Categories > Coding > Lua >
Roblox - Identifying exploitable code & how to exploit it and in what ways it can be used to exploit.
Posted
local l__Backpack__1 = game.Players.LocalPlayer.Backpack; local function v2(p1) for v3, v4 in pairs(p1:GetDescendants()) do if v4:GetAttribute("a") then if v4.Disabled then game.ReplicatedStorage.Chalk:FireServer(); end; local v5 = v4:GetPropertyChangedSignal("Disabled"):Connect(function() if v4.Disabled then game.ReplicatedStorage.Chalk:FireServer(); end; end); v4:GetPropertyChangedSignal("Parent"):Connect(function() if not v4.Parent then game.ReplicatedStorage.Chalk:FireServer(); end; end); end; end; end; for v6, v7 in pairs(l__Backpack__1:GetDescendants()) do if v7:IsA("Tool") then v2(v7); end; end; l__Backpack__1.ChildAdded:Connect(v2);
How would one identify how to exploit this code, what can be exploited about it, and how to exploit it?
Replied
I don't know lua, If I did I would help. Wait for someone to reply who knows lua.
Cancel
Post
https://gyazo.com/9e36f19dea3a77fbcdc641f0276c4cd8
"I'll have two number 9s, a number 9 large, a number 6 with extra dip, a number 7, two number 45s, one with cheese, and a large soda."
Replied
at first i thought this would be really useful reverse engineering tutorial to learn how to exploit roblox's code :(
Cancel
Post
Replied
@55258
Unfortunately if i had the knowledge i would teach it, though i'll try and go through some wikis and get back to you if i find how to reverse engineer it on the 3% chance i do.
Cancel
Post
Replied
This is actually decompiled code. Here is a beautified version of the code. It's easier to look at the code when it's beautified, isn't it?
local l__Backpack__1 = game.Players.LocalPlayer.Backpack
local function v2(p1)
for v3, v4 in pairs(p1:GetDescendants()) do
if v4:GetAttribute("a") then
if v4.Disabled then
game.ReplicatedStorage.Chalk:FireServer()
end
local v5 =
v4:GetPropertyChangedSignal("Disabled"):Connect(
function()
if v4.Disabled then
game.ReplicatedStorage.Chalk:FireServer()
end
end
)
v4:GetPropertyChangedSignal("Parent"):Connect(
function()
if not v4.Parent then
game.ReplicatedStorage.Chalk:FireServer()
end
end
)
end
end
end
for v6, v7 in pairs(l__Backpack__1:GetDescendants()) do
if v7:IsA("Tool") then
v2(v7)
end
end
l__Backpack__1.ChildAdded:Connect(v2)
My scripting isn't the best and I'm on mobile, but I'm going to make some assumptions.
This script is a local script, and when a tool is used (like clicked on), it fires a remote on the server.
game.ReplicatedStorage.Chalk:FireServer()
This script seems to be exploitable, as this remote does not seem to have any protection (I'm assuming).
How would one identify how to exploit this code?
I've identified this by looking as to what what is ran when the tool is somehow used, which is seen in :Connect()
Now, I might be wrong, but this is what I would assume.
How to exploit it?
My above explanation should be aquedate enough to explain. But like others said, it's probably better to do a bit of learning...
Again, I'm no expert, and others on this forum can do a way better job than me. But I do hope this helps.
Cancel
Post
Added
@55258 same, i got baited
Cancel
Post
Top 10 Poop Positions | Beginner's tutorial in making exploits
Xi Jinping Winnie the Pooh
Replied
@MainDab Why code no worky
Mouse.Button1Down:Connect(function()
if Player.Character then
game.Players.LocalPlayer.Backpack.Chalk.Draw:FireServer(Mouse.Hit.Position)
end
end)
Cancel
Post
Top 10 Poop Positions | Beginner's tutorial in making exploits
Xi Jinping Winnie the Pooh
Random quote here...
Replied
first i recommend you use a lua beautifier or sum and then learn lua, probably backwards or so.
Cancel
Post
Added
@nexxos Did you call the player? If you did then idk bc I don't play the game/don't wanna exploit on it.
local Player = game.Players.LocalPlayer
Mouse.Button1Down:Connect(function()
if Player.Character then
game.Players.LocalPlayer.Backpack.Chalk.Draw:FireServer(Mouse.Hit.Position)
end
end)
Cancel
Post
https://cdn.discordapp.com/attachments/877610317037858846/975469974405673041/Signature.png
Users viewing this thread:
( Members: 0, Guests: 1, Total: 1 )
Cancel
Post