Happy Secret

H5GG Menu with ARM64 Instruction and Unity Support (work on non-jailbroken) 

H5GG Enhanced Menu Tutorial:

NEW  

Added new HTML Menu (bundle with H5GG standard menu)

UPDATE  

Version 1.9.6:
Quite a number of improvement in this release. If you are using older version, strongly suggest you to move on this version.
1. Added support for using Offset to search for Method under Unity Static Analyser. YES, you can now use the offset from debug mode or iGameGod to locate the method that you are interested.
    If you are advanced iGameGod user, you sometime might experience situation that you found an offset of an assembly instruction that changes the value that you are interested. However, in iGameGod, it didn't actually give you any indication of what method is it. 
    Now, in Unity Static Analyser, you can input instruction offset to local the corresponding cached method info. Of course you would like to skip last two or three digits of your offset. This search is an exact (partial) match. 
2. Added Dictionary support for look up known Unity User Object from address. YES, Meaning you can now use any value address (random address) inside a dictionary object, to locate the corresponding Unity User Object.
    Sometime, when you use memory search feature, you have located an address that hold the value that you interested. It could be HP, Gold, etc. However, cannot locate the Unity User Object that holding this value.
    This supposed to be a feature that exists for long time. The reason why you cannot locate it this time is, the value is stored inside a Dictionary inside the Unity User Object. It is not directly inside a field of the Unity User Object.
    With this new improvement, you can now defect Dictionary value as well.
3. Extended the find object logic to mostly any active live object, even it is not in scene. YES, this is CRAZY improvement. It is now a lot of easy to locate an object. 
    Simply because of this NEW features, you should upgrade to this version of Enhanced Menu. It is way to powerful then what you can imagine.
    The only draw back is, there is a little performance hit. Especially, when there are a lot of objects that need to scan through or locate. 
4. Extended ValueType support for Unity User Object Explorer, including List but not Dictionary. YES, this is another CRAZY feature. User can click through field with ValueType to drill into its value. Update field in ValueType is supported. 
    Some games like to store Character Stat inside ValueType (Struct), which is fine. The problem is, they store those ValueType (Struct) insider a List. e.g. It could be list that contains different level of the item. Different level has different stat. 
    Now, using Unity User Object Explorer, you can navigate this list, the ValueType (Struct) value inside, and even update the value stored.
5. Extended ValueType support for Unity Static Analyser, it is now display properly the address to it. YES, of course I wont missed the Unity Static Analyser. You can work with ValueType as well.
    Just like normal Unity User Object Type, you can search and find all instance of the ValueType and step into Unity User Object Explorer, like it is a normal Unity User Object Type.
6. Extended Obscured Type support to cover Obscured Boolean. YES, I eventually figure out how to support Obscured Boolean.
    Just like other Code Stage Obscured Type, you can read and update Obscured Boolean with Unity User Object Explorer or through JSPlug-in. 

note:
1. This is a BETA release and for Unity Game only. It is good for Hack developer who want to test their limits only. Not for general user who do not familiar with Unity. For general user who do not familiar with Unity, it is still a good tool to use, but you cannot maximise its value.
2. Performance could be bad, if the game has a lot class definition. It is tradeoff for features and performance for now. If you don't like it, you may skip these in your JS plugin. It won’t affect your performance if you are not using it.

Version 1.9.5:
1. Series of bug fix for usability and stability.
note:
1. This is a BETA release and for Unity Game only. It is good for Hack developer who want to test their limits only. Not for general user who do not familiar with Unity. For general user who do not familiar with Unity, it is still a good tool to use, but you cannot maximise its value.
2. Performance could be bad, if the game has a lot class definition. It is tradeoff for features and performance for now. If you don't like it, you may skip these in your JS plugin. It won’t affect your performance if you are not using it.

Version 1.9.4:
<Skipped, not released>

Version 1.9.3:
1. Add User Defined ValueType support for JSPlug-in. YES, you manipulate ValueType Data (not primitive) directly using JSPlug-in.  
    If you familiar with ValueType, it is actually different from object type where ValueType actual data is store directly on the offset, while Object Type store a pointer at offset instead.
    Therefore, for User Defined ValueType (Non System / UnityEngine namespace), we will return the offset address (object base + offset), instead of returning content of the offset address (content at object base + offset). 
    Then, we extended UnityObject to support ValueType. In this case, you will need to specify the Full Class Name of the ValueType.

let PlayerStats = new UnityObject(NinjaBehaviour._stats, "$PlayerStats");
PlayerStats.loadFields(["Damage", "Luck","EnergyGain","HealthRegen"])

Note:  

• Only specify the Class name for ValueType. DO NOT input that parameter for normal Unity Object.
• ValueType also has fields, but the memory representation is quite different. Anyway, you can load fields as normal, access them as normal. 
• Currently assume field / content of ValueType would not be ValueType (no nested ValueType)
• Currently ValueType is not fully supported in Enhanced Menu UI. But you can access its content manually through Memory pointer

2. Minor bug fix on a number of bugs.
note:
1. This is a ALPHA release and for Unity Game only. It is good for Hack developer who want to test their limits only. Not for general user who do not familiar with Unity. For general user who do not familiar with Unity, it is still a good tool to use, but you cannot maximise its value.
2. Performance could be bad, if the game has a lot class definition. It is tradeoff for features and performance for now. If you don't like it, you may skip these in your JS plugin. It won’t affect your performance if you are not using it.

Version 1.9.2:
1. Improved support on UnityDictionary, handling some exception scenarios. YES, you should able to use UnityDictionary covering most, if not all, scenarios now.  
    In Unity Dictionary Key size looks like has some odd handling depends on Game developer's implementation preference. Current update should able to handle more scenarios that might happens. 
2. Improved support on Color type in both Enhanced Menu UI or JSPlug-in. YES, you can now directly see the content of Color (RGBA) on the explorer UI, also can retrieve/update it from JSPlug-in.  
    Color is a value type combining 4 float numbers representing Red, Green, Blue, Alpha of the Color. For easy for human interpretation, I have converted it as 3 integer numbers (0-255, RGB Color) and a float number for Alpha.

var script = initializeUnitySupport();
var aryObj = script.call("findUnityObjectOfType", ["BeatStar$RhythmGame$GameController", true]);
var GameController = new UnityObject(aryObj[0]);
GameController.loadFields(["rhythmGameColours"])
var RhythmGameColours = new UnityObject(GameController.rhythmGameColours);
RhythmGameColours.loadFields(["laneColoursByScore"])
var LaneColoursByScoreDict = new UnityDictionary(RhythmGameColours.laneColoursByScore,"int32","color");
var color = {"r": 127,"g":17,"b":224,"a":1}
var ret = LaneColoursByScoreDict.set_Item(0,color)
//LaneColoursByScoreDict.export();

3. Minor bug fix on a number of bugs.
note:
1. This is a ALPHA release and for Unity Game only. It is good for Hack developer who want to test their limits only. Not for general user who do not familiar with Unity. For general user who do not familiar with Unity, it is still a good tool to use, but you cannot maximise its value.
2. Performance could be bad, if the game has a lot class definition. It is tradeoff for features and performance for now. If you don't like it, you may skip these in your JS plugin. It won’t affect your performance if you are not using it.

Version 1.9.1a:
Hotfix update, some games doesn't have some System function (like Marshal.SizeOf) exposed, lead to api load error.  

Version 1.9.1:
Happy Mid Autumn Festival, to celebrate this Happy Day. I am announcing a significant usability update to H5GG Enhanced Menu. 
1. Introducing Native support to Obscured Type from CodeStage for both core Menu and JSPlug-in. YES, you can now treat Obscured Int, Obscured Float, Obscured Long, Obscured Double as the usual version of the primitive type.  
    In Unity User Object Explorer, you will see the corresponding Int / Float / Long / Double value directly. You can even click on the Offset column to directly update Obscured Type as it is a normal primitive type.
    Just put in normal Int / Float / Long / Double. All the relevant conversion is done at the back and handled subtly by the menu.
    This same apply for JSPlug-in as well. All Obscured field, you are treat them as normal. Meaning myObject.intField = 100 (while intField is an Obscured Int)
    Note: There is an assumption that developer didn't enable any cheat value detection. Or you will need to bypass those detection manually.
2. Usability improvement to Unity User Object Explorer, with improved Unity List and Unity Dictionary support plus a lot subtle changes. YES, you can now directly see the content of Unity List / Unity Dictionary on the explorer UI.  
    The is a new table created under the original explorer list, show the content directly. No matter the content value is a primitive type or object type. 
    You can edit the content of the List or Dictionary there directly. Currently Adding or Removing Item is NOT supported.
3. Minor bug fix on a number of bugs. (long list of bug fix this time)
note:
1. This is a ALPHA release and for Unity Game only. It is good for Hack developer who want to test their limits only. Not for general user who do not familiar with Unity. For general user who do not familiar with Unity, it is still a good tool to use, but you cannot maximise its value.
2. Performance could be bad, if the game has a lot class definition. It is tradeoff for features and performance for now. If you don't like it, you may skip these in your JS plugin. It won’t affect your performance if you are not using it.

Version 1.9.0: 
1. Introducing Position to UnityObject for JSPlug-in. YES, you can now get and update position (if available) of any Unity User Object.  
    If you still don't get how crazy this improvement is, let's imagine you could
    - Teleport or any where on the map
    - Summon any items on map to you (You do not need to go and collect them)
    - Summon any monsters / bosses to you (All monsters come to you and die, provide exp for you to level up)

Teleport/Summon becomes so easy to implement with JSPlug-in. Sample below:

script = initializeUnitySupport();
//Locate Hero
var aryObj = script.call("findUnityObjectOfType", ["$Hero", true]);
var Hero = new UnityObject(aryObj[0]);
var HeroPos = Hero.position

//Sumomon Monsters				
var aryObj = script.call("findUnityObjectOfType", ["$Monster", true]);
for (let i=0;i<aryObj.length;i++){
	var Monster = new UnityObject(aryObj[i]);
	Monster.position = HeroPos
}
//Sumomon Drops (exp, items)				
var aryObj = script.call("findUnityObjectOfType", ["$MapResidue", true]);
for (let i=0;i<aryObj.length;i++){
	var MapResidue = new UnityObject(aryObj[i]);
	MapResidue.position = HeroPos
}

2. Minor bug fix on a number of bugs.
note:
1. This is a ALPHA release and for Unity Game only. It is good for Hack developer who want to test their limits only. Not for general user who do not familiar with Unity. For general user who do not familiar with Unity, it is still a good tool to use, but you cannot maximise its value.
2. Performance could be bad, if the game has a lot class definition. It is tradeoff for features and performance for now. If you don't like it, you may skip these in your JS plugin. It won’t affect your performance if you are not using it.

Version 1.8.9: 
1. Introducing Performance Improvement Option for JSPlug-in. YES, you can now select the class of interest to load instead of loading everything in select Assembly Image (e.g. Assembly-CSharp).  
    Include following line to start of your JSPlug-in, then the initialisation of the Unity support engine will only load classes in the list. Remember, you need to add full class name including the namespace, if any. 

gUnityClassInterested = ['DD$Match$UI$UIActorStatus_Root','DD$Match$UI$UIActorStatus'];

Unity Static Analyser is now always full load on selected Assembly Image.  

2. Enhanced JSPlug-in support for UnityDictionary, supporting Primitive Type as Value. Yes, previously Dictionary only support Object as Value. 
    Apart from typical get_Item(index) method to retrieve value at certain index of the dictionary. We introduced also 
   - get_KeyValueItem(index) - returning Key and Value pair at the index
   - get_Value (key) - returning Value with key provided
   Sample Code:

var aryObj = script.call("findUnityObjectOfType", ["$SkillManager", true]);
var SkillManager = new UnityObject(aryObj[0]);
SkillManager.loadFields(['skills'])
var SkillDict = new UnityDictionary(SkillManager.skills,'int32','Skill');
//SkillDict.export();
var SkillDamageDict = new UnityDictionary(GameManager.skillDamage,'int32','single');
//SkillDamageDict.export();
let SkillAry = [];
for (let j=0;j<SkillDamageDict.size();j++){
  let [skillType, value] = SkillDamageDict.get_KeyValueItem(j)
  let Skill = new UnityObject(SkillDict.get_Value(skillType))
  Skill.loadFields(['coolTime','projectTileCnt','sizeUp'])
  SkillAry.push(Skill)
}
cheatObj["Skills"] = SkillAry

3. Minor bug fix on a number of bugs.
note:
1. This is a stable release and for Unity Game only. It is good for Hack developer who want to test their limits only. Not for general user who do not familiar with Unity. For general user who do not familiar with Unity, it is still a good tool to use, but you cannot maximise its value.
2. Performance could be bad, if the game has a lot class definition. It is tradeoff for features and performance for now. If you don't like it, you may skip these in your JS plugin. It won’t affect your performance if you are not using it.

Version 1.8.8:
27 Aug is another great day for iOSGods. There introduced Hook on non-jailbroken (without PC (JIT) or binary patching). Thanks to iOSGods!
To make today even more memorable (as usual), I am presenting new features of H5GG Enhanced Menu that provide Unity User Object Data Download. You can now download varies data from in-memory to file. 
You can find the downloaded file in Document folder of the Application. (remember to turn on File Sharing when Sideload)
Details includes,  
1. Introducing Unity User Object Data Download to Unity Static Analyzer. YES, you can now download data from Class/Fields/Methods detail screen.  
    In class screen, it will download Object Data for all pointer found for that class. Yes, all at once, full object data with all data fields!!!
    It is very interesting feature that make your Unity Game Analysis a lot more easier. You no longer need to take manual notes. Every thing can be process with Excel after download. 
    In fields screen, it will download full list of Fields definition into file.
    In methods screen, it will download full list of Methods definition into file.
2. Enhanced JSPlug-in support for UnityArray, UnityList, UnityDictionary, and UnityObject with export support. Yes, you can download/export entire array/list/dictionary of object with detail. You just need to call the export() function under these wrapper. 
    Imaging you can now download Item list, Skill list, Buff list. It allows you understand the game easier. Together with the drop item related method, you can create your favourite item drop anytime anywhere. 
3. Minor bug fix on a number of bugs.
note:
1. This is a stable release and for Unity Game only. It is good for Hack developer who want to test their limits only. Not for general user who do not familiar with Unity. For general user who do not familiar with Unity, it is still a good tool to use, but you cannot maximise its value.
2. Performance could be bad, if the game has a lot class definition. It is tradeoff for features and performance for now. If you don't like it, you may skip these in your JS plugin. It won’t affect your performance if you are not using it.

Version 1.8.7:
1. Enhanced the JSPlug-in around UnityArray support on Unity Primitive Type Array with direct GET/SET value in Unity primitive array. YES, you do not need to manually get/value with the pointer address now. 
    Whenever you are working with Unity Primitive Type Array (boolean, int8, int16, int32, int64, single, double), you can access value directly - pointer is int64 type, you can change pointer directly

let StatAry = new UnityArray(<<array address>>,<<primitive type>>); //primitive type -> (optional, default as pointer/int64)
for (let i=0;i<StatAry.size();i++){
  let value = StatAry.get_Item(i);//let's say primitive type is an integer
  value = value * 10;//multiplier 10 times
  StatAry.set_Item(i,value);
}

2. Minor bug fix on a number of bugs.

note:
1. This is a stable release and for Unity Game only. It is good for Hack developer who want to test their limits only. Not for general user who do not familiar with Unity. For general user who do not familiar with Unity, it is still a good tool to use, but you cannot maximise its value.
2. Performance could be bad, if the game has a lot class definition. It is tradeoff for features and performance for now. If you don't like it, you may skip these in your JS plugin. It won’t affect your performance if you are not using it. 

Version 1.8.6:
1. Auto reload Unity User Assembly Image / Library. YES, you do not need to manually them every time when session got unload. 
    Whenever you have manually loaded a Unity User Assembly Image / Library once in current game, it will auto reload if Frida session got unloaded
2. Enhanced the JSPlug-in around handling of Assembly Image / Library. YES, part of the JSPlug-in, you can specific library you want to load automatically.
    You can add Assembly Image / Library name to the following global variable in a JSPlug-in. Then it will auto load every time when it start. 

gUnityAssemblyImages = ["Assembly_CSharp","OtherGameAssemblyImagesName"]

note: if your game doesn't have Assembly_CSharp, you can safely remove it from the list
3. Minor bug fix on a number of bugs.

note:
1. This is a stable release and for Unity Game only. It is good for Hack developer who want to test their limits only. Not for general user who do not familiar with Unity. For general user who do not familiar with Unity, it is still a good tool to use, but you cannot maximise its value.
2. Performance could be bad, if the game has a lot class definition. It is tradeoff for features and performance for now. If you don't like it, you may skip these in your JS plugin. It won’t affect your performance if you are not using it. 

Version 1.8.5:
1. Improved Unity User Object wrapper around Return value from method call. YES, you do not need to manually parse the primitive value from pointer result.
    You will directly get the integer, float, double, string result from method call.
2. Enhanced the template mod menu JSPlug-in to include Read/Update using Method. YES, apart from direct field update. You can configure the mod menu template to use method
    You may see the update example from Eversoul cheat

3. Minor bug fix on a number of bugs.

note:
1. This is an Beta release and for Unity Game only. It is good for Hack developer who want to test their limits only. Not for general user who do not familiar with Unity. For general user who do not familiar with Unity, it is still a good tool to use, but you cannot maximise its value.
2. Performance could be bad, if the game has a lot class definition. It is tradeoff for features and performance for now. If you don't like it, you may skip these in your JS plugin. It won’t affect your performance if you are not using it. 

Version 1.8.4:
Today is a remarkable day for H5GG enhanced menu. Here brings a monster improvement to JSPlugin. With this latest update, you can now interact directly with Unity User Object, with a bit of setup, you can use Unity User Object directly inside your JSPlugin. It is almost like a JS-binding of Unity, crazy! See below for more details:
1. Introducing Unity User Object wrapper. You can wrap ALL Unity User Object with in JS Plug-in. YES, it is pretty much like what we did earlier for UnityArray, UnityList, and UnityDictionary.
    With a bit of setup like below, you can use dot (.) notation OR [] notation to directly access fields and methods!!!!!
    e.g. let myPlayer = new UnityObject(<<Player Object Address>>);
            myPlayer.loadFields([“score”,”exp”,”_anyfieldname”]); //You can have as many field as you like. Of course add only those you need.
            myPlayer.loadMethods([“void set_exp(int32)”,”int32 get_exp()”,”void _anymethodname()”]); //You can have as many method as you like.
            Then, you can do myPlayer.score=999, myPlayer.exp, ”_anyfieldname”myPlayer.set_exp(999), myPlayer.get_exp(),etc
   You may find all the field names, method name from Unity dump or using my Unity Static Analyzer JSPlugin. Again, it support all Unity User Objects.
    Note  Currently it only support following field / param / return data type: void, int8, int16, int32, int64, single, double, boolean, text (readonly), string (readonly), for pointer please use int64.
   Combining UnityObject, UnityArray, UnityList, and UnityDictionary, you can pretty much program the cheat logic with Unity User Object intuitively in JSPlugin. 
  Sample script here (upgraded version of Mini Football cheat script):

/*
    H5GG Plugin Mod Menu logic should enable easier Mod Menu development for non-jailbroken. It preserve existing H5GG UI and features, while adding new cheat menu.
    Cheat implemented using a patch free approach, the game binary does not required to patch. 
	
    Contribute by Happy Secret on iOSGods (2023)
*/
gIl2cppInit = false;
var script = initializeUnitySupport();
//patchMiniFootball();

var cheats = {
    speed: ["PlayerAttributes", "speed", 100, "single", "ON"],
    tackle: ["PlayerAttributes", "tackle", 100, "single", "ON"],
    shoot: ["PlayerAttributes", "shoot", 100, "single", "ON"],
    reflexes: ["PlayerAttributes", "reflexes", 100, "single", "ON"],
    pass: ["PlayerAttributes", "pass", 100, "single", "ON"],
    stamina: ["PlayerAttributes", "stamina", 100, "single", "ON"],
};

var intervalID;
var aryObj
var cheatState = false;
var cheatMode = "recurrent";
var recurrentInterval = 1000; //try not to be small than 1000, prevent system freeze

function toogleCheat() {
    cheatState = !cheatState;
    document.getElementById("applybutton").textContent = ' Toggle OFF ';
    document.getElementById("applybutton").style.backgroundColor = '#E8E8E850';

    if (cheatState) {
        intervalID = setInterval(function () {
            if (cheatState) {
                try {
                    script = initializeUnitySupport();
                    aryObj = script.call("findUnityObjectOfType", ["$Stick", true]);
                } catch (e) {
                    //reset Unity Support
                    gIl2cppInit = false;
                    var script = initializeUnitySupport();
                    appendLog("Unity support crashed and reset complete");
                }

                if (!aryObj || aryObj.length == 0) {
                    appendLog("Cannot find object to cheat. Engine stopped.");
                    cheatState = false;
                    document.getElementById("applybutton").textContent = ' Toggle Cheat ';
                    return;
                }
                for (let i = 0; i < aryObj.length; i++) {
                    //[MODIFY]Start prepare core object for delink / filtering here
                    let Stick = new UnityObject(aryObj[i]);
                    //debugInfo("Stick (" + aryObj[i].toString(16) + ") with UnityObject:" + Stick, [aryObj[i]])
                    Stick.loadFields(['player']);
                    //debugInfo("Stick (" + aryObj[i].toString(16) + ") with player:" + Stick.player, [aryObj[i]])
                    let Player = new UnityObject(Stick.player);
                    Player.loadFields(["attributesBoosted", "isOwning_"]);
                    //debugInfo("Player (0x" + Stick.player.toString(16) + ") with isOwning_:" + Player.isOwning_, [Stick.player])
                    let cheatObj = {};
                    //End prepare core object for delink / filtering here

                    //[MODIFY]Locate the right object to cheat
                    if (Player.isOwning_ == 1) {
                        //[MODIFY]Start prepare cheat object here
                        let PlayerAttributes = new UnityObject(Player.attributesBoosted);
                        PlayerAttributes.loadFields(["speed", "tackle", "shoot", "reflexes", "pass", "stamina"])
                        cheatObj["PlayerAttributes"] = PlayerAttributes
                        //End prepare cheat object
                        for (var prop in cheats) {
                            if (Object.prototype.hasOwnProperty.call(cheats, prop)) {
                                let obj;
                                let addr;
                                let oldValue = 0;
                                if (cheats[prop][4] == "ON") {
                                    cheatObj[cheats[prop][0]][cheats[prop][1]] = cheats[prop][2];
                                } //end if TURN ON
                            }
                        }//end For 
                        appendLog("Cheat applied successfully");
                    }//end if isOwning_ == 1
                }
            } else {
                clearInterval(intervalID);
            }
        }, recurrentInterval);
    } else {
        //code will stop on next coming iteration
        document.getElementById("applybutton").textContent = ' Toggle Cheat ';
        appendLog("Cheat stopped");
    }

    if (cheatMode != "recurrent") clearInterval(intervalID);
}


/* Add button on H5GG UI to open the Cheat UI, if it does not exist */
if ($("#cheatpluginmodmenu").length == 0) {
    var btn = $('<button id="cheatpluginmodmenu">Cheat</button>');
    btn.attr("credit", "Happy Secret");
    btn.click(function () {
        $("#cheatpluginpage").show();
    });
    //backward compatible with standard H5GG menu
    if ($("#frontview").length == 0) {
        $('#results_count').after(btn);
    } else {
        $("#frontview").append(btn);
    }
}

/* Create the Cheat UI Layer, if it does not exist */
if ($("#cheatpluginpage").length == 0) {
    var popup_pixelfancheat_html = $('<div id="cheatpluginpage"  style="background-color: #FDFDFD; width:100%; height:100%; position:absolute; left:0; top:0; border:1px solid #B8B8B880; border-radius: 5px; padding: 0px; z-index: 99999;-webkit-user-select: all;-webkit-touch-callout: default;"></div>');
    $(document.body).append(popup_pixelfancheat_html);
}

/* Generate Clean Cheat Menu UI */
var html = '&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Cheat by Happy Secret';
html += '<div style="float:right; font-size:16px; font-family: Arial, sans-serif;" onclick="closecheatpluginpage()">&nbsp;X&nbsp;</div>';

/* Prepare Cheat Item */
for (var prop in cheats) {
    if (Object.prototype.hasOwnProperty.call(cheats, prop)) {
        //html 	+= '<br><label>' + prop + '<output>(' + cheats[prop][2] + ')</output><input name="' + prop + '"type="range" min="0" max="' + cheats[prop][2] * 2 + '" value="' + cheats[prop][2] + '}" style="width:50%" onchange="rangechange(this)" /></label>';
        html += '<br><label><input name="' + prop + '"type="range" min="0" max="' + cheats[prop][2] * 2 + '" value="' + cheats[prop][2] + '}" style="width:50%" onchange="rangechange(this)" />' + prop + '<output>(' + cheats[prop][2] + ')</output></label>';
    }
}

html += '<p align="center"><button onclick="toogleCheat()" id="applybutton">&nbsp;Toggle Cheat&nbsp;</button>';
html += '</hr><div id="cheatpluginpagelog" class="scrollbar" ></div>';


$("#cheatpluginpage").html(html);
$("#cheatpluginpage").hide();

function closecheatpluginpage() {
    $("#cheatpluginpage").hide();
}

function rangechange(input) {
    cheats[input.name][2] = Number(input.value);

    input.nextElementSibling.value = '(' + input.value + ')';
    //input.previousElementSibling.value = '(' + input.value + ')';

    //Change Apply Button Color to remind user to press Apply
    document.getElementById("applybutton").style.backgroundColor = 'yellow';
}


/* Create Cheat Log */
function appendLog(msg) {
    var oldmsg = $("#cheatpluginpagelog").html();
    if (oldmsg.length > 300) oldmsg = "";
    oldmsg = getCurTime() + ' - ' + msg + '<br>' + oldmsg;
    $("#cheatpluginpagelog").html(oldmsg);
}

function patchMiniFootball() {

    h5gg.require(7.9);
    var h5frida = h5gg.loadPlugin("h5frida", "h5frida-16.0.10.dylib");
    if (!h5frida) throw "Failed to load h5frida plugin";

    function ActiveCodePatch(fpath, vaddr, bytes) {
        if (!h5frida.ActiveCodePatch(fpath, vaddr, bytes)) {
            var result = h5frida.ApplyCodePatch(fpath, vaddr, bytes);
        } return true;
    }
    function DeactiveCodePatch(fpath, vaddr, bytes) {
        return h5frida.DeactiveCodePatch(fpath, vaddr, bytes);
    }

    /*HERE IS OUR OFFSET PATCHING CODE*/

    ActiveCodePatch("Frameworks/UnityFramework.framework/UnityFramework", gUnityClasses.$LuckyShotManager.IsLuckyShotAvailable.methodOffset, "200080D2C0035FD6");
    ActiveCodePatch("Frameworks/UnityFramework.framework/UnityFramework", gUnityClasses.$LuckyShot.get_attemptsLF.methodOffset, "400080D2C0035FD6");

}

2. Further improved core Unity Framework to handle Enum better. YES, you can now directly see Enum value in Unity User Object Explorer.
    Enum is used heavily to classify objects. It is a very important identifier for us to filter object we want to access.
3. Minor bug fix on a number of bugs.

note:
1. This is an Beta release and for Unity Game only. It is good for Hack developer who want to test their limits only. Not for general user who do not familiar with Unity. For general user who do not familiar with Unity, it is still a good tool to use, but you cannot maximise its value.
2. Performance could be bad, if the game has a lot class definition. It is tradeoff for features and performance for now. If you don't like it, you may skip these in your JS plugin. It won’t affect your performance if you are not using it. 
Special Thanks to @LeePham for testing and support

Version 1.8.3:
1. Improved Support Covering Unity Array, List, Dictionary, both on H5GG Enhanced Menu UI and JS Plug-in. YES, you can access Array, List, Dictionary with Menu UI and JS Plug-in.
    New UnityArray, UnityList, UnityDictionary class available in JS Plugin.
    e.g. let myDictionary = new UnityDictionary(<<Dictionary Address>>); 
            for (let i = 0; i < myDictionary.size(); i++) {console.log(myDictionary.get_Item(i))}
   Same JS Plug-in access pattern for UnityArray and UnityList
   Short demo on how to access with UI - https://streamable.com/wgr65h
2. Further improved Object search function for Unity Class Static Analyser with support Singleton type. YES, you can directly access all singleton now!!! (This greatly improved the coverage) 
    Many games host important index or controller under Singleton class. You can check out full list of Singleton class under DebugInfo (of course on those loaded Assembly, default is Assembly-CSharp - you can load more)
3. Minor bug fix on a number of bugs.

note:
1. This is really an Alpha release and for Unity Game only. It is good for Hack developer who want to test their limits only. Not for general user who do not familiar with Unity. For general user who do not familiar with Unity, it is still a good tool to use, but you cannot maximise its value.
2. Performance could be bad, if the game has a lot class definition. It is tradeoff for features and performance for now. If you don't like it, you may skip the JS plugin. It is completely standalone plugin, base menu has no dependency on it. 

Version 1.8.2:
1. Improved On Scene Object(s) function of Unity Class Static Analyser with full pointer navigation path. YES, full navigation! Pointer to Pointer, up to end-to-end 5 level.
    This is VERY useful for cheat developer. You know exactly what to include in your cheat script.
2. Further improved Object search function for Unity Class Static Analyser with support List type. YES, it can look through Generic Type List!!! (This greatly improved the coverage) 
    With this foundation setup, I will try to cover Array and Dictionary in coming update.
3. Minor bug fix on a number of bugs.

note:
1. This is really an Alpha release and for Unity Game only. It is good for Hack developer who want to test their limits only. Not for general user who do not familiar with Unity. For general user who do not familiar with Unity, it is still a good tool to use, but you cannot maximise its value.
2. Performance could be bad, if the game has a lot class definition. It is tradeoff for features and performance for now. If you don't like it, you may skip the JS plugin. It is completely standalone plugin, base menu has no dependency on it. 

Version 1.8.0:
As mentioned last week, we have something new, something crazy, that would blow your mind. Today, here announced the In-Memory Unity Class Static Analyser.
It is essentially an in-memory Il2cpp dumper (but a bunch of usability features). YES, you do not necessary to do il2cpp dump now. 
Even though it cannot completely replace il2cpp dumper, it is not its intention, it significantly reduce the need of doing offline dump. 
Additionally, we have implemented it as a JS plugin.  YES, heard it right. The most powerful thing of H5GG is SCRIPTING capability. Here I want to demonstrate how far we can go with scripting.
1. In memory, Il2cpp dumper which dump Class, Field, Method dump and allow searching. (Properties is not implemented, as it mostly covered by Method.) YES, everything in memory. You do not need PC to do dump for simple Unity Game.
   Those highlighted with colour code are accessible directly to the object / field. Yellow is direct, Pink is one hop indirect. It opens first object met the criteria here. More object can be found in DebugInfo
2. Network Graph show Inter-class relation. YES, trust me. This is the blow your mind part. You can visually see all the Class relation on screen in a network form. 
    With this tool, it will be even more easy for you to understand how the game works and find things to hack. Together with previous Unity Support. The game is pretty much naked in front of you.
3. Detail view on Class with available on Scene Object List to allow easy access. Yes, this is actually the real detail il2cpp dump view PLUS live object list (on Scene).
    It is helpful if you find a class interesting and would like to understand more.
4. Enhanced core engine to allow User load additional library (apart from Assembly-CSharp) through Debug Info windows. Yes, just click to load additional modules and it will keep track what has loaded too.
    With this in place, we can extend our menu to cover even more games.
5. Enhanced Unity User Object Explorer and Memory Info view to allow even smoother navigation.  You can now indirectly access List and Dictionary (or other generic type) content. YES, we now start to cover Generic Type.
    You can now basically keep clicking to navigate across the Unity Game Memory/User Objects.
6. Removed one major limitation on Unity Method coverage on certain Unity Game. YES, we have more games supported by this feature now.
7. Removed limitation menu size. If you are on iPAD, you will start seeing bigger Menu UI. YES, we need a lot more space for you to Analyse Unity Game.
8. Minor bug fix on a number of bugs.

note:
1. This is really an Alpha release and for Unity Game only. It is good for Hack developer who want to test their limits only. Not for general user who do not familiar with Unity. For general user who do not familiar with Unity, it is still a good tool to use, but you cannot maximise its value.
2. Performance could be bad, if the game has a lot class definition. It is tradeoff for features and performance for now. If you don't like it, you may skip the JS plugin. It is completely standalone plugin, base menu has no dependency on it. 

Version 1.7.6:
Today is another great day for iOSGods. We have the JIT and iOSGods Jailbreak Mod Menu DEBs for Non-Jailbroken iOS Devices announced. It is so crazy that we can use jailbroken mod on non-jailbroken. Although there are some limitation that requires PC to turn on JIT, it is still a crazy good news for Non-jailbreaker. Thanks to iOSGods!
To make today even more memorable (as usual), I am presenting formal release version of H5GG Custom Menu that provide Unity support. All Features that are previously in Alpha/Beta testing (v1.7.0-v1.7.5) are now in release mode! Additionally,  
1. Removed one major limitation on Unity Method coverage on certain Unity Game. YES, we have more games supported by this feature now. 
    Even it is release mode, no guarantee. Some Unity games are really hard to crack through.
2. Enhanced core engine to allow User load additional library (Apart from Assembly-CSharp). Yes, some games store core library outside Assembly-CSharp, we can cover them manually through JS Plugin NOW.
    With this in place, we can extend our menu to cover even more games.
3. Surprise update in core engine, it is used to support something REALLY BIG coming.  You can't use it directly for now. 
    Stay tuned, for our next release. It will blow your mind. So Crazy...
4. Minor bug fix on a number of bugs.

note: This is a formal release for Unity Game only. But still it is pretty much for Hack developer who want to test their limits only. For general user who do not familiar with Unity, it is still a good tool to use, but you cannot maximise its value.

Version 1.7.5:
1. Further improved Unity User Object Explorer, to include ancestor class info (Field and Method) . YES, everything about the Object all at a glance now!!! (Features enter BETA testing, no guarantee) 
    The related info as usual available to JS Plugin to use. 
2. Enhanced Memory Info, it can now parse 64bit pointer. As usual, you can navigate through object pointer, from memory travel to another object memory. 
    Of course, if the new object is a Unity User Object. You can Click on Unity to start exploring the new object.
3. New H5Frida/Frida package script for macOS and Windows. YES, you no longer need to do this tedious work by yourself. 
    The script automate the process of packaging 3 H5Frida/Frida files into ipa and make the ipa H5Frida/Frida ready. (prerequisite for using this enhanced menu)
4. Enhanced scripting Unity support, thought script you can load additional Unity module to extend Unity User Object Explore coverage.  Experimental features. 
    Contact me, if you want to help out. Only for selected experience developer. 
5. Minor bug fix on a number of bugs.

note: This is really a BETA release and for Unity Game only. It is good for Hack developer who want to test their limits only. Not for general user who do not familiar with Unity. 

Thank you @LeePham in helping out a lot in providing idea and various support. 

Version 1.7.4:
1. Further improved search function for Unity User Object with support search using Unity Object Type / Class Name. YES, you do not even need an address!!! (Features enter BETA testing, no guarantee) 
    Default show first object of that type, more object is listed in DebugInfo where you can pick and choose other objects found. 

2. Optimised and exposed the Unity User Object search to JS Plug-in as well. YES, you can also use this features in your own cheat as well. Full list of objects meet the criteria will be available for script to further filtering. 
    I have created two cheat with LeePham using this JS Plug-in features. You may find them in action below. 
    WE can now do Simple Unity Game Cheat without Binary Patch without address / offset. Cheat Script will always work even in future game release (unless game logic changes impact our logic) 

3. Minor bug fix on a number of bugs.

note: This is really a BETA release and for Unity Game only. It is good for Hack developer who want to test their limits only. Not for general user who do not familiar with Unity. 

Version 1.7.3:
1. Further improved search function for Unity User Object with support search using Unity Object Type / Class Name. YES, you do not even need an address!!! (Very trial features, no guarantee) 
    Default show first object of that type, more object is listed in DebugInfo where you can pick and choose other objects found.
2. Minor bug fix on a number of bugs.

note: This is really an Alpha release and for Unity Game only. It is good for Hack developer who want to test their limits only. Not for general user who do not familiar with Unity. 

Version 1.7.2:
1. Fixed a critical bug for Non-Unity game around ARM features 

note: This is really an Alpha release and for Unity Game only. It is good for Hack developer who want to test their limits only. Not for general user who do not familiar with Unity. 

Version 1.7.1:
1. Improved search function for Unity User Object .
2. Performance improvement for overall Unity Object Explorer features
3. Minor bug fix on a number of bugs.

note: This is really an Alpha release and for Unity Game only. It is good for Hack developer who want to test their limits only. Not for general user who do not familiar with Unity. 

Version 1.7:
Today is a great day for iOSGods. We have the world class iGDisassembler announced. It is so easy to use and feature rich. The most important of all, it support Non-jailbroken as well. Thanks to iOSGods!
To make today even more memorable, I am presenting new version of H5GG Custom Menu that provide Unity support. Key Features includes: 
1. Browse Unity User Object (see attached screen), with object class name, offset, field name, value, data/object type
2. Edit Object Field Value directly from Unity Object Explorer UI
3. Navigate from Object to Object, click through object pointers. Backward function allow you to navigate back to previous object
4. Search Unity User Object, input from not only the object pointer, but also anywhere within the object (any address search). You can get object pointer from random address in object!!!.
5. Integrate Unity features to existing CheatEngine search (touch-hold 2 second on search result) and DebugInfo -> MemoryInfo features

Limitation: 
1. Only Unity User Object defined in Assembly-CSharp supported
2. Static Class / Object is not supported
3. Only active object in scene can be found

Disclaimer:
1. This is a very early ALPHA release. Forgive me for any crazy bug you find, just let me know.

Other update: 
1. Enhanced Hex search to do pointer search. Combine with the power of Unity Object Explore's any address search feature to get Object pointer. You can search backward on what object is having reference pointer pointing to this object. 
2. Minor bug fix on a number of bugs.

note: This is really an Alpha release and for Unity Game only. It is good for Hack developer who want to test their limits only. Not for general user who do not familiar with Unity. 

Version 1.6:
1. Embedded Hex search with nibble-level wildcards, like "?3 37 13 ?7" features into new update. Hex search can also be used to achieve Text (UTF-8) search. It will automatically convert UTF-8 Text to HEX representation. 
2. Introducing JS Plug-in framework. Structure your script in a predefined way, it will automatically load and plug-in on top of existing H5GG menu. It allows us to preserve the H5GG brilliant features. 
3. Minor bug fix on a number of bugs.

note: Note Hex Search script result can be find in Debug Info UI. (press Debug from front UI) 

More detail on JS Plug-in framework here

/*
	H5GG Plugin Mod Menu logic should enable easier Mod Menu development for non-jailbroken. It preserve existing H5GG UI and features, while adding new cheat menu.
	Cheat implemented using a patch free approach, the game binary does not required to patch. 
	
	Contribute by Happy Secret on iOSGods (2023)
*/

var cheats = {
    points: 99999,
    expmulti: 2,
};


/* Add button on H5GG UI to open the Cheat UI, if it does not exist */
if ($("#20mModMenu").length == 0) {
   var btn = $('<button id="20mModMenu">20minutesCheat</button>');
       btn.attr("credit", "Happy Secret");
       btn.click(function() {
          $("#20mpage").show();
       });
   //backward compatible with standard H5GG menu
   if ($("#frontview").length == 0) {
       $('#results_count').after(btn);
   } else {
       $("#frontview").append(btn);
   }
}

/* Create the Cheat UI Layer, if it does not exist */
if ($("#20mpage").length == 0) {
    var popup_20mcheat_html = $('<div id="20mpage"  style="background-color: #FDFDFD; width:100%; height:100%; position:absolute; left:0; top:0; border:1px solid #B8B8B880; border-radius: 5px; padding: 0px; z-index: 99999;-webkit-user-select: all;-webkit-touch-callout: default;"></div>');
    $(document.body).append(popup_20mcheat_html);
}

/* Generate Clean Cheat Menu UI */
var html = '&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;20minutes Till Dawn Cheat by Happy Secret';
html += '<div style="float:right; font-size:16px; font-family: Arial, sans-serif;" onclick="close20mpage()">&nbsp;X&nbsp;</div>';
html += '<p><label>Points / Cash<output>(99999)</output><input name="points" type="range" min="0" max="9999999" value="99999" style="width:90%" onchange="rangechange(this)" /></label>';
html += '<br><label>Exp Multiplier<output>(2)</output><input name="expmulti"type="range" min="0" max="5" value="2" style="width:90%" onchange="rangechange(this)" /></label>';
html += '<p align="center"><button onclick="EnableCheat()" id="applybutton">Trigger on Cheat</button>';
html += '</hr><div id="20mpagelog" class="scrollbar" ></div>';


$("#20mpage").html(html);
$("#20mpage").hide();

function close20mpage() {
    $("#20mpage").hide();
}

function rangechange(input) {
    cheats[input.name] = Number(input.value);

    input.previousElementSibling.value = '(' + input.value + ')';

    //Change Apply Button Color to remind user to press Apply
    document.getElementById("applybutton").style.backgroundColor = 'yellow';
}

/* Core Cheat Code */
function EnableCheat() {
    //Reset Apply Button Color
    document.getElementById("applybutton").style.backgroundColor = '#E8E8E850';

    var pointAdr = (readPtr(readPtr(readPtr(Number(getBase()) + 0x2B7E1f8) + 0xb8) + 0x20) + 0x10);
    var oldPoint = readLong(pointAdr);
    writeLong(pointAdr, cheats['points']);

    appendLog("Points is updated from " + oldPoint + " to " + cheats['points']);

    var expMultiAdr = (readPtr(readPtr(readPtr(readPtr(readPtr(Number(getBase()) + 0x2b7e298) + 0xb8) + 0x8) + 0x20) + 0x30) + 0x1C)
    var oldExpMulti = readFloat(expMultiAdr);
    writeFloat(expMultiAdr, cheats['expmulti']);

    appendLog("Exp Multiplier is updated from " + oldExpMulti + " to " + cheats['expmulti']);
}

/* Create Cheat Log */
function appendLog(msg) {
    var oldmsg = $("#20mpagelog").html();
    oldmsg = getCurTime() + ' - ' + msg + '<br>' + oldmsg;
    $("#20mpagelog").html(oldmsg);
}

/* Get current time in hh:mm format */
function getCurTime() {
    // Create a new Date object
    var now = new Date();

    // Get the current hour and minute
    var hours = now.getHours();
    var minutes = now.getMinutes();

    // Format the hours and minutes with leading zeros
    hours = ("0" + hours).slice(-2);
    minutes = ("0" + minutes).slice(-2);

    // Combine the hours and minutes into a string
    var time = hours + ":" + minutes;

    return time;
}

/* Memory access related */
function getBase() {
    var modules = h5gg.getRangesList("UnityFramework"); //Module Name
    return modules[0].start; //module base addr in runtime memory
}

function readLong(addr) {
    return Number(h5gg.getValue(addr, "I64"));
}

function readFloat(addr) {
    return Number(h5gg.getValue(addr, "F32"));
}

function readPtr(addr) {
    return Number(h5gg.getValue(addr, "U64"));
}

function writeLong(addr, value) {
    h5gg.setValue(addr, value, "I64");
}

function writeFloat(addr, value) {
    h5gg.setValue(addr, value, "F32");
}

Version 1.5:
1. Isolate H5GG core feature Frida script with other script, to avoid override or affecting each other. Now you can use this new menu with other Frida scripts with less constraints and without issue. 
2. Introducing Hex Search with nibble-level wildcards, like "?3 37 13 ?7". Hex search can also be used to achieve Text (UTF-8) search. Currently only script available, will incorporate into H5GG menu with UI in next version. 
3. Minor bug fix on a number of bugs.

note: Note Hex Search script result can be find in Debug Info UI. (press Debug from front UI) 

Version 1.4:
1. You can use script to search for object interested and add to Debug Info. Debug Info acts like a console.log but it will accumulate count on same message and update itself to latest version of data. You will LOVE it. 
2. Under debug info, you can easily explore data at certain memory location (object location). As usual, you can update the data on that screen as well. 
3. Minor bug fix on a number of bugs.

note: You need to update your existing script which is using H5Frida to use 16.0.10 instead of 15.1.24. Just two line inside script.

Version 1.3:
1. You can type in simple ARM64 instruction to let the tool to convert to HEX for you. Only works on Simple ARM64 Instruction like MOV, ADD, SUB, NOP, RET.
2. Upgraded H5Frida Core to version 16.0.10 (thanks to @LeePham helping on final compilation on Theos)
3. Minor bug fix on a number of bugs.

note: You need to update your existing script which is using H5Frida to use 16.0.10 instead of 15.1.24. Just two line inside script.

Version 1.2:
1. You can tap on Bytes (middle column) to open Live Offset Patcher. Only works on Non-Jailbroken device with Debug state on the App OR Jailbroken device.
2. Color highlight on the current Instruction (specified in the Current Address field)
3. Minor bug fix on a number of bugs.

Version 1.1:
1. You can just tap on blue number to navigator to different address. YES, just TAP on it. 
2. Saved one previous Address so that you can go back one step.