A thing called exploit is usually used of glitches and software vulnerabilities in Roblox by the player to alter the game or earn a lot of money or points for the unfair advantage. The term exploit itself has been defined as the form of cheating. However, the precise meaning of what is not considered the exploit can be debated.
A lot of users believe that the correct term for programs that change Roblox for the advantage of the player is “exploiting”, and the others believe it should be called “hacking”. However, the word “hacking” can be defined as the act of gaining unauthorized access to the system while “exploiting” means abusing the vulnerability to do the same.
According to the official page of exploit on Wiki, exploiting is the bannable offense and the player will be banned if they caught exploiting. Some of the penalties are account deletion, poison or even IP ban, less likely a warning.
There are several kinds of exploits. The first one is BIN injecting. This one is the kind of exploit that is not prevented by FilteringEnabled and very hard to patch. When a thing called launcher is activated with the client running, the launcher will automatically insert the BIL file into the Roblox client. In some cases, it is with the message box. When the inserting is done, the users will be able to use the given tab to either mess up the workspace or insert the script.
The second one is Lua bytecode. When Lua runs the programs, the thing named Lua virtual machine will compile the code to Lua bytecode before it is interpreted. You have to know that this process is irreversible without artifacts via decompilation and thus was frequently used for Code Obfuscation.
The third one is Proto Conversion. After the Lua compiler removed from the client, Roblox create the big changes to Lua VM. Apparently, Roblox compatible bytecode after the change contained heavy use of encryption and obfuscation and needed special signing from the server. It is where all client scripts were compiled. In addition, generating this new bytecode from scratch would prove near impossible for would be exploiters.
The fourth one is Lua Wrapping. There is a new method in order to get the script execution was also in the workd after the heavy VM changes that Roblox implemented. This method which is either called “Lua wrapping” or just “wrapping” became the second most well-known method to get the script execution. This one worked by generating the fake Roblox environment in the normal Lua instance and emulating the regular Roblox environment in C functions emplemented by the exploit.
The fifth one is DLL Injection and the sixth one is Lag Switching. Lag switching is the name of the exploit that has not been patched since the demonstration in 2015. Apparently, loading up the lagswitch will allow you to use the hotkeys available. In case the user troggers the activation, the computer will stop sending signals to the modem which is the user is already using Roblox and can roam around freely, the user has to re-connect the computer to the Internet in 9 seconds or Roblox will shut down.