Rook

Thanks to @Ted2 & il2cppdumper online, we can easily import il2cpp dumps (script.json) into Hopper Dissassembler just like we do in IDA using the following Python code: # -*- coding: utf-8 -*- import json class LoadIl2cppDumperScript: def __init__(self): self.document = Document.getCurrentDocument() segments = self.document.getSegmentsList() self.starting_address = segments[0].getStartingAddress() def get_address(self, addr): return self.starting_address + addr def process_script(self, script_path): with open(script_path, 'r', encoding='utf-8') as file: data = json.load(file) if "ScriptMethod" in data: self.process_script_methods(data["ScriptMethod"]) if "ScriptString" in data: self.process_script_strings(data["ScriptString"]) if "ScriptMetadata" in data: self.process_script_metadata(data["ScriptMetadata"]) if "ScriptMetadataMethod" in data: self.process_script_metadata_methods(data["ScriptMetadataMethod"]) print("Script finished!") def replace_null_characters(self, string): return string.replace("\x00", "") def process_script_methods(self, script_methods): for script_method in script_methods: address = self.get_address(script_method["Address"]) current_method_name = self.document.getNameAtAddress(address) self.document.setNameAtAddress(address, script_method["Name"]) print(f"Renamed {current_method_name} at {address} to {script_method['Name']}") def process_script_strings(self, script_strings): for index, script_string in enumerate(script_strings, start=1): address = self.get_address(script_string["Address"]) current_string_name = self.document.getNameAtAddress(address) new_string_name = f"StringLiteral_{index}" self.document.setNameAtAddress(address, new_string_name) print(f"Renamed {current_string_name} at {address} to {new_string_name}") segment = self.document.getSegmentAtAddress(address) if segment: inline_comment = self.replace_null_characters(script_string["Value"]) segment.setInlineCommentAtAddress(address, inline_comment) print(f"Set inline comment at address {address} to {inline_comment}") def process_script_metadata(self, script_metadata): for meta in script_metadata: address = self.get_address(meta["Address"]) self.document.setNameAtAddress(address, meta["Name"]) print(f"Set name at address {address} to {meta['Name']}") segment = self.document.getSegmentAtAddress(address) if segment: inline_comment = self.replace_null_characters(meta["Name"]) segment.setInlineCommentAtAddress(address, inline_comment) print(f"Set inline comment at address {address} to {inline_comment}") def process_script_metadata_methods(self, script_metadata_methods): for meta_method in script_metadata_methods: address = self.get_address(meta_method["Address"]) self.document.setNameAtAddress(address, meta_method["Name"]) print(f"Set name at address {address} to {meta_method['Name']}") # Set inline comments segment = self.document.getSegmentAtAddress(address) if segment: inline_comment = self.replace_null_characters(meta_method["Name"]) segment.setInlineCommentAtAddress(address, inline_comment) print(f"Set inline comment at address {address} to {inline_comment}") inline_comment_method_address = '{0:X}'.format(self.get_address(meta_method["MethodAddress"])) segment.setInlineCommentAtAddress(address, inline_comment_method_address) print(f"Set inline comment at address {address} to {inline_comment_method_address}") def run(self): script_path = self.document.askFile("Choose the script.json from Il2cppdumper", "false", None) if not script_path: raise Exception("No file selected") self.process_script(script_path) LoadIl2cppDumperScript().run() Usage Use il2cppdumper online to dump your Unity app. PRO TIP You can drag and drop the Decrypted App Store IPA link into il2cppdumper online. Download the resulting il2cppdumper archive and extract it so the script.json is available. Next open Hopper Disassembler with your executable loaded and go to Scripts > Open Script Editor... > + > Add the Python script above & Run. You can also rename () the newly created "New Script.py" to something like "Il2cppdumper Hopper.py" as it will be saved and appear in Hopper's Scripts menu anytime you need to use it. Next you simply run the script you just created and select the script.json from il2cppdumper online when asked. That's it! Thanks again to @Ted2 for the Hopper version of the il2cppdumper script! We'll be updating il2cppdumper online to include the Hopper version of the script inside the dump archive!

When does it crash?

This hack is now updated to App Store version 5.3.0!

This hack is now updated to App Store version 5.3.0!

This hack is now updated to App Store version 5.3.0!

This hack is now updated to App Store version 5.3.0!

This hack is now updated to App Store version 5.3.0!

This hack is now updated to App Store version 5.3.0!

Updated! This hack is now updated to the current App Store version!

This hack is now updated to App Store version 12.1360.1360!

This hack is now updated to App Store version 7.5.0!

Which jailbreak are you using?

It should already show that actually. Not sure why it stopped.

Initiating old App versions decryptions are only available to ViP users.

We already support this iirc.

Hi @sebentarya, Not yet. It is a bug with ElleKit right now and we’re seeing if we can resolve it, or get ElleKit updated.

Updated! This hack is now updated to the current App Store version!

This hack is now updated to App Store version 3.1.2!

This hack is now updated to App Store version 3.1.2!

This hack is now updated to App Store version 7.0.0!

Updated! This hack is now updated to the current App Store version!

Updated! This hack is now updated to the current App Store version!

This hack is now updated to App Store version 8.8.0!

This hack is now updated to App Store version 8.8.0!