So with the introduction of Paid Scripts to FiveM Releases what is stopping someone from putting a backdoor into it? Yes, the staff might check the source code but what is stopping the person from just removing the function with the back door in it? Nothing.
It also makes the customer unable to edit the script to their liking, they might not want to use mHacking they might want to use Utkuali’s Fingerprint Hacking Minigame but they cant change it because the resource is obfuscated.
Someone could add a command which deletes the entire user table,
MySQL.Sync.execute("DELETE * FROM user)
Just 1 line which would ruin a server (why you always make SQL Backups) and they can just remove that from the Source Code when they send the script to the Staff Member.
Also some Moderation would be nicer and not having shitty scripts being sold for outrageous prices.
Yup, they’re driven by money. Thats why you still cant Stream Custom Clothes yet, as they know they will lose patreons. The only two good thing they’ve done is increase the max free slots to 48 and the new resource monitor.
I feel you, but like the moderation team has different time zones. Also they are making new scripts for FiveM. Mostly they don’t have that much time for other things. I hope you get your issue resolved, but this is my part of my response.
LUA obfuscation is often easy to by-pass. Also, don’t you ever test the script you buy ? Like you copy-paste it directly on your production production server ? Seems kinda stupid tbh.
Also, you can report such resources to the forum moderation and Tebex in order to get the resource removed and if you are lucky a refund.
Shitty scripts being sold ? Don’t buy them ? You wouldn’t give any attention to it if it was free.
If FiveM is that bad why don’t you use an other framework ? Honestly, this topic makes you look like an entitled kid.
People Shouldn’t have to deobfuscate a script they purchased with their money to give them peace of mind.
The back door might be a command so even if you test it on a test server it might not do anything. It might allow the the script owner to remote load code any time.
Some people might think its the only script like that so they end up purchasing the script, it could be inferior to other ones. Such as this one [ESX] Advanced ammo system [Paid Resource] (which the maker removed because of backlash) was basically an inferior ammo system to disc-ammo charging $24, as disc-ammo is older and this one was newer some people might think this was a better option.
FiveM: Averages 150k Players
■■■■■: Around 2k-3k Players
Rage: MP: Around 20k Players
Yes, some of these are better than FiveM however there is a massive difference in the playerbase and what country the players are normally from. So why wouldn’t you pick FiveM where it is much easier to gain players. Trust me alot of people would move to these frameworks if the playerbase was much more. However FiveM is where most people are at.
Stop talking without knowing, that script was removed for other reasons. Also, the FiveM staff verified that it had nothing to do with other scripts (In case there was a similarity in the code, they would delete it themselves, not me)
I don’t want to be rude, but if a server owner or staff have the knowledge to edit a paid script, why not to do the entire script instead? also most of the paid scripts are easy to do, and with the money to buy it you can pay a average scripter/programmer who can do it just as good and with your preferences already set
maybe you can by-pass and see the actual code of the scripts but most of the Developers that obfuscate their code have a clear Terms of service to don’t do it. if you are willing to violate their TOS AND you have the skills and required softwares to by-pass it you can see the actual source code.
and btw testing the obfuscate script will not reveal the backdoors. backdoors are meant to be hidden. the only way to see them is the actual source code.
more than 80% of the customers does not have required software and skill to by-pass the actual obfuscation. and if they do they don’t have enough lua skills to check the script itself and look for the by-passes.
the problem is clear. and until the fivem bring its own protection for the leaking problem it will stay like this. because developers are not willing to sacrifice money
editing a script is way easier than developing a new one.
for example adding a new command for My discord to fivem script is way easier than developing the Script itself.
and i can think of a scenario that happens alot! maybe the server owner wants to make some changes in the code for his/her server needing and asks someone to do it for him. with obfuscated script its not possible.
and also beside the editing problem with obfuscated scripts. another thing is privacy and clearance.
as a developer. i can understand the logic behind obfuscating the scripts and protecting them from leaking. but if i was the customer i would like to have access to every part of the thing that i pay for. selling a obfuscated script is like buying a house without having permission to change anything in the interior design. you can use it. you can live in it. but you cannot change it.
Never said it was Disc-ammo said it was inferior to disc-ammo.
And if you look at what you said in the 1st post that you removed it because of the shit community,
Im guessing you think FiveM is a shit community because of the backlash you got.
Some people might not have the knowledge to fully make the script.
They might just want to change the look of the 3D Text or for ESX make it so it works with the Weight System introduced in 1.2 as the script might be made for the limit system. Instead they have to go to the script maker and get these tiny things changed, it would be much easier if it wasn’t obfuscated.
Sad to read what you wrote this much time later
Just to say someone should use a different platform ? Why are you so entitled to your opinion and that someone should just F off if they don’t like it, sad man
And yes, when you purchase smth new you are excited and believe that if they made this much security for assets that the assets are screens properly to not inject hidden viruses to people
If they don’t check and you just think it’s down to the costumer to work out a escrowed asset you are more gone than I thought…
try to use the brain
