Ted2

oh. can you tell me some?

Yes.. but don't I need to understand the basics of changing functions before doing it on games which are 874887 times harder?

When I try that I don't even know what I have to search. I am trying to learn iDA Hacking....

I know. Flex 2 can do it too. I just want to learn it...

Hi, I am here again. Really want to learn IDA Game Hacking but still nothing is succesfull. This is the code: ; ShopViewController - (void)setEstoqueDeRetry:(int) ; void __cdecl -[ShopViewController setEstoqueDeRetry:](struct ShopViewController *self, SEL, int) __ShopViewController_setEstoqueDeRetry__ MOV R1, #(_OBJC_IVAR_$_ShopViewController.estoqueDeRetry - 0x50244) ; int estoqueDeRetry; ADD R1, PC ; int estoqueDeRetry; LDR R1, [R1] ; int estoqueDeRetry; STR R2, [R0,R1] BX LR I changed it to: ; ShopViewController - (void)setEstoqueDeRetry:(int) ; void __cdecl -[ShopViewController setEstoqueDeRetry:](struct ShopViewController *self, SEL, int) __ShopViewController_setEstoqueDeRetry__ MOV R1, #(_OBJC_IVAR_$_ShopViewController.estoqueDeRetry - 0x50244) ; int estoqueDeRetry; ADD R1, PC ; int estoqueDeRetry; LDR R7, [R1] ; int estoqueDeRetry; STR R7, [R0,R1] BX LR it does act like a NOP to me now :// any help..?

Hmm not working. Guess the function isn't hackable then?

Thanks & oh really? no mac version of it -__- damn that sucks

Lmao

Oh god, is that game even unity coded?

Don't get your question. I don't understand you either

Hey there A new tutorial for you guys. Today I'll show you how to hack unity games. The file you will hack of a unity game is here: apk-assets-bin-Data-Managed-Assembly-CSharp.dll What do we need? - Java SE v8 - .Net Reflector --> http://bit.ly/28YD3WW (Cracked version) - Reflexil to edit the functions easier --> http://reflexil.net/ OR http://bit.ly/28WgqC6 - The apk you want to hack, I use subway surfer for this version (I'll use a old version because Bluestacks can't handle a new version) - 7zip,winrar etc to unzip the .apk. - ZipSigner: https://play.google.com/store/apps/details?id=kellinwood.zipsigner2&hl=en Apk I use: http://bit.ly/292NcGK NOTE: Not any game is a unity game. Let's start! Okey, so.. Open the program .Net Reflector after you installed it. Load the Assembly-CSharp.dll in it. You find this file after you did unzip the apk in: assets-bin-Data-Managed-HERE I always remove all the other files on the left side using the "Delete/Del" button on your keyboard because they're anoying as f*ck. Once they're gone, open the file from the game in the program. Let's set up reflixil now. You've downloaded the reflexil file, you should've unzipped it. In reflector you see a option called "Tools", go to it, go to "Add-Ins" and now click on the "+" icon. Locate to your unzipped folder, and select "Reflexil.Reflector.AIO". Now go again to "Tools" and select Reflexil v2.0 It will look like this now: Now click the search button or "f3" button & now you have to turn on "Search Member" CTL + M OR: Okey, Let's search for some functions. There are multiply options of coure, but I'll call some here: Coins Gems Gold Diamonts Money Cash Currency get_'gold,coins etc' get_amountof'coins,keys,etc' isUnlocked isLocked isFree etc etc etc So, Subway Surfers does have allot features which can be hacked. Let's hack the coins, keys, boards & characters in this tutorial coins & keys are int value's & board & characters are boolean value's Let's search for 'coins'. I got ALLOT matches so do you, I will not show you a screenshot. Let's search for 'get_coins'. You got only a few matches, normaly when you find this match in a game you will hack it. I did it too, but it didn't had any effect so I won't waste your time by doing it. Let's search for 'get_amountof'. We got this: It seems very intresting to me, why? Well we got matches with keys & coins + the declaring type is 'PlayerInfo' in my opinion that's intresting. Let's double click 'get_amountOfCoins' we got this: So what now? Well, ALWAYS delete this OpCode 'Idfld'. You don't want that one loaded. Now, change Idarg.0 to 'idc.i4' by clicking right mouse button on Idarg.0 and click edit. It will look like this: NOTE: Change Operand type to Int32!!!! Click 'Update' and do the same for 'get_amountOfKeys' Now let's unlock the hoverboards. Search for: isUnlocked, no match you'll see. Search for isHoverboardUnlocked You got 2 matches, which one will you take? Well the one with declaring type 'HoverboardStickerManager' says this: See this: 'It says: return PlayerInfo.Instance.isHoverboardUnlocked(type);' Double click isHoverboardUnlocked because it says that's what it returns. WOW! You got ALLOT bullsh*t around there What do we want to do with the function? Return it to TRUE ofcourse! What do we do now? In this menu (see picture) we have to keep only 2 instructions, it doesn't matter which one. Just delete everything until you keep 2 instructions After deleting until there are 2 instructions, it will look like this (you may have other instructions): I got this, you can get totally something else. I'll explain you what this means anyways because we both need those instructions to hack it See the OpCode of both Idc.i4,0 --> FALSE ret ---> RETURN --> Offset of ret is '1' this means "TRUE" So it says: HoverboardUnlocked = FALSE = TRUE... hmmmm bleghhhh What to do now? Change the first instructions (Idc.i4.0) to Idc.i4.1 this means TRUE IF your second instruction is NOT 'ret' then change it to 'ret'. What it says now: HoverboardUnlocked = TRUE = TRUE Let's do the same for the Characters.. Search for 'isCharacterUnlocked' you may get more matches.I do only get one... It tells me it does return 'PlayerInfo.Instance.IsCollectionCompelete(type); Double Click isCollectionComplete. Delete all instructions until you keep 2 over Change the first instruction to 'Idc.i4.1' and change the second to 'ret' (RETURN) TIP: The Subway Surfers Tutorial is very anoying in my opinion. Search for: get_IsTutorialCompleted and return it to true like you did with the Hoverboards & Characters! Okey.. we're done. Save the Assembly-CSharp.dll How? Click 'Save as...' --> locate to the unzipped .apk-assets-bin-Data-Managed, it will tell you to save it as: Assembly-CSharp.Patched.dll but we want it as: Assembly-CSharp.dll It will ask if you want to overwrite, click yes. Locate to your unzipped .apk - select ALL files - make a .zip archive but rename the .zip to apk: Copy your .apk to your phone or to bluestacks, sign in it with zipsigner Zipsigner: https://play.google.com/store/apps/details?id=kellinwood.zipsigner2&hl=en Open ZipSigner find your .apk by clicking here: When you found it, click 'Sign The File' and wait. After it's done signing, locate it in your file manager & install it. Open it when it's done NOTE: If you don't like non serious people, skip the upcomming screenshot and go to one after it lol.. Moment of truth....... Silence please..... IS IT HACKED???! Kidding me, Bluestacks hates me: Let's open again -___- Ah I got it working. Coins & Keys: Characters: Hoverboards: Functions WE hacked: get_amountOfCoins get_amountOfKeys isHoverboardUnlocked isCharacterUnlocked some of you may did: get_isTutorialCompleted because I mentioned that one too. EXTRA isThemeUnlockedForCharacter isThemeSeen isThemeOwned isThemeActive get_DoubleScore get_ScoreMultiplier Declaring Type ´PlayerInfo´ are the most functions in to be hacked. Hope you learned something from this tutorial! Credits: xShadowGhostx

I see this: bool __cdecl -[CurrencyWallet spendValue:](struct CurrencyWallet *self, SEL, unsigned int) __text:00071F40 __CurrencyWallet_spendValue__ __text:00071F40 PUSH {R4,R7,LR} __text:00071F42 ADD R7, SP, #4 __text:00071F44 MOV R4, R0 __text:00071F46 MOV R0, #(_OBJC_IVAR_$_CurrencyWallet._quantity - 0x71F52) ; unsigned int _quantity; __text:00071F4E ADD R0, PC ; unsigned int _quantity; __text:00071F50 LDR R0, [R0] ; unsigned int _quantity; __text:00071F52 LDR R1, [R4,R0] __text:00071F54 CMP R1, R2 __text:00071F56 ITT CC __text:00071F58 MOVCC R0, #0 __text:00071F5A POPCC {R4,R7,PC} __text:00071F5C MOVW R3, #(:lower16:(selRef_notifyChanges - 0x71F6C)) __text:00071F60 SUBS R1, R1, R2 __text:00071F62 MOVT.W R3, #(:upper16:(selRef_notifyChanges - 0x71F6C)) __text:00071F66 STR R1, [R4,R0] __text:00071F68 ADD R3, PC ; selRef_notifyChanges __text:00071F6A MOV R0, R4 __text:00071F6C LDR R1, [R3] ; "notifyChanges" __text:00071F6E BLX.W _objc_msgSend __text:00071F72 MOV R0, #(selRef_persistQuantity - 0x71F7E) __text:00071F7A ADD R0, PC ; selRef_persistQuantity __text:00071F7C LDR R1, [R0] ; "persistQuantity" __text:00071F7E MOV R0, R4 __text:00071F80 BLX.W _objc_msgSend __text:00071F84 MOVS R0, #1 __text:00071F86 POP {R4,R7,PC} I assumed that after "__text:00071F56 ITT CC" something else started.. not sure tho...

Will check in a few minutes. Pc randomly turned off so have to load it again.

Crash..

Hey there, I am trying to understand IDA Game Hacking, but I am not really getting it. Did read all tutorials like 947845874 times... I think this function is hackable: bool __cdecl -[CurrencyWallet spendValue:](struct CurrencyWallet *self, SEL, unsigned int) __text:00071F40 __CurrencyWallet_spendValue__ ; DATA XREF: __objc_const:00DAA128o __text:00071F40 PUSH {R4,R7,LR} __text:00071F42 ADD R7, SP, #4 __text:00071F44 MOV R4, R0 __text:00071F46 MOV R0, #(_OBJC_IVAR_$_CurrencyWallet._quantity - 0x71F52) ; unsigned int _quantity; __text:00071F4E ADD R0, PC ; unsigned int _quantity; __text:00071F50 LDR R0, [R0] ; unsigned int _quantity; __text:00071F52 LDR R1, [R4,R0] __text:00071F54 CMP R1, R2 I though the 'MOV R4, R0' could be hacked or 'PUSH {R4,R7,LR}' I have this problem with like any game, I've no idea what to do... any help? Thanks in advance,

Ace Yose iOS 9. Use it all the time )

Try this: after done that, open freedom, launch app & try... EDIT: Have you tried all these? https://iosgods.com/topic/30776-4-apps-to-hack-in-app-purchase-in-android/#entry1064139

What version of Freedom do you have? What version of Lollipop? Latest Play Store (6.0) apparently breaks Freedom functionality, causing both Play Store and the respective app to force close upon trying to make a purchase. The only workaround is to uninstall Play Store updates and force stop Play Store from settings, and manage to start freedom, start the app, and make the purchase before Play Store auto-updates itself.

Great hack, you're good at android hacking don't you?

Thanks Thankyou

For the ones who want a challenge File: ar.smali code: if-nez v3, :cond_0 sget-object v3, Lcom/topfreegames/bikerace/e;->"BIKENAME":Lcom/topfreegames/bikerace/e; invoke-virtual {p1, v3}, Lcom/topfreegames/bikerace/e;->equals(Ljava/lang/Object;)Z move-result v3NOTE: This the a code for only one bike. Goodluck & have fun

Modded Game Name: Bike Race Pro by T.F.Games Google Play Store Link: https://play.google.com/store/apps/details?id=com.topfreegames.bikeraceproworld&hl=nl Rooted Device: NO Mod Features: - Unlock All Bikes (Except Tournaments, those are server sided) - Infite Tickets (for replay) - Infite Free Ucl Tracks Hack Download Link: [Hidden Content] Installation Instructions: Step 1: Download the .apk from the "Hack Download Link:" Step 2: After it's done, locate to your downloads folder. Step 3: Click on the apk & hit install Step 4: Enjoy! Note: Make sure you have enabled 'Unknown Sources' in settings before installing the Modded APK. If you encounter issues, our Frequently Asked Questions topic may help you. Need a iOS Bike Race Hack?: http://bit.ly/1ozLHCX (VIDEO) https://iosgods.com/topic/19383-bike-race-pro-bikeracetfg-all-bikes-hack/ Credits: - xShadowGhost (BikeRaceJ) Mod Video/Screenshots: Video is by BikeRaceJ, BikeRaceJ = xShadowGhost, xShadowGhost = ME

Thanks

trying... sorry i suck lel