What are the options for detecting lua files injected by a client?
I use the “Resource list checking” solution, but as if the resource isn’t there:
SCRIPT ERROR: @UkZcdHxjWT5NRhCAL/UkZcdHxjWT5NRhCAL.lua:9008: attempt to index a nil value (global ‘_Executor_Strings’)
It only appears in the console because it threw an error, but if I list all the resources, it’s not in the list.
The “onClientResourceStart” event does not run either.
Is there or will there be any way to check the list of such invisible resources?
There is no functionality for resource hiding in FiveM at all, you should ask the author of these addons that hide resources if they want to provide an API for that.
Eulen executor, unfortunately they always have some solution
I saw a server where as this rogue program was launched, the client crashed.
This is what I want to achieve as well, as they can be used on our server and I would be excited to detect them.
Or, they may be running a resource that is not in the resource list …
What options do server owners have to investigate client behaviors?
I also came across that the scripthook is disabled, but he ran menyoo asi and used was also injected with eulen.
Use a resource tokenizer to check and match the client and server resource lists every X seconds, use an anticheat (try Badger’s one) along with an Event Scrambler
You cannot track everything that happens on the client (their game process), but you can track what they try to do on the server as well as what resources they’re running. Also, Badger’s AntiCheat prevents most Lua executors, and those that it doesn’t you can always block manually if you have enough code expertise.
Thanks for the recommendations, I already use 80% of these in my own anticheat.
I don’t want to “infect” all my resources because they are an unnecessary load or are no longer injected into resources (as the example above shows).
Random renaming of events is “unnecessary” as there is a dumper in ■■■■■ as well and all events are listed and can be called with any value.
Checking the resource list is also a fallen thing, I wrote above, it does not appear in this list the resource that is in the mod menu and injected.
I have already detected most of the scams, with fake events and reworking of attackable events.
However, these programs provide AIM bots, ESPs that cannot be detected because when I take a picture with the screenshot it doesn’t even show up, or they can use native commands that can’t be disabled or recognized yet.
There’s a rather simple way to achieve that even without any menus, and the best that you can do is kick the players whose pictures are broken - that cannot happen “by itself”, it’s something that gets triggered maliciously.
Because they simply don’t create a new resource but inject the cheat’s Lua code into one of the resources running on your server so that the resource executes the code.
it depends, internal executors almost don’t show up, they almost all create a resource isolated from the normal ones. i don’t see it in the list of client-side resources since the executor many times executes the code in a way that doesn’t register a resource but still have a resource available. however it’s never good to trust the client blindly, since the client can always decide to hide things or not trigger certain things.
do heavy server-side checks for entity creation and triggers and never trust the client
