Ted2

Hahah, funny this. 2 mins ago I searched for this & found it on android forum Anyways, thankss

thankssss

Thanks mate!

heyy I was wondering if we could encrypt or hacks, so people can't read the functions you've used in your hack.. For example that a game dev won't be able to see what you did..

naice mate, but I see it's a document folder & you say in the post that jailbreak is required..? Anyways, goodjob

Yess, - https://iosgods.com/topic/30729-simple-smali-hacking/ - https://iosgods.com/topic/43631-smali-hacking-tutorial-2-boolean/

Once you changed a value in the game, you can't just create a .apk from your current data, sadly. Sometimes it's stored in data/data/packagenameofgame/sharedpreferences. Most of the time if it's written there, it's also written in the smali files. But just create a backup of your hacked app is not possible.

Why do you name TapTitans2 specific? I mean there are tutorials, but on diffrent games..

Hmm, will try. Thanks again ❤

Yes, but those have got a symbol..

Heyy I'm not sure if this function is hackable at all, but this is the function: _Currency_HasAmount_m708671023 PUSH {R4-R7,LR} ADD R7, SP, #0xC PUSH.W {R8,R10,R11} SUB SP, SP, #8 MOVW R5, #:lower16:(__ZZ29Currency_HasAmount_m708671023E24s_Il2CppMethodIntialized - 0x142EEA) ; Currency_HasAmount_m708671023::s_Il2CppMethodIntialized MOV R4, R0 MOVT.W R5, #:upper16:(__ZZ29Currency_HasAmount_m708671023E24s_Il2CppMethodIntialized - 0x142EEA) ; Currency_HasAmount_m708671023::s_Il2CppMethodIntialized MOV R8, R1 ADD R5, PC ; Currency_HasAmount_m708671023::s_Il2CppMethodIntialized LDRB R0, [R5] ; Currency_HasAmount_m708671023::s_Il2CppMethodIntialized CBNZ R0, loc_142F02 Can this function be added into a MSHook tweak, if yes What's the symbol & what's the function what I'll need to use Thankyou in advance

I don't think you can man..

Haha no probs

Thankyou

Added Video Tutorial, goodluck guys!

Thanks & what's wrong with them?

Thanks man.. but I screwed up the spoilers & at the end the credits.. You know how to do them right?

Hey! Long time ago, I made a Smali Hacking tutorial! Find it here: https://iosgods.com/topic/30729-simple-smali-hacking/ Today, I wanna create a new one. This one is about boolean hacking boolean = FALSE/TRUE Can be written in diffrent ways: FALSE --> '0x0' or just '0' (smali only 0x0, atleast for what I've worked on) TRUE --> '0x1' or just '1' (smali also only 0x1, again atleast for what I've worked on) The game in this tutorial: https://play.google.com/store/apps/details?id=com.fungamesforfree.snipershooter.free&hl=nl Download the game on your pc & decompile it, how? - https://iosgods.com/topic/43411-decompile-recompile-apk-without-a-tool-like-advancedapktool-etc/ or use a tool: - https://iosgods.com/topic/30893-advanced-apktool-windows-download-link/ Once decompiled, it will look like this: Open up Sublime Text, Notepad++ or something like that. We're gonna search for functions in ALL smali files. How we do that is simple, once you opened Sublime Text you have a option 'Find' Go to 'Find' - 'Find in files', now locate the smali folder from the decompiled apk Will look like this: So, for what kind of functions do we need to search? Well, every game is diffrent, in some you won't even success. Some example functions: -hasUnlocked -isUnlocked -isLocked -hasUpgraded -isUpgraded -has'itemofgame' -hasPurchased'itemofgame' -is'itemofgame'Purchased' -is'itemofgame'locked -is'itemofgame'unlocked etc etc. The game we have, includes weapons. We will try 'hasUnlocked' first: 0 matches. We will try 'isUnlocked' & 'isLocked' 0 matches for both We will try 'has'itemofgame' = 'hasWeapon' 0 matches We will try 'hasPurchased'itemofgame'' = 'hasPurchasedWeapon' 0 matches We will try 'isWeaponPurchased' 14 Matches in 6 files. So, we got which matches in the files. This does NOT mean, it's the right one. Let's have a look This is what we got: You see what we got? The one marked with '~' is the location of the .smali where our matches has been found. you'll see the most do locate to GameData.smali (under '~' they locate to com/fungamesforfree/snipershooter/data/GameData.smali: OUR SECOND match IS GameData.smali, so we REALLY need to check this one out, also the name of it is intresting! So let's open the second one (double click on it in your text viewer (sublime text in my case) /Users/Joey/Desktop/apktool/ssf/smali/com/fungamesforfree/snipershooter/data/GameData.smali: The whole code until the function is ended, is pretty long. It's like this: It's a long one, but actually not, the function is: 'isWeaponPurchased' & right after that we get the boolean code. This is the code we'll work with: .method public isWeaponPurchased(I)Z --> Function, the 'Z' is boolean .locals 5 .prologue const/4 v1, 0x0 --> earlier explained: 0x0 means false What do we do? Functions is: isWeaponPurchased, the code under it says NO IT IS NOT (0x0) SOOOOO, WE CHANGE IT TO: 0x1, because that means TRUE. .method public isWeaponPurchased(I)Z .locals 5 .prologue const/4 v1, 0x1 --> changed to true Recompile it to a apk, sign it & test it! When you tested your .apk, you see only the last 3 weapons are unlocked, the ones you needed to purchase with real money. I couldn't figure out how to hack the other weapons by code, maybe I missed something. Luckily the money can be hacked with eyes closed Coins are written in the same smali as the weapons, search for 'getMoney' You'll get two matches - invoke-virtual {p0}, Lcom/fungamesforfree/snipershooter/data/GameData;->getMoney()I - .method public getMoney()I it's the second one, because under the second one you'll find this code: .method public getMoney()I .locals 3 .prologue .line 351 iget-object v0, p0, Lcom/fungamesforfree/snipershooter/data/GameData;->preferences:Landroid/content/SharedPreferences; const-string v1, "e" const/4 v2, 0x0 ---> remove the /4 + add your own value (in hex) invoke-interface {v0, v1, v2}, Landroid/content/SharedPreferences;->getInt(Ljava/lang/String;I)I move-result v0 return v0 .end method This is how I'll code it: .method public getMoney()I .locals 3 .prologue .line 351 iget-object v0, p0, Lcom/fungamesforfree/snipershooter/data/GameData;->preferences:Landroid/content/SharedPreferences; const-string v1, "e" const v2, 0xfffffff invoke-interface {v0, v1, v2}, Landroid/content/SharedPreferences;->getInt(Ljava/lang/String;I)I move-result v0 return v0 .end method Recompile, sign it & test it. Proof: Video Tutorial: Hope you learned something, might make a video tutorial for it too. Credits: @Ted2 PS: I'm not hiding this tutorial because I want everyone be able to check it without giving me a like or reply, but if it helps. Please, hit the thanks &/or rep button

Goodjob

Lemme upload it for you, will give you a link in a few seconds here ya go: https://drive.google.com/open?id=0B_qzxquukQ6RNGE5Y3RyTi1yYzA

I think it's possible, but I suck so sorry xxxxxx

Pfft, gimme your skills

lemme see

Compared what games , sometimes I can, sometimes I just can't figure anything out.