Profile Picture

RealNickk (nick / reversed-coffee)

Reputation: 10 [rate]

Joined: Mar, 2023

Last online:

Used to be involved with game hacking, now I'm involved in cybersecurity. https://reversed.coffee/blog

Bio

Locked out of https://forum.wearedevs.net/profile?uid=53326.

Badges

badge badge

Etc

Send Message

Threads List
Possible Alts

Activity Feed

Replied to thread : I think JJSploit is patched as of January 17th 2025


It hasnt worked since like Wednesday. Roblox might have pushed two clients in the same week or did a rollback which requires the exploits to update.

Created a new thread : [REQ] Guides and Topics: Your Suggestions?


As someone who's been tinkering with software, reverse engineering, and Roblox exploits for years, I’ve gathered a lot of practical knowledge that I’d love to share.

 

My goal is to provide easy-to-digest information for those who have already grasped on programming concepts. Thing is, I don't know what anyone would like to learn or know. Sure, you might want a guide on how to make a Roblox exploit from scratch, but there's too much to learn that can simply be a 15-20 minute-to-read post. I guess I could break it up into chunks.

 

I was thinking about a few topics, which I organized:

 

Roblox:

  • How to Circumvent Roblox's Anti-VM Measures
  • How Effective is Hyperion? (Roblox's client anticheat)
  • Roblox Internals: Instances and Task Scheduler
  • Creating a Printsploit in Roblox

 

Game Hacking:

  • Internal vs Internal Cheats
  • How DLL Injection Works
  • Hacking Game Engines: What is Bytecode?
  • Common Misconceptions About Malware

 

I wouldn't want to post about anything that no one would have interest in. What topics would you find most helpful or attractive? Are there any other areas you'd like me to explore? Also, I could probably make video material on a few of these topics if it helps.

Commented to thread : JJS Script Injector not working


Then those scripts probably broken or are not supported. You'll have to debug them yourself or find an alternative script that works.

Replied to thread : JJS Script Injector not working


It appears to work on my virtual machine.

https://i.imgur.com/OAp8qAt.png

Commented to thread : Hiring experienced developer for a project


That would be circumvention.

Replied to thread : JJSploit Autoexec


Check if there is an autoexecute directory under your Documents/jjsploit directory. I don't remember if there is one. If it exists, you can put script files in that autoexecute directory that will run when you attach to the game.

Replied to thread : Hiring experienced developer for a project


What you're asking for is illegal and impossible from a technical standpoint.

 

Even though it's a video game, backdooring servers is a form of unauthorized access, and you can get in trouble for it, even if the risks are low. I highly recommend using client-side cheats which are legal and do not use backdoors from infected assets.

 

There is a difference between the game developer intentionally adding a backdoor compared to them using an infected asset which injects a backdoor into their game. If there is intent by the developer to implement a backdoor, then they acknowledge those risks and it's legal to use. In your case, you are talking about infected assets which means there is no intent or implicit permission, making it unauthorized access.

 

The reason I say this is because unauthorized access to the server can lead to theft of data such as API keys and intellectual property, so it is of valid grounds to be considered illegal. Client side cheats do not gain unauthorized access since every game developer in Roblox should assume that the client had access to whatever was replicated to it.

 

On the technical side, you cannot do this because you would require HTTP access to make HTTP requests. The only way to do this would be to send your requests to a client through a communication channel that is not HTTP that can make HTTP requests on your behalf.

 

Nothing comes off the top of my head other than setting up a bot on the game that can act as a proxy by using RemoteEvents. This solution is not feasable as it makes the server vulnerable to MITM attacks.

Replied to thread : How to make 95 ~ 100% unc initializer ~ client.lua


You can't do that in a single init script. You need to push multiple C functions that interact with Roblox on a low level.

Replied to thread : The Executor is not showing


You might have problems running that on a custom Windows distribution (GhostSpectre). I would recommend not using custom builds of Windows because you do not entirely know what's inside of them and they can expose you to stability issuses (hence why I mentioned JJSploit might not run) and more zero day attacks.

 

As always, make sure your Visual C++ redistributables are installed. Make sure your antivirus is off or has an exclusion, and install .NET runtimes.

Replied to thread : Viruses on WeAreDevs.net


Exploits are risky when it comes to malware. It probably is a false positive but I do not have experience with that exploit, so I have no clue if it's safe ot not. Since the core logic of exploits modify the memory of other processes (in this case, Roblox), antimalware solutions often mistake the DLL injection or memory modification as a trojan attack method such as process hollowing. In fact, even some antivirus software flags programs that print "Hello World" to the console just because they haven't been signed!

 

However I can say that WeAreDevs does not host malware. There have been cases where malware made its way on the WRD front page (i.e: ReDevs X in 2020, which got taken down immediately), but in these cases, they get taken down pretty fast once they're exposed.

 

In cases like these, you'll have to do your own research. Look out for red flags. Warnings from antivirus software are typically not red flags, as I've stated earlier. Don't use your personal machine for running untrusted software. Use a virtual machine or another machine that is segmented from your home network if you want to run software you truly do not trust but want to use.

 

TL;DR: Due to the poor ability for antiviruses to properly flag software, it's a gamble. WeAreDevs software is typically safe. Use a virtual machine if you don't trust software.

Replied to thread : RTOsploit - WHEN??


Please see the following thread for more information:

https://forum.wearedevs.net/t/36742

 

Replied to thread : Question about JJS


Pretty much any exploit can. If you don't want to get banned, use an alt account.

Replied to thread : is jjsploit detected?


Use an alt account and virtual machine if you do not want to risk getting banned. JJSploit is based on Xeno's source code. If you take a look at the repository, there is a disclaimer which says the following:

https://i.imgur.com/KiGyS7F.png

Commented to thread : JJSPLOIT POSEE Trojan-PSW.Agent?


It would make sense that you are suspicious. For more information, view Jon's thread about false positives: https://forum.wearedevs.net/t/572

 

I also conducted malware analysis on JJSploit and could not find anything suspicious: https://forum.wearedevs.net/t/36742

 

Also make sure you are only downloading JJSploit from wearedevs.net. Other websites claiming to be an official download should not be trusted.

 

Exploits getting flagged as malware is a normal thing and tools such as VirusTotal and Windows Defender lack proper utilities to accurately identify malware. In this case, they are simply false positives.

Replied to thread : JJsploit 8.10.15 & 8.10.14 has trojans. Suspicious


Please view the reply to the post that I wrote here debunking the RAT allegations: https://forum.wearedevs.net/t/36742

 

Also please view Jon's thread about false positives: https://forum.wearedevs.net/t/572

 

Also make sure you are only downloading JJSploit from wearedevs.net. Other websites claiming to be an official download should not be trusted.

 

Exploits getting flagged as malware is a normal thing and tools such as VirusTotal and Windows Defender lack proper utilities to accurately identify malware. In this case, they are simply false positives.