Ted2

MOV R0, #1 for free cost (0x0020)

Try NOP ' 0x4cf248' Also, why do u got all those ;load from memory?

Is there any CMP near the function?

U need to do code injection. See tutorial section for how to do that.

text:004CF252 loc_4CF252 ; CODE XREF: sub_4CEE7C+3CCj __text:004CF252 ADD.W R0, R4, R11,LSL#2 ; Rd = Op1 + Op2 __text:004CF256 LDR R1, [SP,#0x34+var_2C] ; Load from Memory __text:004CF258 STR R1, [R0,#0x10] ; Store to Memory __text:004CF25A LDR.W R0, [R8,#0x30] ; Load from Memory __text:004CF25E ADDS R0, #1 ; Rd = Op1 + Op2 __text:004CF260 STR.W R0, [R8,#0x30] ; Store to Memory __text:004CF264 ADD SP, SP, #0x1C ; Rd = Op1 + Op2 __text:004CF266 POP.W {R8,R10,R11} ; Pop registers __text:004CF26A POP {R4-R7,PC} ; Pop registers to text:004CF252 loc_4CF252 ; CODE XREF: sub_4CEE7C+3CCj __text:004CF252 ADD.W R0, R4, R11,LSL#2 ; Rd = Op1 + Op2 __text:004CF256 LDR R1, [SP,#0x34+var_2C] ; Load from Memory __text:004CF258 STR R7, [R0,#0x10] ; Store to Memory <-------> __text:004CF25A LDR.W R0, [R8,#0x30] ; Load from Memory __text:004CF25E ADDS R0, #1 ; Rd = Op1 + Op2 __text:004CF260 STR.W R0, [R8,#0x30] ; Store to Memory __text:004CF264 ADD SP, SP, #0x1C ; Rd = Op1 + Op2 __text:004CF266 POP.W {R8,R10,R11} ; Pop registers __text:004CF26A POP {R4-R7,PC} ; Pop registers What this does is stores R7 instead of normal coin vlaue

read this comment @Clarify

Yes, but is also bin & nic.pl in it? PS; use quote button, otherwise I wont get a notificatio u replied to me

When you open up ifile, is theos there?

0x4cf25a

It's the address u got from ' w s e -- 0x*****

You need to know coding to build a app lol

AndroidStudio, but it's not that easy as it sounds.

Rip, that;s not what the register read command is for. It's a number in hex, which you need to convert to decimal to see which registers holds your value

doesn't seem to be right. Don't tell me you jumped to adress: 186b2 please

The offset your watchpoint gave you R1 holds 186b2 value (hex value) converted to decimal is ur coin value u said

Go to the offset you got from your watchpoint. You told me R1 holds your coins so hack instructions with R1 in it.

Isn't it just your apple id password

You don't need to enter something lldb. You already got everything you need.

Maybe a check, try hack store though. getCost, get_cost,getPricr, get_price

Hey bro, can you help me ?? jk, goodjob

I didn't know u could read registers with only watchpoints lmao. Alright, what you do now is see in the function the watchpoint gavee you, what you can hack with the register R1

If you have a free .ipa for me, I could atleast try

MOV R0, R7 is the right way to do it. not MOV R7, R0. all instructions read right to left except STR

Did you even breakpoint?

A deb hack is only code that implents itself into the app. You don't make the app itself with it & you don't have to use the app's binary (except when autolipo)