Just getting through it. Life is brutal at times but there's beauty in the chaos, and those moments in life are what make it amazing.

I'm also in college, about halfway towards an associates degree. Getting certifications in cybersecurity and working towards getting a higher-up IT job (probably gonna be a sysadmin). Can't wait to deal with nonsensical people for 8 hours a day...

I don't keep up with the executors, not my area. Most of the old names have faded.

Probably your NATs firewall getting in the way or DNS blocking. This is likely not our issue. Fix it by using a VPN or reconfiguring your router.

I mean, it's good you're admitting your skill level, but no one is going to be interested in helping you unless you pay them something decent. If you're serious, start with reversing basics. Get comfy working with tools like IDA and ReClass.NET. No one’s writing your cheat for you unless you’re paying, and even then, good luck finding someone who isn’t going to scam you out of a Xeno paste.

loadstring(game:HttpGet("url"))()

Revenge hacking isn't a legal way to go about handling that, and I would actually consider that petty. Just because someone hacked you doesn't give you permission to hack them back. So let's focus on risk management instead.

Hacked multiple times? You've got some serious opsec issues, probably because you're ignorant. You're going to have to own up your mistakes and harden your security. Most of us don't casually get hacked when we cheat. 

FIrst off, we need to do damage control:

1. If you downloaded malicious software, nuke your machine. Some malware can be pretty nasty and require a reset to be fully removed from your machine.
2. Reset your Roblox password to something secure that you don't use elsewhere.

Now, we can work on mitigating risks:

1. Use 2FA like TOTP (Authenticator App) or a security key (Yubikey) so people can't just guess your password to get into your account. Avoid SMS/Phone 2FA, because people can SIM swap.
2. Stop reusing passwords if you are doing that. That's not only lazy, but if one account is breached, all of them are. It just takes some username tracing to find out if it's possible to hack you.
3. Make sure the passwords you use aren't already in a data breach (use Have I Been Pwned).
4. Make secure passwords and use a password manager to store them. I use Proton Pass but you could use something else like Bitwarden.
5. This one should be obvious but stop installing suspicious programs or running suspicious scripts that are getting you token logged or RATed. You are the attack vector in this case.

If you take the proper precautions, you shouldn't easily get hacked anymore and you don't have to worry about people stealing your precious virtual currency. Cybersecurity is all about common sense. Know the risks, think like an adversary. Also, most of these attackers are script kiddies; let them stay stupid, you can harden your security.

I believe that is a thing but I can't quite recall. It's been a good while since I've really developed a script for any game. I would look into using the drawing library for ESP instead of relying on highlight instances, as you're trying to avoid detection anyways, and parenting Highlight instances to those parts might not be the best idea.

You can extract the binaries using something like lessmsi if it won't install properly. Just make sure you keep track of your files if you extract the executables because it won't support updating or uninstalling.

Appreciate it brother 👍👍

Get a load of this guy 😂

IP addresses are the foundation of internet communication, but there's not much to freak out about in the scope of bans or if someone knows it. In this article, we’ll break down how IP addresses work, we'll cover some internet lore, then talk about what IP addresses reveal about you, and clear up some common misconceptions surrounding them.

If you're too lazy to read my sweet lore drop, check out "I Ain't Reading All That" at the bottom of this post for a quick summary.

What is an IP Address?

Consider the following scenario: you're hosting a party and you want to invite people over, but you only know a few people, so you ask them to invite their friends. You give them your address so they know where to go. Your friends then delegate the address and information to their friends, and so on. Your friends then come to your house as a response and you have a party. This is basically how the internet works in layman's terms.

Your IP address uniquely identifies your router on the internet. It's like a phone number, but for your router. It allows you to communicate with other devices on the internet. So, when you send a request to a website, your IP address is attached to that request so the website knows where to send the response.

https://i.imgur.com/694iyTH.png

Classic example of how the internet works.

By design, a server expects to receive your IP address when you send a request. It's like when you write a letter, you put your own address on the mail so the person receiving it knows where to send their responding letter. This is just how the internet was designed to work. If your didn't send your IP address to the server, it wouldn't know where to send the response and the packets being sent to it would be destroyed. The request and response simply involve asking the next router down the chain to kindly forward the packet to the next router if it can route it to the destination.

Does Roblox Ban IP Addresses?

People have rumored that Roblox bans IP addresses. This was certainly a thing in the past, but it's not a practical solution and is likely not being practiced anymore by Roblox. I drew this conclusion from three main points that I want to clarify on.

First off, your typical ISP subscriber has a dynamic IP address. They change all the time. When you restart your router, your IP address will probably change. When you move to a different location, your IP address will definitely change. So, banning an IP address is not a reliable way to ban a user because they can simply unplug their router, wait a few minutes, and plug it back in to circumvent the ban.

Second, IP addresses are unique to your household, not you. If Roblox were to ban an IP address, they would be banning everyone in that household. This is a huge problem because a lot of households have multiple users, and it's not fair to ban everyone in that household just because one person broke the rules.

Let's cover a scenario where both you and your brother play Roblox. If you were to get IP banned, your brother would also be banned, even if he did nothing wrong. This is because the servers see the same IP address and could assume it's the same person if it relied on only the IP address to identify users.

https://i.imgur.com/lbxVb33.png

Multiple users in the same household typically share the same IPv4 address (and IPv6 prefix).

Additionally, many ISPs are starting to use methods to combat IPv4 exhaustion. One method of reducing the need for so many IP addresses is CGNAT, or Carrier Grade Network Address Translation. It's basically a router for multiple routers, and it allows multiple subscribers to your ISP to share the same IP address.

So if Roblox were to ban an IP address, there is a considerable chance that multiple households would be banned. This is a huge problem because the chances of banning innocent users are considerably high given the fact that many households share the same public IP address.

https://i.imgur.com/WSTKYOx.png

CGNAT can certainly link one IP address to multiple households.

Sure, you can pay extra for a static IP address, but only people who run servers on their home network need a static IP address. It's very unlikely that your household has a static IP address unless the owner of the house is tech-savvy and knows how to set it up. Static IP addresses also cost extra, so it's very unlikely that the average Roblox user has a static IP address.

Can I confirm with absolute certainty that Roblox doesn't ban IP addresses? No, I can't. But it's highly unlikely that they do and instead rely on other identifiers to ban linked accounts. For example, they might ban accounts that share the same email address or phone number. I still, to this day, cannot use my phone number on my Roblox account because it's linked to an account that was terminated in 2018, so that's my experience on it.

IP Addresses Do Not Reveal Much

Imagine that someone sent you a deadly link that you clicked on and, uh-oh, some dude with a hacker profile picture DMs you and says "I know your IP address". Naturally fearing the unknown, you think "Oh lord, what can they do with it?". They say they can get your exact location, find out your name, and even your credit card information. But is that really possible?

The answer might surprise you. The truth is, your IP address is not as revealing as you might think. I casually drop my IP address in the chat all the time and no one has ever found out my exact location. So what data can someone actually get from your IP address? Well, to know that, we need to know how IP addresses are issued.

In the United States, IP addresses are allocated to organizations by the American Registry for Internet Numbers (ARIN). When you request an IP address from your ISP, they assign your router an IP address from a pool of addresses that they requested from ARIN. This means that your IP address is primarily tied to your ISP and not you. So, if someone were to look up your IP address in a public  database, they would find out who your ISP is and not much else.

https://i.imgur.com/jVRtvuC.png

Yes, this is my real home IP address. Come and find me.

The most identifying information you can find here is the ISP I use. I don't consider me living in Tulsa to be identifying information, because 400,000 people live in my city. The ZIP code provided there isn't even my ZIP code too. You got my timezone but you probably could've guessed that from my activity online. The latitude and longitude here just point to some random lot in my city, so that's not accurate either. The ASN is just a number that identifies my ISP, so it's not really identifying information either.

How Accurate is IP Geolocation?

Geolocation is tricky because it's not as simple as pulling an IP address up in a database. IP geolocation services often use multiple data sources to try and approximate the general location that IP address may be assigned to. The data that these services use may include the location where the IP address pool was requested, information provided by ISP infrastucture, latency and routing data, and more.

The accuracy of these services vary extensively. At best, if someone got your IP address, they might be able to get the city you're residing in. But even then, it's not guaranteed. My IP address might show that I'm in Buffalo, NY, but I might, in reality, be somewhere close by, like Rochester, NY. What would cause this discrepancy? Well, it could be that the ISPs infrastructure is more centralized in Buffalo, so the geolocation service assumes that's where the IP address is located.

With CGNAT, you may share an IP address with multiple subscribers to your ISP. This makes geolocation even more difficult, as these subscribers clearly don't live in the same household. This further reduces the accuracy of geolocation services.

What are the Actual Risks?

If you're not hosting any services, the risks are minimal. Just follow proper precautions like enabling your router's built-in firewall, keeping your router's software up-to-date, and not opening ports unless necessary. The most an attacker can do by then is to try and slow down your internet ("boot you offline") by abusing protocols like NTP or ICMP, but even then, an advanced firewall can mitigate these attacks if you install one.

The biggest risk is that if you openly host services on your network, like websites, email servers, game servers (like Minecraft), etc., someone could potentially exploit vulnerabilities in those services (hack your servers) or flood them with traffic to take them offline. That would be called a Denial of Service (DoS) attack. A Distributed Denial of Service (DDoS) attack is when an attacker carries out a DoS by sending traffic from multiple computers. These are preventable if you use anti-DDoS strategies like Cloudflare, which can absorb the traffic and keep your services online.

So, the next time someone freaks out about an IP address, it's not the end of the world. Just make sure you're not hosting any services. If you are, use a tunneling solution like Cloudflare Zero Trust for your services. It's free as long as you aren't a big corporation. Remember, you're usually dealing with script kiddies. They don't have the resources to do anything serious.

Now, if a government agency like the FBI is after you, they have a little more power. If they can prove that you did something illegal using that IP address, they can send the ISP a court order to get informaton on the subscriber who is registered to that IP address, but that's a government agency, not some random person on the internet. If some random guy asks your ISP for information on your IP address, they're probably going to get laughed at.

I Ain't Reading All That

- IP addresses are like phone numbers for routers.
- Roblox probably doesn't ban IP addresses because there's a good chance it would ban innocent users.

- If you seemingly do get "IP banned," it's likely that Roblox is using other identifiers to ban linked accounts.

- You can usually unplug your router and leave it off for a few minutes to get a new IP address.
- Your IP address at best may reveal the city or region you live in, definitely not accurate enough to find even what block you live on.
- Script kiddies can "boot you offline," but there are mitigations for that: install a strong firewall or change your IP address.
- If you're hosting services, use anti-DDoS strategies like Cloudflare to keep your services online.

Dawg you got some nerve coming back on here

Unfortunately that was a risk you chose to take but I agree this should be a feature.

Avoid all of the games related to the current Roblox event right now.

You can delete the webhook itself by sending a DELETE request to the webhook link, but if you want to take it a notch further and delete messages, you'll need a Discord bot and a HTTP frontend to interact with it using HTTP. If you do this, you'll need to keep security in mind.

Edit: You can theoretically use websockets to connect to Discord's gateway on the exploit end but I wouldn't recommend it for security and stability purposes. You don't want to store a Discord bot token in a client script.

Closing Thoughts

In the end, if you’re going to accuse every cheat of being malicious just because you didn’t do the research, you're making pointless arguments that might, quite literally, be worse than 90% of the political arguments thrown around in the United States.

I mean, come on—at least politicians argue with a little bit of logic sometimes, right? (Well, at least some of them.) But throwing around baseless accusations without understanding the fundamentals of how software works? That’s a whole new level of intellectual dishonesty.

As always, I’m here to help. I know a lot, but I am not a miracle worker. Hope you enjoyed this rant. Now go forth and use that brain of yours. Don’t accuse before you understand. It's a much better way to get through life, trust me.