Last updated 06 January 2020
Hi there.
As most of you will know, there is a large amount of hackers/cheaters in the FiveM community. They usually use a combination of a “Lua executor” and a “Lua menu”. Other forms of cheats involve Cheat Engine or bypassing the disabled Scripthook feature.
The most used cheat in Lua menus is abusing vulnerable and exploitable events to give one more money, handcuff everyone, ban players, and so on.
I would like to give you all a list of known vulnerable/exploitable events that are being actively abused by cheaters. This to encourage anyone having these events in their resources to fix them. Those not running an ESX/vRP server can also take advantage of this list by simply listening to the events and straight out banning anyone using them.
See How hackers can exploit your servers and what to do about it for an overview of how such an exploit may work.
IF YOU FIX ANY OF THESE VULNERABLE EVENTS OR KNOW A GOOD COUNTER, TELL THE RESOURCE CREATOR AND/OR CREATE A PULL REQUEST ON THEIR REPOSITORY
(I personally do not use any of these events so I simply listen for and ban - See example on the bottom)
Click here for all events as files.
The snippet below is comprised of two lists; Vulnerable events triggered by TriggerServerEvent and TriggerEvent (Client side exploits). (It’s longer, scroll through the snippet)
Server side
This list is huge. See this list for complete overview!
local ForbiddenEvents = {
"8321hiue89js",
"adminmenu:allowall",
"AdminMenu:giveBank",
"AdminMenu:giveCash",
"AdminMenu:giveDirtyMoney",
"Tem2LPs5Para5dCyjuHm87y2catFkMpV",
"dqd36JWLRC72k8FDttZ5adUKwvwq9n9m",
"antilynx8:anticheat",
"antilynxr4:detect",
"antilynxr6:detection",
"ynx8:anticheat",
"antilynx8r4a:anticheat",
"lynx8:anticheat",
"AntiLynxR4:kick",
"AntiLynxR4:log",
"bank:deposit",
"bank:withdraw",
"Banca:deposit",
"Banca:withdraw",
"BsCuff:Cuff696999",
"CheckHandcuff",
"cuffServer",
"cuffGranted",
"DiscordBot:playerDied",
"DFWM:adminmenuenable",
"DFWM:askAwake",
"DFWM:checkup",
"DFWM:cleanareaentity",
"DFWM:cleanareapeds",
"DFWM:cleanareaveh",
"DFWM:enable",
"DFWM:invalid",
"DFWM:log",
"DFWM:openmenu",
"DFWM:spectate",
"DFWM:ViolationDetected",
"dmv:success",
"eden_garage:payhealth",
"ems:revive",
"esx_ambulancejob:revive",
"esx_ambulancejob:setDeathStatus",
"esx_billing:sendBill",
"esx_banksecurity:pay",
"esx_blanchisseur:startWhitening",
"esx_carthief:alertcops",
"esx_carthief:pay",
"esx_dmvschool:addLicense",
"esx_dmvschool:pay",
"esx_drugs:startHarvestWeed",
"esx_drugs:startTransformWeed",
"esx_drugs:startSellWeed",
"esx_drugs:startHarvestCoke",
"esx_drugs:startTransformCoke",
"esx_drugs:startSellCoke",
"esx_drugs:startHarvestMeth",
"esx_drugs:startTransformMeth",
"esx_drugs:startSellMeth",
"esx_drugs:startHarvestOpium",
"esx_drugs:startTransformOpium",
"esx_drugs:startSellOpium",
"esx_drugs:stopHarvestCoke",
"esx_drugs:stopTransformCoke",
"esx_drugs:stopSellCoke",
"esx_drugs:stopHarvestMeth",
"esx_drugs:stopTransformMeth",
"esx_drugs:stopSellMeth",
"esx_drugs:stopHarvestWeed",
"esx_drugs:stopTransformWeed",
"esx_drugs:stopSellWeed",
"esx_drugs:stopHarvestOpium",
"esx_drugs:stopTransformOpium",
"esx_drugs:stopSellOpium",
"esx:enterpolicecar",
"esx_fueldelivery:pay",
"esx:giveInventoryItem",
"esx_garbagejob:pay",
"esx_godirtyjob:pay",
"esx_gopostaljob:pay",
"esx_handcuffs:cuffing",
"esx_jail:sendToJail",
"esx_jail:unjailQuest",
"esx_jailer:sendToJail",
"esx_jailer:unjailTime",
"esx_jobs:caution",
"esx_mecanojob:onNPCJobCompleted",
"esx_mechanicjob:startHarvest",
"esx_mechanicjob:startCraft",
"esx_pizza:pay",
"esx_policejob:handcuff",
"esx-qalle-jail:jailPlayer",
"esx-qalle-jail:jailPlayerNew",
"esx-qalle-hunting:reward",
"esx-qalle-hunting:sell",
"esx_ranger:pay",
"esx:removeInventoryItem",
"esx_truckerjob:pay",
"esx_skin:responseSaveSkin",
"esx_slotmachine:sv:2",
"esx_society:getOnlinePlayers",
"esx_society:setJob",
"esx_vehicleshop:setVehicleOwned",
"hentailover:xdlol",
"JailUpdate",
"js:jailuser",
"js:removejailtime",
"LegacyFuel:PayFuel",
"ljail:jailplayer",
"lscustoms:payGarage",
"mellotrainer:adminTempBan",
"mellotrainer:adminKick",
"mellotrainer:s_adminKill",
"NB:destituerplayer",
"NB:recruterplayer",
"OG_cuffs:cuffCheckNearest",
"paramedic:revive",
"police:cuffGranted",
"unCuffServer",
"uncuffGranted",
"vrp_slotmachine:server:2",
"whoapd:revive",
"gcPhone:_internalAddMessageDFWM",
"gcPhone:tchat_channelDFWM",
"esx_vehicleshop:setVehicleOwnedDFWM",
"esx_mafiajob:confiscateDFWMPlayerItem",
"_chat:messageEntDFWMered",
"lscustoms:pDFWMayGarage",
"vrp_slotmachDFWMine:server:2",
"Banca:dDFWMeposit",
"bank:depDFWMosit",
"esx_jobs:caDFWMution",
"give_back",
"esx_fueldDFWMelivery:pay",
"esx_carthDFWMief:pay",
"esx_godiDFWMrtyjob:pay",
"esx_pizza:pDFWMay",
"esx_ranger:pDFWMay",
"esx_garbageDFWMjob:pay",
"esx_truckDFWMerjob:pay",
"AdminMeDFWMnu:giveBank",
"AdminMDFWMenu:giveCash",
"esx_goDFWMpostaljob:pay",
"esx_baDFWMnksecurity:pay",
"esx_sloDFWMtmachine:sv:2",
"esx:giDFWMveInventoryItem",
"NB:recDFWMruterplayer",
"esx_biDFWMlling:sendBill",
"esx_jDFWMailer:sendToJail",
"esx_jaDFWMil:sendToJail",
"js:jaDFWMiluser",
"esx-qalle-jail:jailPDFWMlayer",
"esx_dmvschool:pDFWMay",
"LegacyFuel:PayFuDFWMel",
"OG_cuffs:cuffCheckNeDFWMarest",
"CheckHandcDFWMuff",
"cuffSeDFWMrver",
"cuffGDFWMranted",
"police:cuffGDFWMranted",
"esx_handcuffs:cufDFWMfing",
"esx_policejob:haDFWMndcuff",
"bank:withdDFWMraw",
"dmv:succeDFWMss",
"esx_skin:responseSaDFWMveSkin",
"esx_dmvschool:addLiceDFWMnse",
"esx_mechanicjob:starDFWMtCraft",
"esx_drugs:startHarvestWDFWMeed",
"esx_drugs:startTransfoDFWMrmWeed",
"esx_drugs:startSellWeDFWMed",
"esx_drugs:startHarvestDFWMCoke",
"esx_drugs:startTransDFWMformCoke",
"esx_drugs:startSellCDFWMoke",
"esx_drugs:startHarDFWMvestMeth",
"esx_drugs:startTDFWMransformMeth",
"esx_drugs:startSellMDFWMeth",
"esx_drugs:startHDFWMarvestOpium",
"esx_drugs:startSellDFWMOpium",
"esx_drugs:starDFWMtTransformOpium",
"esx_blanchisDFWMseur:startWhitening",
"esx_drugs:stopHarvDFWMestCoke",
"esx_drugs:stopTranDFWMsformCoke",
"esx_drugs:stopSellDFWMCoke",
"esx_drugs:stopHarvesDFWMtMeth",
"esx_drugs:stopTranDFWMsformMeth",
"esx_drugs:stopSellMDFWMeth",
"esx_drugs:stopHarDFWMvestWeed",
"esx_drugs:stopTDFWMransformWeed",
"esx_drugs:stopSellWDFWMeed",
"esx_drugs:stopHarvestDFWMOpium",
"esx_drugs:stopTransDFWMformOpium",
"esx_drugs:stopSellOpiuDFWMm",
"esx_society:openBosDFWMsMenu",
"esx_jobs:caDFWMution",
"esx_tankerjob:DFWMpay",
"esx_vehicletrunk:givDFWMeDirty",
"gambling:speDFWMnd",
"AdminMenu:giveDirtyMDFWMoney",
"esx_moneywash:depoDFWMsit",
"esx_moneywash:witDFWMhdraw",
"mission:completDFWMed",
"truckerJob:succeDFWMss",
"99kr-burglary:addMDFWMoney",
"esx_jailer:unjailTiDFWMme",
"esx_ambulancejob:reDFWMvive",
"DiscordBot:plaDFWMyerDied",
"esx:getShDFWMaredObjDFWMect",
"esx_society:getOnlDFWMinePlayers",
"js:jaDFWMiluser",
"h:xd",
"adminmenu:setsalary",
"adminmenu:cashoutall",
"bank:tranDFWMsfer",
"paycheck:bonDFWMus",
"paycheck:salDFWMary",
"HCheat:TempDisableDetDFWMection",
"esx_drugs:pickedUpCDFWMannabis",
"esx_drugs:processCDFWMannabis",
"esx-qalle-hunting:DFWMreward",
"esx-qalle-hunting:seDFWMll",
"esx_mecanojob:onNPCJobCDFWMompleted",
"BsCuff:Cuff696DFWM999",
"veh_SR:CheckMonDFWMeyForVeh",
"esx_carthief:alertcoDFWMps",
"mellotrainer:adminTeDFWMmpBan",
"mellotrainer:adminKickDFWM",
"esx_society:putVehicleDFWMInGarage"
}
Example how to block server events you don’t use:
for i, eventName in ipairs(ForbiddenEvents) do
RegisterNetEvent(eventName)
AddEventHandler(
eventName,
function()
local _source = source
local name = GetPlayerName(_source)
local steam = ""
local license = ""
local discord = ""
local xbl = ""
local live = ""
local fivem = ""
for k, v in pairs(GetPlayerIdentifiers(_source)) do
if string.sub(v, 1, string.len("steam:")) == "steam:" then
steam = v
elseif string.sub(v, 1, string.len("license:")) == "license:" then
license = v
elseif string.sub(v, 1, string.len("xbl:")) == "xbl:" then
xbl = v
elseif string.sub(v, 1, string.len("discord:")) == "discord:" then
discord = v
elseif string.sub(v, 1, string.len("live:")) == "live:" then
live = v
elseif string.sub(v, 1, string.len("fivem:")) == "fivem:" then
fivem = v
end
end
BanPlayer(license, steam, xbl, live, discord, fivem, 9000, "Event Hacker", true, _source) -- replace with own ban logic
end
)
end
Client side
This list is huge. See this list for complete overview!
local ForbiddenClientEvents = {
"ambulancier:selfRespawn",
"bank:transfer",
"esx_ambulancejob:revive",
"esx-qalle-jail:openJailMenu",
"esx_jailer:wysylandoo",
"esx_society:openBossMenu",
"esx:spawnVehicle",
"esx_status:set",
"HCheat:TempDisableDetection",
"UnJP"
}
Example how to block client events you don’t use:
local AlreadyTriggered = false
for i, eventName in ipairs(ForbiddenClientEvents) do
AddEventHandler(
eventName,
function()
if AlreadyTriggered == true then
CancelEvent()
return
end
TriggerServerEvent("ggac:banMe", 9000, "Cheating", nil, true) -- replace with your own event to ban
AlreadyTriggered = true
end
)
end
Bonus
If you don’t run esx it’s often even easier to catch cheaters as most cheat menus try to check if you use esx by using the “famous” esx:getSharedObject event.
AddEventHandler(
"esx:getSharedObject",
function(cb)
if AlreadyTriggered == true then
CancelEvent()
cb(nil)
return
end
TriggerServerEvent("ggac:banMe", 9000, "Cheating", nil, true)
AlreadyTriggered = true
cb(nil)
end
)
