I LOVE BFDI
I already knew all of this but it still was interesting to watch
I already know this, but that is also enjoyable!
congrats on hitt
ing 3k bro
Bro FE era exploiting was crazy, exploiters could do ANYTHING they wanted to the game, like yes exactly the what ur thinking about rn, and that traumatized a bunch of kids for life so compared to current roblox alot of stuff were toned down
I can tell you're a skid. It's not FE. FE is what stoped people from controlling games.
i think you mean the pre-FE era that was before roblox starting giving trust in only the players movements. people could just do anything they want since the server just trusted the client
My friend was forced to give head on Roblox super hero tycoon 💀💀
@@leogaitsgorypiano8870 why did they even trust client, it's not even a peer-to-peer game there was still a game server yet roblox thought it would be genius to fully trust the client and have any value the client changes be blindly accepted by server.
@@wedoalittletrolling723 cause roblox was small at the time and they didn't know what to do about exploiters, eventually they figured it out
5:46 I need to learn how to do that
I'm struggling to understand why other players can't see my building parts
This video helps a lot for my exploits
holy sh(wahwahwah) you are underrated
that intro goes hard tho
You used the tpot intro very well
Underrated 🙏
DANG THE TPOT INTRO HITS HARD
Wow please do more of this I want to learn how to prevent these things
great intro inspired by the power of two!
Oh bro you really helped me a lot to know how replication works so i can secure my game better.
Best 7 minute of my life
because you're a skid
soo underated :( + 1 sub and like!
Most of the properties that are replicated to the server are (most of the time) meant for developers. For example, you can get sprinting with just one (local) script by setting the humanoid's walkspeed, kill the player when they are outside a shadow almost instantly by modifying the humanoid's health, and double jumping. Double jumping especially wouldn't be as easy if the state wasn't replicated, as you'd have to use forces such as AssemblyLinearVelocity or ApplyImpulse. The only thing you _should_ worry about is players firing events, such as buying an unobtainable item.
haha i love the tpot reference!!!
i was definitely there, surely, probably, maybe, and seemingly.
Absolute W vid
what an epic intro
You could (maybe) fix the invincibility thing (the deletion of the humanoid) by making the game kick you if it doesnt detect a humanoid in the player model.
You can't because of Reject Character Deletions, because of that the humanoid will get deleted only on the client, if you disable it you will have a huge vulnerability to hat scripts (which are patched)
Thanks for this video now I know how to use dark dex I’m very bad at LUA
you should cover sanity checks next
very useful for beginner exploiters
there are also raknet exploits, which let you disable any physics packets replicating from your client to the server.
raknet is just fancy word for networking aka: Disabling some replication to server
nice job i didn't expect this to blow up as i expected ALSO IS THE BAD BUSIENSS FURRY GOIGN OT BE A BOSS
I like the new intro 👍
its just the TPOT intro what is a anmited film (on youtube edit)
The tpot intro was pretty cool I guess
"marvel has the best transitions"
This dude:
I'm damn sure the reason why death on client replicates to server IS DUE TO RESET CHARACTER. You indeed need an local script to turn it on/off...reset char gui is local, as well as leave
Thanks for this information I can now make my own exploi-
wow! nice intro
On another note, floormaterial no longer replicates from client to server. Youc an use that to make a flight anticheat
Real men dont use anticheats, we use server authoritative movement.
in part 2 please say the difference between hacking and exploiting exploiting is changing your client and hacking is hacking into a game and doing whatever you want (or just hacking in general)
Intro must have a reference
Cool vid
amazing intro
bro has a whole anime intro
now cover the topic of remote vulnerabilities, getrenv, getgc, changing modules, breaking data stores by executing remotes with arguments such as "\255" etc
this is specific to a game's programming so i wont cover it for now.
@@CopperCogStudio btw, for now you can cancel this because currently, uwp roblox has byfron sooo
0:35 Ayo that’s the tpot intro
Thank you roblox
Now I waste like 4 weeks patching this things in my game!
cheat engine times were the good old times of real exploiting
yoo is that the tpot intro music in your intro
Yes
bro +2k in 13 days 🔥
I like this
since i know:
the intro music is tpot gibberish
You talk like chills
So technically we are playing alone, but it just seems as we are playing with others?
thats facts bro
bfdi: the power of two intro lol
0:20
Sounds very familiar, WAIT THATS THE TPOT INTR-
There are 2 types of people who watch this video: exploiters and people looking to prevent them
people who make explots already know all this stuff, its not hidden info or anything. Most people who use exploits are just script kiddies who have no idea how the stuff works anyway, they just push button on the GUI
me whos both:
my face when new cc video:
Nice intro
Roblox Studio: Why??
If the Server replicates anything that is happening within the client ( character model ) 5:03 does that mean when i move a part into my character will it automatically replicate onto the server? So if i move a part into my character and then delete it it will replicate onto server?
GOOD VIDEO
What about reject character deletions ? 4:55
As a former exploiter, this is a very informative video.
fr same
U know how to make ur script too? :D I can
@@stvr3slol
sick ass intro
btw characters cant delete their client parts anymore
The intro looks like the tpot intro
it is!
Ayy tpot intro
TPOT intro!!
TPOT intro music bro
The accessory scripts were fixed and are no longer exploitable (i mean i'm pretty sure)
remember me when your famous
Good 7 minute video