Exploits Are EASY to Fix, People Are Just Lazy
ฝัง
- เผยแพร่เมื่อ 22 เม.ย. 2024
- the ONLY product i sell:
linktr.ee/ByteBlox
discord: / discord
wondered how to make a main menu in roblox studio? or how to create a shop which has working GUI? ive made lots of 2024 roblox scripting tutorials about all the different bits of roblox to give you some up-to-date information about all of its properties and events.
my goal is to simply give some insight on how to use the various features and instances roblox studio, and show you some fun stuff you can do with them. thanks for checking out this roblox scripting tutorial :) - แนวปฏิบัติและการใช้ชีวิต
get 50% off my course with code "FREAKYBLOX" (2 days left):
linktr.ee/ByteBlox
Hello ByteBlox Im Subbed
Hello byte, could you make a video on beizer curves i think its overlooked in the roblox studio community and also on flipbooks
Could you make a busting tutorial
Could you make a busting tutorial
Could you make a busting tutorial
I have no idea why I clicked on this video
Look at the title bro, "people are just lazy". You're looking for people with the same personality trait as you
Me neither man, haven't touched a script in my life
People are just lazy at click this video💀
The mysterious forces
@@nonproductiveproduction Who hurt you?😭
Longest explanation for a "exploiters can execute local scripts." Ever.
would’ve been useful for stupid me back then to be fair
didnt even explain that being able to manipulate movement so easily is only specific to movement (because roblox doesnt do any base security checks for movement because that would very quickly interfere with ALOT of games), and trying to do the same for anything else is 100x harder unless the developer added a foolish remote function or event
in practice its more like "exploiters can execute local scripts that have more permissions and more power than local scripts themselves"
@@omgdodogamer4759 "because roblox doesnt do any base security checks for movement because that would very quickly interfere with ALOT of games"
Roblox gives devs an option to do it, the only game i saw having balls to enable it is Bedwars in rare cases
yea no shit because most people dont understand it
Exploits isn't always as straight forward to prevent as you might think. There might be cases where a combination of multiple things causes something unexpected to happen, which will allow the exploiter in question to manipulate something in a certain way. And especially, if you're a small team of developers, finding all of these edge cases is really difficult. You prevent what you can see usually, and what you have time for. Keep in mind that players expect updates almost weekly, so finding the potential weakpoints of your game and patching it, while also releasing new content isn't really that realistic.
That being said, sanitizing and rate limiting remotes is something that should always be done. Prevent the obvious, but don't spend too much time looking for and fixing very small issues.
Is there such thing as hiring white-hat hackers/exploiters to find bypasses/holes in anticheats, or is that against TOS?
Players expect updates weekly?
@@awesomesauce-kg9xn if players expect updates weekly then I'm a millionaire
@@awesomesauce-kg9xn not always big games, but, he meant weekly cuz this is practically the norm for updates, especially for rblx devs' games. tho, half a month or a month - too, but potential games are oriented towards weekly updates, that leaves plrs inspired and entertained for such games.
@@oranglikes an update a week is insane
ah yes
lets have thousands of events go off for every object to stop the most basic form of noclipping
Yes 😈
@@byteblox100 i would love to see your server memory implementing a system like this on a semi sizable game with a few players.
I feel like people arent lazy, its just some SOME game have such complicated fighting/ability systems that code that prevents them from exploiting would interfere with the ability/fighting code.
Games can put a boolean statement that exempts the player from anticheat given a period of time
@@TheLordircan’t exploiters find a way to abuse that then? Also, wouldn’t it have to exempt you from it before you do the action?
@@TheLordirlook at stuff like deepwoken and rogue lineage, they have anticheat but people always come up with new cheats to break through it, you can never make a full proof anti cheat
Like, even billion dollar companies like valve don't have full proof anticheat for CSGO, what makes you think some random dude on Roblox is gonna be able to do it?
i must inform to you that the information you have provided is false, say this, if i were to run a script that makes all parts inside the game untouchable, it will make it so the part attached to the player to not have touch either, and with that said, the best way to do it is, make a system that detects if the players humanoid root part and head and torso get detected if it goes inside a part, and if it does it teleports the player back where they were 2 seconds ago, and even if they have no collide or smth like turned off touch it will still work if you make a script / local script / module script thats not apart of the part, but as a system that detects the player inside a wall without it
@@hyperbroli6672 honestly, valve isn’t the best analogy because they literally just couldn’t care less at the moment lol
How to solve exploits like big games:
Step 1: give them $100k worth of ingame items
Step 2: Enjoy
step 3: go bankrupt
@@h1mm779 step 4: burn plushies
fastest way tho xd
"If your game has a exploit, shame on yourself." - EXPLOITS AREN'T ALWAYS "EASY" TO FIX.
it's ragebait.
@@disrecededor an opinion who knows
Especially in games like blox fruits. For example: Try teaching system to figure out who's teleporting with in game ability and who's doing the same thing with hacks.
And that's the easiest example....
i think he means more like the really basic ones like flying noclipping btools, etc
A small note. EVERYTHING to do with the character is managed by the client. The server does zero validation. So, on the client, you can just... set your position anywhere. And the server accepts it. All character physics are on the client.
he should’ve also explained network ownership.
This is the missing detail that was glossed over. I feel like he knew and could have talked about it for a more rigorous explanation.
@@MeanSoybean Byteblox doesn't really seem to understand this.
@@discussions. isn't it called physics ownership?
If you're not doing a whole lot with characters, Chickynoid might be something to consider. Its drawbacks might make it hard to integrate into an existing project, though.
Congrats! You (poorly) patched one of many ways to noclip.
make the hitbox tween and it fixes pretty much almost every noclip
@@alexskorpik11play79 You dont know shit about exploits LMFAO just shut up fr
@@alexskorpik11play79 thats awfully expensive for the server to compute. and you still have all kinds of other exploits to patch.
Why don’t you make your own version instead of hating :)
@@OvisArries If you have a decent knowledge about scripting on roblox, you would know that this method is very inefficient and unscalable.
Left ear: Hkmori - Anybody can find love but you
Right ear: byteblox 2x speed
deccelerated learning
the hkmori cancels out any knowledge learned from byteblox
@@Anarqism what knowledge?
As someone who used to make exploits myself, the "patch" you made is completely garbage.. you can literally counter your patch with one or two lines of code. Developers are not lazy, sometimes they just choose not to interfere with the player's experience in the sense that your anti exploit could falsely flag a normal player.
0:00 - 5:21 Explanation Of Exploiting
5:21 - 11:00 Telling You How To Fix Exploits
Correction: Telling you how to "fix" exploits, but not really telling you how to fix exploits.
Byteblox ragebait is insane 😭😂
What ragebait?
@@Hamdidittoogoogle it
ur mom
Piece of media purposely meant to piss people off and gain interaction due to them being pissed off @@Hamdidittoo
Ur dad
the cool part about this is that your forgetting that its ROBLOX devs, not passionate devs, ROBLOX devs.
bro forgot about firing remotes, hook functions, deleting client scripts, spoofing/metatables, exploiting is unpreventable on a bigger scale game, only roblox can fix it.
Remotes is up to the dev to fix not roblox, roblox can't do anything about that
@@fitmotheyap not how it works, remote could still be manipulated through hook function, changing parameter values, constants, and upvalues, nothing can be done about it, even game with the best anti cheats like bedwars, can’t even prevent it, roblox already made a pushing step with there exploit detection, significantly reducing exploiters recently, byfron
@@fitmotheyapbypassing checks is as simple as using spoofers to pretend nothing has changed on client, metatables, and now AI program such as external AI aimbot
@@fitmotheyapfor ex: instead of increasing a player speed by humanoid.walkspeed, you can just teleport the player slightly forward based on CFrame and this value could be adjusted to increase speed and completely bypass walkspeed check
@@glyoit1506 You realize that a remote event should only be a trigger, not a activation method.
For example if I have a 3d button in the workspace that gives money, and I want the player to only get money when he clicks the button (which has a cooldown), I'd use a clientside remote event to tell the server that the player pressed the button. I could calculate the distance the player is from said 3d button to accept or reject the request for the button press, as well as its cooldown which would be server calculated. Server checks can exist for remote events, so the fact that local scripts from exploiters can fire remote events is not an excuse for an unstoppable hack. For changing constants, the server should always have serverside copies of money and check it for every purchase.
the easiest way to prevent exploits is to tell your players to not use exploits trust it works everytime
byteblox: its so easy to fix it people are just lazy
also byteblox: not doing allat
3:50 The shadow💀💀💀
What is wrong with it
Oh yes, It has happened again
thats wild
@@Nigjaslayer9000the shape…
how the hell did you find that
I've been a exploit/script developer for 8 years since the nofiltering era, and I'm just going to say this is extremely easy to bypass that it's not even funny. Scripts will obviously be intended for non-generalized use, such as specific pin-points. No actual script will be this easy. For instance, if you have a local script that contains gun functions and it calls the local player's camera, instead, I can use metamethod __index to return the wrong class type which would then create an error in the server script itself removing the anticheat completely, this has been done on multiple occasions on many games. Exploits are not easy to fix, all you did was spend 11 minutes trying to patch a 1 line script that can be re-bypassed with again, just 1 line.
you can also remove your character completely then re-call it on the client, and add in the humanoidrootpart (server) after classifying network ownership (if not taken by another exploiter), create a new model type, add it in as local player's character, teleport the humanoidrootpart (local) through the part, delete local humanoidrootpart, and then clone character (server) and add the server-sided humanoidrootpart back inside the local character to make it a serversided character, this is exactly how serversided fake VR worked back in 2021
It's not as simple as you think. Yes, that is a way to detect cheats, but it can also be incorrect. Many games use client-only aspects, and it is harder to differ between what should be different on the client and what shouldn't. If you have a barrier that players shouldn't be able to go through, this is indeed a way to detect and prevent exploiters from going through it, but it won't be as simple for client sided creations. An example, is a game I am working on, which allows a player to fly around in outer space. The flight system I made for that is almost fully client-sided, and it would be more difficult than this for me to detect the difference between an exploiter's flight system, and my flight system, or to detect if an exploiter edited a value or my game did it. Tbh, Idk who would ever even need flight exploits in a flight game. A better solution to a potentially flawed anti-exploit system that may detect innocents, or people who affected by a roblox bug, would be to instead implement a report system, along with action, chat and movement logging. In many cases, a human-mod system will be better than an auto-mod system as long as the humans are not corrupted or bad. Roblox's overall mod system is an example of a bad mod system, filled with corrupt/lazy human mods and poorly designed AI mods.
ByteBlox, i must inform to you that the information you have provided is false, say this, if i were to run a script that makes all parts inside the game untouchable, it will make it so the part attached to the player to not have touch either, and another thing the expolit can do is just delete the entire part connected to them, and with that said, the best way to do it is, make a system that detects if the players humanoid root part and head and torso get detected if it goes inside a part, and if it does it teleports the player back where they were 2 seconds ago, and even if they have no collide or smth like turned off touch it will still work if you make a script / local script / module script thats not apart of the part, but as a system that detects the player inside a wall without it
The best way is to make a regular scripts in this case, exploiters can disable local and module scripts on the client entirely
That is indeed a great way but the reason games dont do that is having alot of checks for different parts and for each and every player starts to slow down the game a huge amount
That’s probably true. I just suggested the hitbox as a quick potential fix, but the better way to do it would likely just be to fire raycasts and check player position
thing is players can still make a script to automatically teleport them back since movement is left unchecked by roblox's anticheat
The best anticheat is detecting client guis or smth like that and banning them.
Kinda like adinos admin but better and not bypassable.
It will ban Arceus x and codex users quite easily, but experienced exploiters can still bypass them.
bro spent like 9 minutes explaining local scripts couldve been shortened, but appreciate the effort ur videos helps me sometimes with other stuff
Ong he just yaps about the basics for like half the videos always and he acts like most his viewers are noobs
@@BennydoesstuffYT I think that is the point. He is explaining is a way that even complete beginners can understand.
@@Sol_Aureus
The problem is he doesnt even do that well. Oh, sure, he talked about a "fix" for this problem, but the fix itself is pretty easy to work around and he didnt even show how to implement. The only thing he explained was that things changed on the players client arent directly applied to the server.
Exploiting or Hacking at all is impossible to stop. The hackers/exploiters will win then the game devs/anticheat devs and then it will loop around like that. That's why Roblox paid Synapse to help them instead of keep patching what Roblox tried to do.
explaining how the server knows you're exploiting movement actually helped me understand how i couldnt move for a hot minute in shard seekers, thanks for telling me that man :)
Many roblox games already have similar feature actually, if only exploits were that easy to fix right..
GameDevs saying exploits or bugs can't be fixed, I find scary.
Like, do you think a Bank would jut be like, yeah that exploits there, nothing we can do abt it, your money is gone.. or you well you do have infinite money now i guess.
NO, afaik and experienced it myself, almost ALL gamedevs aren't trained in classical computer science or software engineering. And lack ANY understanding of memory or how the computer works.
(They are script kiddies that grew up)
So almost everything has knock-on effects and unintended side-effects you can't decipher.
No wonder weird things happen, if you don't control your event flow, but just have things be affected by other stuff.
Even debugging this becomes impossible.
That's why NOTHING in the real world is architected like a video game.
Especially online games are such a horrid mess.
ANY self-proclaimed webdeveloper would do a better job of securing game servers.
So people can't just execute arbitrary commands on the server, or tell the server they got infinite money now, etc.
This is just fucking insane what is happening in most games, not just Roblox, that's Indie titles on Steam, even big ones from EA, (APEX Legends people can spawn AI clones of themselves and execute batshit insane scripts on the game servers... nothing's secured).
People should fucking stick to single player games, if they don't know sh*t.
And IF, then fucking hire actual knowledgable people, instead of getting worse performance than a SAS startups website and api.
Whats funny is if you’re owned by server, it pretty much fixes a lot of stuff from this. The issue is no one does this because of the huge input delay you get. Note the part you attach could work, but make sure it doesnt make your movement be limited to what the part allows you to, and make sure it’s owned by the server.
You could have the player on the server consist of a humanoidrootpart only that is invisible and just render the other stuff by creating them locally on each client and then predict the movement of the client-side character
Yeah the input delay is crazy even on 80 ping
@@fitmotheyap it's even noticable in studio with 0 ping
prob because when studio play solo ran both client and server on same thread, having the server own your own character was possible and still not affect input delay but after they made studio client accurate to the real client and seperated the client and server to run on their own seperate threads, you will notice input delays even if you didn't increase fake replication lag
I don't see Roblox adding server-authoritive characters anytime soon so just add checks to the server, but also trusting the client isn't all bad and it mostly depends on the game.
Rocket League is fully server-sided, but it uses prediction to fix the input delay, Roblox could do the same, calculate server-side, compare with client, if there are big differences between server and client, interpolate to what the server calculated
@@EricPlayZ132 I will straight up say I hate rocket league's way of doing it, played it once and got hella teleported(when I used to not have a good ISP), there is no better system for it in the first place so sure but in the case of roblox I think staying client side is wise, at least 10-20% of the playerbase plays on mobile more specifically phones and tablets and even more play on a bad internet, I have experienced both being on mobile and bad internet, not an issue these days but that's only for me, SA still has no servers and resorts to using NA or even EU, asia roblox has major internet problems during rush hour already and this wouldn't help, US is the only region where they actually have good internet and servers everywhere but a large amount of the population gets throttled daily and another large amount live in not so well connected areas, EU would be by far the least and most affected, europe has servers in every rich country exception being poland having one, but even as of now the average ping hovers around 100 because roblox is roblox, I feel like roblox has to fix connection issues first, furthermore they still have NOT fixed error code 277 which is becoming more of an issue every month, swapping ISPs is not a good solution when they can fix their backend instead
Also, I hate to mention it again EU servers are horrible, 100 ping EU while around 200 ping US, US seems to have no problems and ping is as expected, EU hovering around 100 makes hella no sense when other games have servers farther away with 50 ping or less
TL;DR
This is a bad idea cus
EU servers have major problems that won't be fixed ever it seems
US has way too many people behind greedy ISPs and many others not living in populated areas
SA has no servers
Asia has major issues during rush hour
The only problem with this solution is that when I want a specific player to be able to walk through a part and no one else, I set the collision to off for that client. If I put that fix, this won't work and and I'd have to use collision groups, which is annoying...
It's al fun and games until someone exploits their way into making the custom player hitbox untouchable.
ce desync :)
It actually is, the player can change anything inside their character, so if you were to delete that hitbox (assuming it’s located inside the player character, you CAN delete the hitbox to bypass basically everything.
You could also just tp around the part avoiding the detection :P, which is a very common thing/option/script thats on mostly all clients for roblox.
Fair exploits are easy to fix but there are always alot of exploits and most people forget alot of them and alot of them can interfere with the game alot, theres a glitch where if theres a thin part infront of a thick part you can clip through it easy fix. but even more bugs come from that. its less that there lazy I would say and more unsure of all of them because there are alot of exploits that aren't in this video and will never be able to be put in one video unless extreme dedication to every glitch its more something you've gotta get use to.
and small glitches can be over looked as long as they don't interfere with your gameplay then it should all be fine. And yes most of the time updates will come and people will just find more and more which is very normal.
I see alot of your videos get backlash from ignorant titles. Such as your prints are useless video that you took down, which there 100% not very useful.
i will stick what works for majoryity of games which is prediction rather than running 12 checks per seconds
Byte the thing is exploiters are actually more difficult to prevent than you think, pretty much impossible. for the system you thought of they can just delete the part that is attached to them and it wont effect it anymore or for doing something like checks for when the player is inside an object they shouldnt be it will slow the game down for each object or each player you have. then players can also do other exploits that can manipulate their own health or other peoples health they can give themself immortality by giving themself a forcefield or change their location.
THE PART ISNT WELDED TO THEM
@@alexskorpik11play79 then how would you keep the part to them as if you’re using code it’ll slow down the server a huge amount.
giving urself a forefield wont give u godmode
@@Desyncingg giving a player force field makes it so they’re incapable of taking damage with the humanoid:takedamage() function but either way they’re still able to manipulate their max health
@@GrimBeConfused dude. its not gonna slow the server by any amount. its legit also easy to do. and by the way, you're so wrong about humanoid modifications. All they can do to the humanoid is change walkspeed,jump height, platform stand, jump , sit. Im not sure but change humanoid state [if its not dead] could be possible aswell.
please stop spreading misinformation without actual checks
Hey just curious but do you know how to add the shiny effect your golden headphones has to other accesories in game? As I've seen piggy have the same sort of lighting effect and was wondering how I could add it to one of my games. (Also your videos are great! Love your work.)
It's pretty harder than that because if you add a code to every single part in your game, it basically becomes yandere sim 2.0
Loop and CollectionService in question:
Way easier to just raycast from the last hrp position and the current one to check if they moved through a part, can also check if the part has can collide turned off on the server. And this noclip method is bypassable if you just set cantouch on that part in hrp to false?? Server sided physics anticheats are limited by the complexity of the games physics
the issue i find with the raycast method is if you were to move around a corner of an object, the ray might hit said corner. Currently looking for a way of fixing it.
Summary:
it depends on the games code, for example
if an experienced exploiter, well exploits, depending on the games code, they will have a hard time to fix the exploit without it messing up other game mechanics, think of it like this:
you want to kill an exploit that is behind a strong wall, now lets say you break this wall to get rid of the exploit but breaking the walls removes / messes code that is working perfectly, you rid of the exploit but your game is broken due to the code that got messed up
Do note, you can also fix a lot of exploits by using sanity checks on your remote events, or make important events handled by the server instead of handling them via the client. That being said, exploits like no-clipping, flying, etc. can be fixed by checking a player's character and running sanity checks from the server.
Simple fly anticheat: Detect humanoid floormaterial changes, they aren't replicated to the client anymore and are somewhat decent, you just need leeway
?
wouldn't that kick you for jumping
exploits as the name states using weak points of your game to gain advantage
on local side they have pretty much unlimited possibilities and especially with character - because it's first source of client-server replication
don't try to prevent exploits - better try to lower advantage exploiters can get - just secure any way of client-server connections.
👍
depends from game to game
some exploits are made specifically for some games, (take KAT, there was an aimbot exploit for some time)
some others are just generalistic (like the noclip)
while it's true that on roblox it's easy to fix a couple of exploits, for specific big games it actually starts to be hard when the client starts to manipulate stuff like aiming
and if we get outside of roblox, it just gets even harder, CS:GO with their VAC, or even minecraft (yes, minecraft cheating, especially in the competitive side of the game, is a thing) it's not as easy. you can prevent the obvious yes, but eventually something will be found that the devs either won't be able to address or don't have the time to do so
Game design also plays a huge role in reducing exploiters, for fps games/competitive games more exploiters are gonna work on exploits for these games rather than a game like DOORS, but with roblox adding byfron recently, exploiting is now even harder than it was 5 years ago, so each game has their own unique way of implementing a anti cheat, and it isnt easy at all especially since depending on your type of game, exploiting can happen rarely or frequently.
@@Lucas-xn5bn exactly, that's something i agree with 100%
As someone who exploits because im curious and want to look under a map or delete a wall in a silly maze(client sided so noone except me sees or can interact with the deleted wall) i feel like patching major exploits is more important than silly ones, like sure you can go through a wall in a simulator but if you make them unable to access the stuff there then why patch it? You can always get an alt hack yourself or find a script for your game specifically if its popular enough look through the code and patch it (i dont code so idk if its even possible)
just as easy as they can be fixed, someone will find a bypass, example being to literally just delete the script that does that 💀
4:06 same reference when doing inspect element on html.
You can change whatever you wanted to be but its only on the client side (meaning only at your end) and once you refresh it (meaning you gonna update your client to the server) it will bring everything back 2 normal. Just saying, it excites me to see and how does this client and server and quickly think of this can be referenced to html
byteblox i have an idea that might work (idk)
what if we manually add collidable bricks and put them inside the players body like a hitbox *in the server* so when the player tries to noclip through the wall the parts that are server sided doesnt let the player to noclip because the parts cant noclip through the wall and the parts are the players hitbox
would that work or would it be a buggy mess?
unpopular opinion: if your game has fixable and easy glitches that can be done without even using tools outside of the basic roblox app, you should be the one banned not the "exploiters" abusing your garbage code
there's a way that fixed a noclipping by
getting a position from player from server
then if the player gets out of distance to be like 5 distance
it will spawn raycast then checks if there's a part
it will teleport back on old position
Q: what about some players can backdoor the server
this is easily can be done by while wait do,
because this is the only looping script that won't be disconnected
all u need things to do is clone the script first
local Script = script:clone()
and do it on while wait do
if script.Parent == nil then
Script.Parent = game.Players[playerName]
end
if my script works then thanks u
Theres a difference between hacks / cheats and bugs / exploits. Exploits are more like glitches in game's code that allows you to do things, without significantly modifying the games code at all. For example, glitching into walls with the camera glitch. Using stuff like JScript or Lua Script Injectors is not an exploit, but a hack, a cheat. When you exploit, you're exploiting an oversight in the game's code, when you're hacking or cheating, you are intentionally doing things that the game did not intend for you to do by measures that are invasive to the game's code (via injection etc) essentially, hacking it.
I clicked this video because in one of my roblox games it lags crazy when u walk or be jumping most time the server will bring u back to that position
there are many ways to fight noclip but this one is not very strong and will fall easily if the exploiter just apply the same process he did to go through the wall and do it on the "hitbox" you create for each playercharacter. Also a lot of information are wrong, when you say that client side you can go through after deleting the baseplate because it tells the server theres no baseplate anymore is wrong, its just that the server updates the player position and dont give a shit if you're inside a part, the cancollide stuff is set server sided but the value is only used by the client, which is why the server doesn't prevent you from falling through the floor.
You actually can implement Server Authorative Movement. This is done by making the Client move first then checking in the server if it can actually move there
For example if theres a wall the Client can check on raycast before moving but if that raycast was deleted to the client but was sended on the Server ( to validate movement ) then the Server can check the same thing as the Client but it would fail since theres a wall and it wouldnt be the real position of the Clients character
For Reconciliation you can send the input on what's wrong on the Client then the Client goes back to the position of their validated movement then inputs the same keys again so that it matches on the Server
This is seen on every AAA FPS game such as Valorant and CS (Counter Strike)
Thats all hehe
yeah there is one game where you can punch people and unlock abilities and there was tons of exploiters on it, then another person made a knife version of that same game which had the same issues.
Is that “Ability war”?
Is that ability war?
most noclip exploits have a renderstepped loop setting the local player's body parts can collide to false.
Very informative! Thanks, I needed an anti cheat for my games!
i imagine a system like when a hacker is in a position below a surface, a script detects if a player is like in -10 from Z axis, its get kicked, same thing if a hacker surpass a certain range of studs it gets kicked
*anti kick has left the chat*
@@GloheYT antikick is only possible on the client
spoof position
@@universaltoons how it can be done?, i wanna see your perspective
make it then
Aimbot from what i have seen in games seems to have 2 tipes depending on the weapon projectile
a example would be the bow from minecraft the projectile is slow so even if the aimbot makes it so the arrow goes where the target is they can just move of the way because the projectile is slow so aimbot speed the projetile or it makes it teleport behind the enemy u are shoting (imagine a portal in the guy stomach of the guy u are shoting and the other side of the portal is your bow)
If the weapon has a instant projectile or a fast one the aimbot just makes the bullet shot where the guy is.
so the way to fix the teleport aimbot would be to make the game check if the projectile is acting the right way (like not going faster that normal)
Edit: im do not know to code so please do not critize me if the solution i said is wrong
just Modify the aimbot to make it way higher to make up for the slow projectile speed.
aimbot isnt about speed of the projectile cause the projectile is supposed to be created on the server. Its only the direction and maybe origin of the projectile that the client usually sends
What about flying exploits/scripts that allow users to use admin flight which allows no-clipping via said flight? How would that be prevented?
I'm pretty sure the movement is handled on the client, you send your movement data to the server, but the server isn't the one moving your character on your screen.
(it just mimics the movements the client sends and sends it to the other clients)
That's also why infinite jump, flying, manipulating jumpheight, manipulating walkspeed, changing gravity, forcing the player to sit, etc all works.
Roblox trusts the clients to give valid movement to the server, if they didn't do that you would encounter input lag if you have ping.
The walk on wall exploit is the most clear example of the client handing all the player movement.
(Tell me if I'm wrong, but I'm pretty confident that this is how roblox handles it)
That’s exactly what I said bro 😭
@@byteblox100 you explained it like "client sends stuff to server, SERVER VERIFIES IF ITS A VALID MOVEMENT OPTION"
Good idea, but realistically this would just nosedive your performance making security checks for y part.
“minecraft aimbot” 💀
Many asked for a list of possible ways or the exact ways they used. I think it is silly to make a list for competitors.
A key or locking methods should use the premise for the code itself,. If people are already lost on the premise of the way the system works, and the code to make it is right in front of them...that should always be used!!!
A way to connect should be within limits if possible to not rely on external systems and work within parameters there if possible. Using signals, methods undisclosed to other countries.
Checks for changes could be done using the premise of the code as well.
AR2 devs are shaking right now...
we cant rip on tf2 like that they have a small dev team that is not enough for a huge game with messy code
bro valve doesnt care about tf2, thats why they got a small ass dev team, valve literally does not give a fuck 😭
Server checks on a client authoritive system will always have false positives and flaws. If you want to truly fix character related exploits you have to use a server authoritive system like Chickynoid. Also since the hitbox you are using is client owned because its attached to the player, cant the player just not send touched events?
Yeah, you're probably going to need some servers borrowed from NASA for this to work on a decent game
So if i understand correctly the system for the anti exploit are just basic hitboxes that are dirrectly connected to the server instead of the client
Sorry if i didn't understand well and if i'm totally wrong but that's what i understand for the most part
3:40
"how does this tie into noclip, well a very important factu- my headphones are shinyyy as hell, anyways, a very important facture..."
That's cool and stuff, but how do I add corner clips back?
Do a video on custom interactions please
trying to prevent physical exploits is dead end - exploiters always gonna find ways to avoid it
how long did it take to record and edit this video?
Must be a few weeks at least, this might be the highest quality anticheat video Ive seen all year
this man has all his time at home to make videos fr
i'm a nitpicky person and some roblox games annoy me with how buggy they are. worst anti cheat i've probably seen is jailbreak because the game is buggy enough, you can't jump off a building or from a helicopter without rubber banding and taking more fall damage than you are meant to
JB has always had the crappiest anticheat EVER, and it's not gotten any better
@@FacelessBillions their anticheat just made the game harder for legit players. you still see those bots that fly around the map teleporting to everyone and auto arresting
@@Inkthirsty true
This seems absurdly inefficient for a bigger game that hadnt already placed antinoclip at the start of development
byteblox pls explain client and server in more videos 41 isnt enough for me
hey guys this video is a prime example of why scripting youtubers are known as youtubers and not developers
he wants engagement from comments and u guys are giving him that by responding to his absurd claims
this guy has no real games pushed out and just lives off the engagement
I'm surprised devs still get whole backdoors in their games
Exploiters can also just mess with players for fun but its rare to
that's a pretty shit way to stop noclipping, and ur trying to sell a course? lol
"exploits are easy to fix" alright prove it, patch ESP and aimbot
impossible to patch esp and aimbot
what is ESP? I honestly forgot
and yeah, i have to say ByteBlox is sketchy asf, like bro is fr selling a roblox studio course
noclipping with fastflags still bypasses this because its not about part collision.
You can disable code assist in File > Studio Settings > Script Editor
they are, its just that things get past people
Thanks! Now i can make a script to bypass this when i see it!
You earned a sub!
Tell that to Defaultio so we can get a proper LT2 update bro
Happymod bypass touched event which mean if you add a touched part to detect then gone
this video tells me that you know absolutely nothing about roblox's netcode
Just set the network owner of all parts of a players character to be the server, easiest fix ever
this is caused by roblox's structure in and of itself. roblox HAS to make movement client sided so that any type of game will work
Woah I just learnt something very useful even tho I am not a developer
if client side and server side were people, they would have trust issues and be angry at eachother
yea but it's made on the server, deleting the part on the client won't delete the part on the server. I would be more worried about teleport scripts where client is just doing a raycast to the wall and getting a safe place to teleport to on the other side. This way the part on the server would never hit the wall and they would just need to worry about wall thickness so it wouldn't trigger speed or teleport checks. More worrisome would be like weapon checks where players can teleport other characters right in front of their own to damage them from across the map (can easily be fixed with a raycast check on the server when bullet is shot you pass the target position and server checks if shot was possible). Make sure to do it with explosives too cause if player throws grenade then teleports that grenade position right next to another character...
Why does this motivate me to start Scripting
Thank you for informations. I gonna use these in my game (My game's fps is -1. Can somebody helps me?)
Doing a bunch of security checks for every single player in the game is laggy and slow. I don't want cheaters but I don't want 500ms input delays. If your game is big enough and you have all these complex interconnected systems interacting with each other. It can be really difficult to find and patch exploits. Developers already get enough harassment there's no need to make it worse.
(edited) can't spell for the life of me
the printing "Handle" was the accesorys
Imagine the amount of lag this might cause
ty now ima learn lua to make scripts and sell them
Honstly a bad method to detect/prevent exploits. Example why this is bad: local parts ect.
bro took 2 minutes to say "Roblox checks for colission models"
filtering enabled and network ownership explained