Scripting Helpers is winding down operations and is now read-only. More info→
Log in to vote
1
I found this script in my mate's game. What does it do?
I was wondering if someone could help me DeObfuscate this malicious script please? I found it in one of my friend's game in workspace and I was wondering what is does.
(Too Long For ScriptingHelpers): https://pastebin.com/ys5LXvpn
2 answers
Log in to vote
1
Hey! I just quickly constant dumped the script and it seems very harmful. Kind of like a cookie logger even though it's impossible in studio.
It also seems to be a Synapse X script (A very popular exploit) because only Synapse X uses syn.request
wait asset Asset Headers request syn https://auth.roblox.com/v2/logout x-csrf-token Url .ROBLOSECURITY= COOKIE Method POST JSONDecode Method Body syn GET request Url https://api.roblox.com/marketplace/productinfo?assetId= Creator Body JSONEncode expectedPrice request expectedCurrency Url CreatorTargetId expectedSellerId syn Method X-CSRF-TOKEN ProductId https://economy.roblox.com/v1/purchases/products/ JSONDecode Headers COOKIE getProductInfo POST .ROBLOSECURITY= purchased buyAsset with status : rconsolewarn Attempted to purchase: Asset spawn cookies newCookieThread next getCsrf math print random cookies getCsrf int2 newCookieThread
0
Thanks! I'll just delete the script. Aiden_12114 79 — 3y
Log in to vote
2
You can't really Deobfuscate code that looks like this. But I'd still delete the script, a truly good script wouldn't need to be obfuscated since there'd be nothing ugly to hide.
You shouldn't risk it, delete the script.