We have been trying to see if it was from the source but there no possible way it could have been done as this is not the only game this has occured to, here’s another game by the same exploiter with similar scripts that shows the game has not been leaked directly from the game’s source. That code itself could contain the require() or anything that’s loading the malicious code as obfuscated code runs on a rudimentary Lua VM - so you can’t simply just Ctrl + Shift + F to look for those things.I’m actually apart of the airline’s group and it’s actually true that the game was Decompiled by a local exploit aka Synapse. that have not been properly audited.Įdit: Also worth noting check for code that’s obfuscated. Not to say the third-party service itself is at fault, as they may not have the intention to be malicious but more so that said third-party service may have a vulnerability that is being abused - which would usually be stuff such as admin systems, etc. Make sure to also check third-party services you’re using, as those could be the cause for it. It could very well be possible that someone is executing code within your game using HttpService and a custom Lua VM. I’d suggest that you check, as you’ve mentioned already, for scripting using require() or getfenv() as well as scripts that use HttpService. Interesting, as the only way someone would have server-side access is through a vulnerability in your code or otherwise exposed backdoor into your game, often contained within free models.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |