Happy Secret

I am customising Unity 5D. Of course Unity 5D, by itself has no such feature. My question Is, how to access the Unity Component’s fields (like what you said e.g. HP -> 0x24). I found online that there are way to get the gameobject (and it’s transform) from monobehavior component object. https://www.unknowncheats.me/forum/2562233-post1403.html You can see it is also accessing through series of offset. Anyway, let me continue to share around. Will share if I find anything useful.

Come to learn

I don’t think it is completely true. Those Monobehavior class are actually Components and part of objects. Just some we no longer get the class name. for the one I am working on is Arena Of Valor. I can see ActorConfig is shown in Component list. It is Part of the player game object. I am sure it is player, because I already draw the ray line to them. But I need way to get the field value within ActorConfig component.

I am current learning to make ESP hack. There quite a few mentioned GWorld and use it as root to find other needed objects. My question is, how can I find GWorld offset? I saw some mentioned need to do IDA search with xref. But I am not sure, what I should be looking for in IDA Can someone give me some steps on how to achieve it? Thanks!

Updated to v1.6.181 with additional 5 hack features

I mean fields like HP / something indicate enemy/ Ally of a Monobehavior class. It is now a Component of a GameObject that I draw. I want to paint the line Color differently. Anyway, I am trying to extend the logic to not just paint green Color line for every logic that meet the filter requirement.

How do we access to Component’s fields? It seems can’t access with offset. Not sure how does it being wrapped. any idea ?

Come to learn more

I think there are great hack available for Sausage Man. I will not create another one. For Mod Menu on Non-Jailbroken, I have another one on Dungreed here

Come to learn

Modded/Hacked App: ScourgeBringerBundle ID: com.pid.scourgebringeriTunes Store Link: https://apps.apple.com/us/app/scourgebringer/id1552864378 Mod Requirements: - Non-Jailbroken/Jailed or Jailbroken iPhone/iPad/iPod Touch. - Sideloadly / Cydia Impactor or alternatives. - A Computer Running Windows/macOS/Linux with iTunes installed. Hack Features: - Free to play- God Mode (Turn it off, if you want to travel back to Tree)- Always get 1000 Blood- Infinite Bullets- Free Shop / Reroll with HP - Infinite Skill Points Tips Turn On/Off features with the Mod Menu. Look for the floating lovely Eevee on top left hand corner. YES!! Mod Menu Hack on Jailed Device!! Jailbreak required hack(s): https://iosgods.com/forum/5-game-cheats-hack-requests/ Modded Android APK(s): https://iosgods.com/forum/68-android-section/ For more fun, check out the Club(s): https://iosgods.com/clubs/ iOS Hack Download IPA Link: [Hidden Content] PC Installation Instructions: STEP 1: If necessary, uninstall the app if you have it installed on your iDevice. Some hacked IPAs will install as a duplicate app. Make sure to back it up so you don't lose your progress. STEP 2: Download the pre-hacked .IPA file from the link above to your computer. To download from the iOSGods App, see this tutorial topic. STEP 3: Download Sideloadly and install it on your PC. STEP 4: Open/Run Sideloadly on your computer, connect your iOS Device, and wait until your device name shows up. STEP 5: Once your iDevice appears, drag the modded .IPA file you downloaded and drop it inside the Sideloadly application. STEP 6: You will now have to enter your iTunes/Apple ID email login, press "Start" & then you will be asked to enter your password. Go ahead and enter the required information. STEP 7: Wait for Sideloadly to finish sideloading/installing the hacked IPA. If there are issues during installation, please read the note below. STEP 8: Once the installation is complete and you see the app on your Home Screen, you will need to go to Settings -> General -> Profiles/VPN & Device Management. Once there, tap on the email you entered from step 6, and then tap on 'Trust [email protected]'. STEP 9: Now go to your Home Screen and open the newly installed app and everything should work fine. You may need to follow further per app instructions inside the hack's popup in-game. NOTE: iOS/iPadOS 16 and later, you must enable Developer Mode. For free Apple Developer accounts, you will need to repeat this process every 7 days. Jailbroken iDevices can also use Sideloadly/Filza/IPA Installer to normally install the IPA with AppSync. If you have any questions or problems, read our Sideloadly FAQ section of the topic and if you don't find a solution, please post your issue down below and we'll do our best to help! If the hack does work for you, post your feedback below and help out other fellow members that are encountering issues. Credits: - Happy Secret Cheat Video/Screenshots: N/A

Am, this tutorial doesn’t look like a H5GG tutorial. It is more about Non-Unity hacking with LLDB. If you are looking for H5GG specific tutorial, you may try to look from here https://iosgods.com/forum/595-h5gg-igamegod/

In simple word, you need Xcode and sign the app with your Apple ID (Sideloadly). Turn on Xcode -> Load a random iOS project -> Change the target to our iOS device -> “Debug > Attach to Process by PID or Name > Type in Game Process Name” Hint: The process name is the app name inside the Payload after decompile the ipa file. Sometime the app name could be very odd like app store. They seems want to hide itself with the real App Store app. Wait a bit for the debugger to attach successfully. If it is first time, it will take longer. As it need to prepare your iOS device for debugging first. Hint: Sometime the game might crash on attach, it doesn’t matter just restart and do it again. No worries. Once you see the Xcode saying Running…(on the top bar), you are set.

Thanks for sharing. That is a really good LLDB cheat sheet. But apparently I can’t find the parameter for ‘p’ or ‘x’ to display Double value on a Memory Address. Can you share an example?

@Puddin I am on latest iOS (non-jailbroken). No issue.

To supplement a bit here: The key reason behind: 1. The watchpoint break right after the triggering instruction: Default watchpoint type (w or write) only trigger when the address that we watch changed. So, it will always be after the fact (value changed). The trigger instruction will always be one instruction before the one got highlighted. 2.We saw long random value in the watch result: That number could be float or double (or some Boolean) which has a very different representation in memory. What we see is, LLDB try to understand the underlying hex as a normal decimal number. For Floating point, we can apply formatter to our memory read. For Double, I always need to refer to online Double tool like this one - https://gregstoll.com/~gregstoll/floattohex/ Please do let me know if there are simple way to read Double in LLBD.

Well written! Cool.

Come to learn more

Come to learn

@Laxus Hope you are doing well. Thank you last time you send me the latest IPA for Dungreed. Can you share where did you download that? Is it accessible by public like me?

Come to learn

Can you elaborate more on how it helps to port Android hack to iOS? Love to learn more.

Come to learn

If I recall properly, I started with Cheat Engine to locate memory address of money. Fake/Protected doesn’t matter. I just need an Entry point for me to set watchpoint in Xcode/LLBD to get to relevant function around the money spent. Then I can spend time with the Assembly code. @Puddin

Come to learn