Categories > Exploiting > Roblox >

Bypass for the new ROBLOX check

ShowerHeadFD

ShowerHead

Posts: 19

Threads: 9

Joined: Jan, 2021

Reputation: 24

Posted

A lot of you dont know this but ROBLOX has decided to push out a silent update today because It's april fools. It's similar to the last ban wave they did expect this one targets the VM directly. Compiled Code, 0x90 and myself have been reversing this for hours and have came up with a bypass. 

 

Heres the code for the bypass.

const auto FFlag = *reinterpret_cast<std::uintptr_t*>(BASE + 0x1B703E0);

const auto OldFlag = *reinterpret_cast<std::uint8_t*>(FFlag + 11252);
const auto GameHash = *reinterpret_cast<std::uintptr_t*>(*reinterpret_cast<std::uintptr_t*>(FFlag + 54) + 112);

*reinterpret_cast<std::uint8_t*>(FFlag + 11252) = GameHash ^ XORCONST;

//DESERIALIZE HERE & SPAWN

*reinterpret_cast<std::uint8_t*>(FFlag + 11252) = OldFlag;

You need the XORCONSTANT address and how to use it properly (which I'm not spoonfeeding) 

 

If you already have a pre-existing exploit and want saftey, we have developed an auto updating bypass DLL.

DLL Download

VirusTotal

 

Use extreme injector or puppy milk or whatever to inject that **BEFORE** you inject your exploit.

 

For you more technical developers, heres a image of the check.

https://cdn.discordapp.com/attachments/808590927232106536/827049295260680192/unknown.png

 

https://cdn.discordapp.com/attachments/764153637642829834/827058405569986590/unknown.png

 

Also, for you less knowlable people, It is not a lua FFlag. It is a c++ FFlag.

  • 0

0x90

dingleberry#2286

vip

Posts: 224

Threads: 26

Joined: Dec, 2020

Reputation: 27

Replied

Vouch! If your exploit doesn't already incorporate our bypass, inject the dll provided BEFORE you load your exploit, and you will be safe from any bans.

  • 0

https://media.discordapp.net/attachments/834551308173443142/835761259093295124/0x90.gif

0x777_

.

noticed

Posts: 1673

Threads: 10

Joined: Sep, 2020

Reputation: 59

Replied

Vouch great release

  • 0

Discord : Doctor Doom#0550

FumbleTwit

Old Account

Posts: 204

Threads: 8

Joined: Jan, 2021

Reputation: 3

Replied

Vouch

 

/charrssssssss

  • 0

Old account...

Fadh

Fadh#4023

Posts: 90

Threads: 5

Joined: Mar, 2021

Reputation: 9

Replied

vouch ! :pepelove:

  • 0

kyxo in development

Wabz

Winning.js

Posts: 1971

Threads: 143

Joined: Apr, 2020

Reputation: 27

Replied

Vouch! works well

  • 0

My new discord is Wabz#1337 with ID 777154062789509130

Darkn

Darkn | Resigned

vip

Posts: 357

Threads: 67

Joined: Oct, 2020

Reputation: 19

Replied

While I don't code, I can see this being very useful for any DLL developers that need to bypass ROBLOX's new check, so I vouch!

  • 0

@notdarkn | Coco Z Manager | Resigned Fluxus Support
Executors I currently use: Synapse X | Script-Ware M | Sentinel V3 (Soon)

Xorenos

Jimmy "The Carpet" Skovic

Posts: 26

Threads: 0

Joined: Feb, 2021

Reputation: 10

Replied

ShowerHead you also forgot about the cr3 control register bypass, roblox also hooks cr3 and protects CR4 with VM_STRIP_REGISTER and VM_IS_PERMITTED (Screenshot of new ROBLOX AC)

https://cdn.discordapp.com/attachments/789602412343459881/827172784270082068/idascreenshot_2021_04_01_9_24_AM.png

  • 0

You are a feedback loop.

Atadkmunkow

Posts: 76

Threads: 7

Joined: Jan, 2021

Reputation: -1

Replied

nice :thumbsup:

  • 0

u need a free and keyless powerful exploit?

Try A S P E C T

https://discord.gg/nhjbnkth

Users viewing this thread:

( Members: 0, Guests: 1, Total: 1 )