#Malicious script

This shows up when I try to test my game, apparently it's caused by a malicious script in a free model? How do I find the malicious script? I have like 100+ free models in my workspace.

just dont use free models brah they always have backdoors but if you insist you open script explorer pressing control + shift + f and searching for key words like local HttpService = game:GetService("HttpService").

also search for loadstring

and also just write everything yourself

helps your game stand out from the crowd

I did this now, deleted all scripts with any of the words you said, issue persists

What I'm doing is just like a little personal project, not a real game, hence why I use free models

Any additional ways to possibly solve this?

Tried looking for loadstring too but no luck

code is probs encrypted

Anything at all I can do?

** You are now Level 5! **

I've worked on this place for a while

not really much you can do beside searching each one

and they def embedded it deep so it will take ages

and write your own code

How do I get a clear view of all scripts in my project?

I got no idea ur best bet is to just search all the models also scroll all the way down too

ngl that error message is very sneaky if you are not experienced with studio so I wouldnt be surprised if they implemented way more countermeasures against finding it

Why would someone even go to the effort of doing that

lots of reasons

Like whats the point of even getting access to my shit

bruh think about it

Large games dont even use free models at all do they

no cause the ones that do get destroyed

these virus scripts can access the backend of ur game so if u have any database methods ur cooked

or any playerdata etc....

I think all I can do is find a way to see all scripts, disable/delete all of them except for the handfull of ones I want

There are like 2 scripts I actually use lol

But 100+ come with free models

then just delete the rest and keep the ones u need

they do sometimes, like i remember seeing a "put in startercharacter" script on a dusty trip a long time ago 😭

Yeah

wait a second how did you know it said put in startercharacter..........

i opened dev console out of curiosity

uh

it

its a warning from a script named that

oh fair

its probably the arm thingy but idk

I mean you could send the place file and I could look through it

up to you

I wouldn't mind, it's just my personal little project anyway

One sec

lowkey might be better if u just invite me to the game im not super tech savy so I tend to not download random files from strangers online just to be safe

make sure its .rbxl for places and .rbxm for assets, its that simple

yea but im pretty sure they can fake the extensions no?

or the file type whatever its called

id rather not risk it lowkey

but wont run as intended tho

its intended purpose is to be opened with roblox studio

so its just gonna do nothing

yea ur right but I just wanna be safe

I guess I solved it, I used a script to delete all scripts in my project

for i, v in pairs(game:GetDescendants()) do
if v:IsA("Script") or v:IsA("LocalScript") or v:IsA("ModuleScript") then
pcall(function()
v:Destroy()
end)
end
end

Now just to re-enable the scripts I actually want

Which are like 2 scripts

uhh wouldnt they not exist after u deleted the whole game?

i think you can do :IsA("BaseScript") for all script types but im not really sure

I mean whatever works

Yeah I saved em

oh nice

well goodluck bro stay wary of the free model scripts

👍

Yeah man there's some crazy ppl out there

Going to such lengths to get a backdoor to see my shitty building skills

you can also do className=Script in the explorer search i believe

still need to individually search for 3 types tho

script, localscript, modulescript

u right

is:BaseScript would get u localscripts and scripts but modulescripts would be separate

huh

didnt know you can do is:

👍

use explorer search

is:Script

this is unreliable search term

loadstring is not used in any legit game scripts, unless someone extremely foolishly enabled it.

yep. never trust code in free models, always review it. if you don't understand the code, delete it.

and just a reminder, those backdoors earn money for the exploiters. they're getting paid to do it. that's why there's so many. if they weren't making money off it, they wouldn't do it, or at least, wouldn't do this to such an excessive degree.

so, don't hate these malicious actors for their malicious code.

blame the drooling ipad kids who are buying roblox cheats with their parents credit card, which effectively pays money to the malicious actors, and financially motivates them to keep doing it.

it's a really sad thing to see, but well, offer kids some cheats in exchange for money and a lot of them will take that offer.

and they'll pay even more if you can give them server access, which can only be done if there is a backdoor in your game, which is likely only to come from one or two places: the toolbox, and you trying to install unofficial versions of things.

e.g unofficial versions of adonis having a backdoor in them. that's a real thing.

but always, they're doing it because they're getting paid to do it. it's the sad, sorry fact of it just being how it is.