Exploring Backdoors

peter · May 6, 2022, 4:51pm

Hello, Cookie Tech!

Today, I will be exploring backdoors, to try and find who made them!

First, @luke noticed that there was a backdoor in our game!

Very kindly, they removed it!

But… who made it?

First of all, I had to go to roblox.com. I went to the Creator Library (or whatever it’s called) and found a random model.

Then I pasted the ID of the module that it inserted. And I found this:

Yeah, a throwaway account made it. But I noticed it was following someone…

So, I thought this was the person who made the virus, no?

Upon searching their account, I noticed there were a handful of accounts named similar:

So, did they have any relation? None of them made “Modules”

I guess it’s forever a mystery.

Tips to prevent backdoors:

Deny script injection to untrustworthy plug-ins.
Download plug-ins with some popularity, not just ones with 0 upvotes.
Don’t use free models. They are meant to have a rough idea of what the finished product will look like.

How to remove backdoors:

Upon noticing the virus, disable script injection for all plug-ins.
Remove free-models
Now, go into the virus.
Viruses are often hidden by notes, such as this;

- - Do not delete this script! We need it to render trees properly!




require:(12334589282)

Delete the script

You’re clear!

Hope this helped!

Deleted_User12 · May 6, 2022, 5:10pm

Why change the code? You are simply flooding the developer console with “Hello World”. And if anything, the function require is used to insert an animation or something into your game, even Basic Admin Essentials uses require to insert the actual admin into the game.

peter · May 6, 2022, 5:55pm

Hm, alright,

You could delete the script.

Search up the ID, if it’s something suspicious, probably a virus.

Noah · May 6, 2022, 8:32pm

As to changing the code which wont help, that code is incorrect:

It would be print("Hello world!")

peter · May 6, 2022, 8:35pm

Apologies, if I’m wrong.

This is how me and @HayHay dewlt with it.

Noah · May 6, 2022, 8:37pm

This code is incorrect though, it wouldn’t work.

peter · May 6, 2022, 9:55pm

Oh, sorry. I don’t script much.

OH20_rbLX · May 6, 2022, 11:10pm

I believe @Noah once mentioned a long time back (by a long time, I mean months ago) about some trustworthy plugin that can detect “require” scripts called GameGuard Plugin

Deleted_User5 · May 7, 2022, 8:11am

It’s pretty much easy to make a plug-in like that.

Plugins can get access to Script.Source, which basically is just text of the code. (Example: if we added print(“hi”) to the script, it will return that.) You aren’t able to get or change the source through a regular script though. It checks if the source contains require() and can delete it.

This can be abused though, as a plugin can claim to be friendly, but can add a script which contains malicious code.

Deleted_User1 · May 7, 2022, 1:31pm

I have seen these in my games why are they bad

Noah · May 7, 2022, 1:39pm

They can still your games, lag your game & just ruin your game in general.

cam · May 7, 2022, 11:12pm

This seems pretty inefficient. That code would just flood output.

peter · May 8, 2022, 1:57am

Yeah, just delete the script. I got to fix that.