Profile Picture

RealNickk (nick / reversed-coffee)

Reputation: 10 [rate]

Joined: Mar, 2023

Last online:

Used to be involved with game hacking, now I'm involved in cybersecurity. https://reversed.coffee/blog

Bio

https://reversed.coffee

Badges

badge badge

Etc

Send Message

Threads List
Possible Alts

Activity Feed

Replied to thread : mom I made front page


Sick I never seen your executor but that's great because you get access to a large chunk of the Roblox cheating market.

Commented to thread : Help with creating an internal executor


Yup, no problem. I would advise against using "address dumper" tools that give you offsets to functions and static pointers because they tend to provide inaccurate information and if they break, you won't know enough internal information about the game to find the correct offsets.

 

Definitely look into tools like Scylla, PETools, and ReClass.NET. Could also dump the process memory and suspend the game using Process Hacker and open the memory dump open in Cheat Engine for an uninterrupted (but static) reverse engineering experience, although I don't know if virtual addresses will be retained properly or not - which will be required for pointer reference scanning.

Replied to thread : Help with creating an internal executor


Whatever "updated" offsets you have probably aren't valid. The crash is likely an access violation. You'll need to reconstruct the scheduler manually to get the correct offsets.

 

A good place to start is to learn how to reverse engineer. You won't get far without that. You can simply use a tool like ReClass.NET to reconstruct the class from scratch using hints from RTTI, then you'll be able to find out why you're crashing.

 

Additionally, Roblox uses many methods to protect its internal integrity, so there may be a chance that it's detecting something.

Replied to thread : Guess Who's Returning...


OGs coming back to life

Replied to thread : WeAreDevs News - 11/27/24


Did not expect a post like this. Honestly forgot about WRD news.

Replied to thread : since this forum is dead


Man...its been a while.

Replied to thread : since this forum is dead


The forum isn't dead, it's just that theres not much to talk about lol

Created a new thread : [Cyber] Typosquatting: Danger Hidden in Plain Sight


Exciting news—I just launched my blog! I don't know how to get traffic, but I know a few people here are interested in cybersecurity, so I figured I'd share it here.

 

Check out my first post about typosquatting, a sneaky cybersecurity threat where cybercriminals create fake websites with URLs that look like the real thing. Based on an IRL project that I presented to hundreds of people, this article raises awareness about how these tricks work and offers tips to stay safe. I’ve included real examples and even a live demonstration that you can try yourself! Remember, not all security measures, like VPNs or browser warnings, can fully protect you.

 

👉 Read the full article here: https://reversed.coffee/blog/typosquatting-danger-hidden-in-plain-sight/.

Replied to thread : WEAREDEVS Discord Server suggestion


Breaks Discord ToS and also would be full of support tickets with zero context. Probably not going to happen.

Replied to thread : [BUG] Unable to Reply to Threads


@WRD That appeared to fix it!

Replied to thread : [BUG] Unable to Reply to Threads


@WRDxTest Using Chrome works fine, by the way. I'm on Chromium writing this reply.

 

Logs dump (left is firefox, right is chromium):

https://i.imgur.com/KBNEeCA.png

Also, for some reason that one avatar in the global chat failed to load which caused a self-inflicted denial of service from my client spamming the server with requests lol.

Commented to thread : [BUG] Unable to Reply to Threads


It's for all threads. It just buffers indefinitely on my browser.

Commented to thread : [BUG] Unable to Reply to Threads


Bump. I still have this issue.

Created a new thread : Exploiting Sparked My Career Path


Instead of working on my college courses like I should, I figured I'd slack off and give myself a break for once. Roblox exploiting is (weirdly enough) one of the things that lead me to where I am today. It quite literally drove me to my field of study. My story is a classic example of a mere hobby turning into a career that I enjoy. Cheating in Roblox did not directly motivate me, but it did spark a flame that led me to where I am today. I wanted to just take some time and talk about it just to pass some time.

 

Why I Stopped Exploiting

Starting around early 2023, I completely stopped exploiting in Roblox. There are a couple of reasons why I did this, but the main reason was because Roblox actually started throwing money at their exploiting situation. Personally, I think the responsibility of game security and anticheats should be put on the developer of the game. Listen, if you arent securing your remote communication, you probably shouldn't be making Roblox games. Because now some kid is going to figure out how to abuse it. But hey, Roblox chose to throw money at it, so I can't do anything about it.

 

Roblox has also just been turning to crap lately. A large chunk of their "new" features just ruin the classic nature of Roblox. It's like Roblox's garbage attempt at RTHRO which personally I think never took off like they thought it would. A lot of the games on Roblox are all copycats off each other and Roblox has seemed to turn a blind eye to people s^xualizing their characters, which really just ruins the "kid-friendly" part of Roblox that made them so popular.

 

With UGC, it gets worse because now there's a huge burden put on moderation, and a lot of things get through that probably shouldn't. UGC ties right into my point about s^xualizing Roblox characters though. It's a kids game. I don't think Roblox characters should have breasts. Roblox may even let it happen on their platform because it gets them more money. Sure, you're a corporation and you may get more money doing this, but what are the ethics of this? Sure, Roblox changed its age classification schema, but it still doesn't make it appropriate or ethical.

 

That rant aside, other factors have also held me back from exploiting. Another major thing that led me to leaving was just that exploiting got boring. You can torment people online, get infinite cash in a game -- you can do all this stuff, but what's the fun in playing at that point? I typically play the games to progress and grow over time. Tormenting 7 year olds on Roblox got boring and now it just sincerely feels wrong and a waste of time.

Along with that, I got busy after my sophomore year. Starting my junior year, I was taking a few classes in high school, but I was also taking two college classes and a course in career tech that takes up 3 hours of the day. This stuff eats your time. During the summer after my sophomore year, I got a job and worked fast food. Worst decision I made. I hated working fast food and getting cussed out by grandmas. But anyways the summer after my junior year I worked full time in a corporate internship in the field of HVAC control systems (BAS/SCADA), and that was a great job that paid well and taught me a lot. But, it also eats up your time. I had two college courses along with that full-time job. Not the best experience if you don't like balancing responsibilities, but I got through it just fine. Anyways, I just have more interests than just exploiting, and I end up needintg to prioritize.

 

I want to end off here saying that you shouldn't make video games your life. People say "touch grass" as a joke, but there's a serious message behind it. Please enjoy other aspects of life. I would even say that you shouldn't exploit, but I can't stop anyone and I won't because exploiting changed my life (in a good way). Get a new hobby. Don't squander new opportunities. For me, I got into some circuirty and I manage a server rack in my house. Good stuff. Servers are their own little rabbithole that you never get bored of if you enjoy them. But anyways, if you freak out because your exploit is down, that's a sign that you need to mature emotionally.

 

Where Exploiting Led Me

 

Oh boy, this is a long story.

 

Let me start off saying I've been in the Roblox cheating scene since 2017, and in the time period between 2018-2023, I've been actively involved with the exploiting community, developing my own exploits. Starting out, I did not know much, but I learned how to start programming in C#, and I took advantage of tools like the WeAreDevs API (which does not exist anymore) to assist me in writing cheats without having to actually know anything.

 

Jumping from being a leech in the community to active development separates me from a huge chunk of people in the community. People who developed cheats probably made only 5% of people who cheat...maybe even less. Anyways, this is above the "script kiddie" or "skid" phase that I was at, but being a script kiddie applies in different contexts. By this transition, I already knew how to write Roblox scripts and basic cheats with Lua using readily-available executors, so I was no longer a script kiddie in that context. However, I still would consider myself a script kiddie in the realm of executors at that time because I had no clue how the cheats worked and I blindly used APIs to offset the responsibility.

 

I didn't really know what I was doing until 2019-2020, where I gained a ton of knowledge in low level software engineering. From there, I learned how to manipulate the system on a lower level than what an exploit API allowed me to do. From this knowledge, I built my own private cheats for Roblox. Doing this required me to tear apart the game and learn how it worked from the inside out. This is very difficult, and if I were to guess, the only people going this far in exploiting are maybe a couple hundred people, or maybe only a few thousand at most. And this number would be pretty reasonable because low level programming is relatively uncommon nowadays due to frameworks.

 

When reverse engineering and game cheating comes into scope, this turns an already uncommon occupation into an esoteric occupation. From here, there is not really that much readily available documentation. Only a couple hundred people and the engineers of the Roblox engine understand how the game works internally. You sort of learn on your own by committing hours upon hours of your life into reverse engineering the game and accepting the support of other individuals who have insider knowledge.

 

Creating my own cheats for Roblox was difficult. It's not an easy task and it requires a lot of knowledge. Updating the cheats also is not easy unless you document everything you did to find shifted offsets and function addresses. Which got even more difficult down the road -- to those who remember the inlining that Roblox did on all of their functions.

 

Anyways, we'll speed up to my sophomore year in high school. I get interested in reverse engineering, right? Well I learn about cybersecurity, which is a broad part of reverse engineering. Reverse engineering almost goes hand-in-hand with the branch of software flaws in cybersecurity, and this brings us down the path of *actual* exploits (not Roblox exploits which are considered cheats, but real exploits) that abuse poorly implemented code to get unauthorized access to a computer (hacking) or wreak havoc. When I say wreaking havoc, I mean something like a denial of service, or DoS. Many of you may be familiar with the term DDoS, which is similar to DoS but involves multiple attackers. DoS is a term that takes effect even out of websites and web services. Simply unplugging the power to a critical computer in a company is considered a DoS attack.

 

Anyways, I went off on a tangent there. Once I learned more about cybersecurity, I think to myself: Cool, I should look into it. It seems interesting. And I do look into it. Turns out a local trade school teaches it, so I apply and get enrolled. Best class I've ever taken in my life and I highly recommend it. Anyways, now I'm getting all these certifications in cyebrsecurity, IT, programming, etc. From career tech, I also got involved in organizations such as BPA (Business Professionals of America) and CyberPatriot. Really fun stuff happens here and they look great on a resume. Heck, I even went to BPA's national convention in Chicago because I scored first place in C# programming at a regional BPA compeition. Anyways, now I'm on track to entering the cybersecurity field when I graduate.

 

What I Do Now

 

Well, if I'm not exploiting anymore, what am I doing? Well, I'm not the most social guy so I don't typically hang out with people outside of school, but instead I pursue some projects I'm working on. Like right now I'm working on a startup enterprise idea that could make me a ton of money. I'm also constantly working on my servers and learning along with it. Just recently, I got into privacy, and I've been thinking of ways to prevent big companies like Google from selling all of my information. I also got into Linux. I have an Arch Linux ThinkPad (talk about stereotypes huh...) and I do a lot of programming on it. The most recent (small) project I did was flashing GrapheneOS on my personal phone and setting it all up. I think GrapheneOS is great and the only complaint I have is that I can't get Yubikeys to work with it, but it's a solid Android ROM otherwise.

 

It may surprise you that I haven't touched a video game in months. I rarely watch movies and TV shows. I'm always constantly working on small and large projects. I just like learning new things and solving complex problems, and I get not everyone likes it, but I think everyone should at least try it. There's a lot of stuff you can do that's both educational and rewarding!

Replied to thread : Using "mouse1click" on a TextButton.


https://create.roblox.com/docs/reference/engine/classes/GuiButton#MouseButton1Down

https://create.roblox.com/docs/reference/engine/classes/GuiButton#MouseButton1Click

https://create.roblox.com/docs/reference/engine/classes/GuiButton#MouseButton1Up

 

If you are trying to fire the signal, you can use getconnections along with the Fire method or use firesignal, depending on what your exploit supports. If you are trying to listen on the signal you can use the Connect method on the signal.