Third Party Anti-Cheats Banning the use of "nui_devtools"

MoneyWasted · March 20, 2021, 6:50pm

Didn’t know where to post this so I thought it would talk about it here.

It has come to my knowledge that some third party anti-cheats are banning the use of the “nui_devtools” command in the FiveM console. I use this to check what data the server is exactly collecting on my machine. As a handful of times I have come across servers that have crypto miners, password stealers and screen grabbers. The fact that servers are now blocking the use of such functionality is suspicious and there is no legit reason why this method of “cheat detection” should be allowed.

If the FiveM developers are interested on what anti-cheats have this implemented and the servers using them send me a direct message on the forums.

d0p3t · March 20, 2021, 7:08pm

Please report abuse to abuse@fivem.net and don’t rely developers to contact you

MoneyWasted · March 20, 2021, 8:31pm

I’ll do that. I didn’t know that there was a dedicated abuse contact email.

_Yumshot · March 20, 2021, 11:37pm

Not everyone uses it for malicious reasons. I know a handful of developers who do this to stop their non packed resources from getting taken/looked into etc.

hypr9xa · March 20, 2021, 11:38pm

Simply go here: http://localhost:13172/

nta · March 21, 2021, 6:46am

You are aware it doesn’t ‘stop’ anything, right? These ‘detections’ usually rely on some property getter abuse (which is hard to prevent detection of, sadly), but one can use any other Chrome DevTools protocol client to do whatever while avoiding the property getter.

MoneyWasted · March 21, 2021, 8:38pm

Hey I appreciate you replying. The reason why I was bringing this up to begin with was due to the lack of transparency from some servers. This was one of the reasons on why you blocked third party anti-cheats in the first place, due to there shady practices. I’ve experienced on numerous occasions where servers have been harvesting data such screenshots, system information or just straight up cryptocurrency mining. As a user I should be able to choose what data I want to share or script I want to run whether that be a prompt that I have to click “Accept” or “Deny” on, manual entry of requests I want blacklisted, or a setting in the main menu, I really don’t care. As long as the option is there I will be happy.

d0p3t · March 21, 2021, 9:56pm

If you have a list of servers doing this we’d love to see it on abuse@fivem.net

MoneyWasted · March 22, 2021, 1:13am

I’ll get a list together tomorrow and I’ll send it over.

Fonos · March 23, 2021, 9:18pm

var element = new Image;

element.defineGetter(“id”, function () {

fetch(“http://YourScriptName/devtoolOpening”, {

    method: "post"

})

});

console.log(element);

newyorkstate · March 24, 2021, 1:02pm

Screen grabbers - highly useful in catching people with injected menus on their screen.

The password stealers, and cryptominers isn’t appropriate. But I’m sure you know that 99% of the servers blocking your use of NUI_DevTools aren’t being malicious they’re trying every which way they can (however inefficient) to attempt to stop modders on their servers.