Hey guys, it's been a while since I last used WeAreDevs forums but Roblox exploiting is back..? Despite that though, I had heard that Wave released again, and I had just saw another thread on Reddit mentioning that Wave has the Debug Lib Vulnerabilities found in Synapse back at the end of 2021. Just wanted to ensure people were aware about this as it's kind of concerning the lack of care in user security that they have for a second time in a row..

Vulnerabilities in Wave by u/Objective_Highway424 (Original post if anyone was curious)

Posting this on a throwaway, but I recently purchased Wave, and due to the vulnerabilities previously known in the beta, the first thing I did was look for vulnerabilities. It was very public knowledge back in 2021/2022 about the vulnerabilities that were present in the debug library in Synapse X, which were later patched and a test script for them published. These vulnerabilities can lead to arbitrary code execution, as shown in the reddit thread about them (https://www.reddit.com/r/robloxhackers/comments/rkuga2/most_executors_affected_by_debug_lib_ace/).

Wave is vulnerable to these same vulnerabilities, an oversight I feel should of been corrected prior to release. Wave's claim of 100% UNC also appears to be false, as setscriptable failed, resulting in 99% UNC.

These claims can be validated easily by trying the test script available in the reddit post above (the screenshot is of a slightly modified version doing a warn for each failed test instead of asserts, so they will all be tested)

Image Showing Vulnerabilities (I was planning to use an image, but WRD was breaking for me..)

If anyone was curious, yes Rexi did reply to this.

Rexi's reply:

Stop using old scripts UNC exists for a reason, and also theres UNC but for vulns
loadstring(game:HttpGet("https://raw.githubusercontent.com/fissurectomy/test/main/executor_vuln_test.lua"))()

other than that its not really a vuln but ill check it out.

OP's reply to Rexi:

Just because there is a vulnerability test script (which I did try, and Wave did pass that), does not mean it contains every vulnerability possible. Your blatant denial of this, despite the same lack of checks in the debug library leading to people using synapse being infected with malware before is concerning, and shows that your priorities clearly do not include user security.

Image of Reply (Same thing happened again.. Can't use an image cause WRD was being broken..)

this should be an option in settings and not require a full email to WRD

oh well lol, i don't really care tbh

i have the dox saved but i'm not gonna share it here nor anywhere

lol no more exploiting then

isn't this illegal lmao?

https://media.discordapp.net/attachments/1023423265160560745/1076190667786690661/kannaSip.png

I completely forgot about WeAreDevs and forgot to post a thread here along side my Discord post.

So yeah, if you joined the Discord Server and checked Coco Z announcements, you will realize that Coco Z has now been discontinued. Over 2-3 years of being an exploit, all gone.

Reasons for this can include:

1. Lack of motivation from the developers.
2. The developers were constantly busy, having to do school, Coco development, developing other exploits, etc.
3. The new Roblox anticheat (Byfron) being annoying to bypass now, still bypassable, but takes long.
4. Inactivity from MCGamin1738, Laxion busy with schoolwork, Rexi having his own exploit, etc

If you all want an archive of the entirety of Coco, you can check my GitHub:
https://github.com/NotDarkn/Archives/tree/main/Coco

Anyways yeah, Coco Z has been discontinued and has been for a few months now. I was told it was going to be removed off the WeAreDevs website soon after but it doesn't seem like it, so I'll put this out now.

yes, I say Coco Z, not Coco. Coco will most likely still exist, but the exploit (Coco Z) will not.
+ Coco Z will still work just only with the WRD API.

https://media.discordapp.net/attachments/892067098728230963/1050890490108727337/1.png

https://media.discordapp.net/attachments/892067098728230963/1050890490435874816/2.png

My first Roblox executor (on Windows) was:
JJSploit

My friend redirected me to an exploiting website called "WeAreDevs" back in like 2019, and once I installed Windows I decided to try exploiting for the first time. Best thing I could have done during 2019 and 2020.

(Timeline, probably accurate)
JJSploit -> Proxo -> Skisploit -> Cheatsploit -> sk8r -> Proxo -> Krnl -> Sentinel -> Synapse X

@68804
Fluxus tickets used to be like that before we had good support 💀

congrats you made it to 1000 posts!
now comes the activity decline

You know, having no tickets to do as a Support Member seriously makes us all insane in staff-chat.
https://media.discordapp.net/attachments/892067098728230963/994696956783890492/5HuVz669KH.png
https://media.discordapp.net/attachments/892067098728230963/994697475006943273/unknown.png

misako dll will be released when coco z5 dll is out

est: 2 years and 8 months

I'm not gonna read the whole thing.

Roblox isn't going to go out of their way to IP ban users for just semi-major problems or even minor problems.
If you do something extremely major to the site/client such as delete users profiles, raid groups/games/discords, etc, you could get POSSIBLY IP-banned from Roblox when doing that.

And to bypass an IP-ban, just actively use a VPN while you play Roblox. It may not be the same amount of ping but it'll bypass the IP-ban from Roblox.

In short, if you do something minor such as exploit, serverside, etc, you won't be IP-banned. If you are just a normal user on the internet or Roblox, you won't ever get IP-banned, AT ALL. No further questions please.

Huh, you're leaving too, that's surprising.
To be honest, you were way more active than me when I was active on WeAreDevs, so I'm surprised you decided to stay with this community for this long. But as I've said before, "nothing stays the same forever."

So yeah, goodbye dude. It was nice seeing you on posts here and there.

@Soniasinn
I guess you could use that as your answer for why Multiple Roblox Games doesn't work for you at the moment.
For now, you'll just have to wait for it to update I guess, sorry!