-
Posts
259 -
Joined
-
Last visited
Posts posted by carpoa
-
-
Just now, Puddin said:
Good luck
is it server sided?
-
I'll take a look soon. Setting up my setup. 👍
-
This post wont teach anything apart for supplying you with tools and sources that are tutorials.
This will help you and guide you make your own cheats or to learn something new.
Things you should learn:
Assembly (ASM)
C# (C-Sharp)
How to use IDA/Ghidra (Minimum the basics)
Tools:
Ghidra (Freemium version of IDA-Pro IMO)
IDA Free (Worse version of Pro)
Threads:
[UnknownCheats (OFF SITE)] Unity Engine Reversing and Hacking Tutorial
[UnknownCheats] Programming and Reversing topic (Many more threads)
IOS Gods tutorials Tagged posts
[Rooks Tutorial] [Starter Pack] iOS Hacking [IDA, Reverse Engineering, Cheat Engines, Theos, Flex]
How to learn, ARM Assembly, Exploit Development, Reverse engineering
Don't get mad or give up if you don't get it.
It does help if you already have knowledge on how computers work and other technical knowledge but isn't needed.
-
1
-
-
I am not the developer of the repo that is linked.
Please do not come to me with issues.
To begin. Please make sure you update your apt packages. You can do this by entering the following command:
sudo apt-get update
Once that command completes its execution, go to the checkra1n download page and try one of the downloads. If you haven't already done so, go to the checkra1n linux download guide and try to follow that. However if you do not succeed come back to this post and follow the steps below.
Getting Started:
Using the installer:
Step 1:
First thing to do is to open command prompt and then run the following command(s) below:
git clone https://github.com/Randomblock1/checkra1n-linux && cd checkra1n-linux
Once that is finished you will then need to run the following script:
sudo ./installer.sh
YOU HAVE TO RUN THIS AS ROOT/SUDO OR IT WILL NOT RUN. When asked for a password, enter your current profile password. (Example: 123543
This will execute the 'installer.sh' file which does what is its named.
When you execute it, it is expected you wont have all required packages installed which is what this script will do for you as you can see below:
Once that is done you will have the installer GUI pop up:
Step 2:
If that GUI pops up then you have done everything correctly. You can then choose the option you would like to run.
Beware that you do not click the 'Install Repo' button if your linux install is not 'x86_x64'.
Install options and meaning:
-
"Install Repository"
- This will install the checkra1n APT repository, but only if you are using x86_64.
-
"Direct Download"
- Installs checkra1n to /usr/bin for all devices, regardless of architecture.
-
"Procursify"
- Installs the Procursus bootstrap to your device. Learn more about Procursus here. TLDR: Replaces Substrate with libhooker and uses the Procursus repositoryfor more up-to-date programs. Also, you get Sileo, in addition to Cydia.
-
“Save Blobs”
- Saves currently signed SHSH blobs so you can upgrade/downgrade to unsigned iOS versions if you have the right blobs.
-
"Credits"
- Is self explanatory
-
"Update"
-
Uses
curl
to get the latest version of this tool. You shouldn't need to use this manually, as it updates itself on startup.
-
Uses
Step 3 (Direct Download):
After selecting the 'Direct Download' Option run the following script below to use checkra1n:
cd /usr/bin && sudo checkra1n
Don't forget to make your window 80 x 50 or full screen the terminal to use checkra1n!
Without using the installer:
If you do not want to use the installer then you can try this way too.
All you need to do is run the following 'one-liner' script in a command prompt like so:
curl -s https://raw.githubusercontent.com/Randomblock1/checkra1n-linux/master/installer.sh | sudo bash
Developer note: '(note: you can't use procursify unless you actually install it)'
Well done you did it!
If you would like to visit the developers github you can do here: Github
Everything on the github is open source for you to look at.
I am not the developer of the repo that is linked.
Please do not come to me with issues.
-
"Install Repository"
-
Installing WINE on Kali Linux X64
Hopefully this helps most of you who don't use windows but still want to use tools that are windows only/do not support linux.
Probably wont work for all things however should work for most.
Step 1:
Run the following commands below.
#echo deb http://http.kali.org/kali kali main non-free contrib > /etc/apt/sources.list #echo deb-src http://http.kali.org/kali kali main non-free contrib >> /etc/apt/sources.list #echo deb http://security.kali.org/kali-security kali/updates main contrib non-free >> /etc/apt/sources.list #echo deb-src http://security.kali.org/kali-security kali/updates main contrib non-free >> /etc/apt/sources.list
Step 2:
After running all the commands above one at a time, run the following commands.
sudo dpkg --add-architecture i386 sudo apt-get update sudo apt-get install wine-bin:i386
If sudo apt-get install wine-bin:i386 doesn't work then try this:
apt-get install wine32
Step 3:
Usage
cd MyPath/Downloads wine npp.*.exe
Credits:
-
-
Like laxus said look at tutorial section and that methods are different for each game.
Unity by far are the easiest games to hack as all Dll's are c# and can be accessed almost plain by using the il2cpp dumper for il2cpp games. You don't get the source of the functions but you get methods, variables, functions, classes etc including the offsets and other info needed for cheat creation.
Custom made engines (like what is used in lost light) and other engines like Un-Real Engine require you to do a bit of scanning, reading and tons of testing. Making cheats for Non-Unity games is never easy and takes some work, dedication and understanding on Assembly code (ASM).
To create your own tweak files (.deb (debian)) you will need a compiler like theos (theos requires a mac to run) and a menu template like ted's or IOSGods own custom made if you have access to Online Theos like I have and many other developers. To code the cheats you will need to understand programming in general. You will need to understand languages like C/C++.
Personally I would start making patcher cheats like I used to in the past (and still sometimes do) which are most of the time the easiest (sometimes patching offsets causes unwanted functionality for other things which means you need to decompile and analyse the function and its functionality which again loops back to the fact you need to understand ASM.
Tools that you should use:
IDA 64x Pro or an alternative like Ghidra <- Reversal of game binaries
DnSpy <- Dissect and browse C# Dll's from dumped Unity Games
Text editor like Notepad ++ or Notepad for keeping track of functions and documenting; Not really needed but up to you.
I hope you listen to my warning when I say to not attempt something you have no clue what you're doing or talking about. Do go learn how to code in C/C++ like how to use pointers, make basic functions and stuff like that then afterwards go read documents of the mod menu template you want to use and target but do learn ASM as it will help you so much!!!!
You also need common sense like most of the time.
Don't forget to ask for help if you're stuck.
Hope this helped.
Those who are more experienced than me do correct me on anything I have gotten wrong and I will correct it.
-
1
-
-
I will look into it.
-
1
-
1
-
-
1 hour ago, Puddin said:
Then I’m last then
like sonic said "your too slow"
-
-
Just now, Zeref said:
Im no expert but worth a shot
Wouldn't you need to uncomment /*%ctor { so that @Framework/UnityFramework.framework/UnityFramework" can be used?If you look down its already done again.
Quote%ctor{ [APMenu.sharedInstance setTargetBinaryNamed:APEncrypt("@Framework/UnityFramework.framework/UnityFramework")]; //MSHookFunction(((void*)MSFindSymbol(NULL, "Alexplay.OilRush.App.Extraction.Machines.SwipeChargingMachineActionDetector$$SetSwipeProgress")),(void*)infAutoSwipe, NULL); // should give inf auto swipe MSHookFunction(((bool*)MSFindSymbol(NULL, "Alexplay.OilRush.App.Extraction.Machines.MachineUtils$$IsMachineOwned")),(bool*)ReturnTrue, NULL); // own all machines MSHookFunction(((double*)MSFindSymbol(NULL, "Alexplay.OilRush.App.Extraction.Machines.Upgrades.MachineUpgradeUtils$$GetPrice")),(double*)ReturnNone, NULL); // 0 upgrade price MSHookFunction(((double*)MSFindSymbol(NULL, "Alexplay.OilRush.App.Extraction.Machines.Machine$$get_ExtractionMultiplier")),(double*)multi, NULL); // 99x extract multi }
-
5 minutes ago, Zeref said:
Is there supposed to be a // at the start?
yes its a comment.
-
-
I havent really got too much of a clue of what I am doing as I don't exaactly have a clear understanding off how MS stuff works. I follow this tutorial. Not sure if its out dated or not.
Code:
@import Foundation; @import UIKit; #import "Menu.h" #import <substrate.h> #import <mach-o/dyld.h> #include <substrate.h> /*%ctor { [APMenu.sharedInstance setTargetBinaryNamed:APEncrypt("@Framework/UnityFramework.framework/UnityFramework")]; //[APMenu.sharedInstance setTargetBinaryNamed:@"Frameworks/FrameworkName.framework/ExecutableName"]; //[APPatch writeToOffset:APEncrypt("10020081C") hexValue:APEncrypt("C0035FD6")]; // // obf long: get_Value)_ //[APPatch writeToOffset:APEncrypt("024E038C") hexValue:APEncrypt("400680D21F2003D5C0035FD6")]; // //iG_writeData((APEncrypt("1001D9900")), APEncrypt("20008052C0035FD6")); // writeData is still available for use }*/ // ignore WIP void infAutoSwipe() { } bool ReturnTrue() { return true; } double ReturnNone() { return 0; } double multi() { return 99; } %ctor{ [APMenu.sharedInstance setTargetBinaryNamed:APEncrypt("@Framework/UnityFramework.framework/UnityFramework")]; //MSHookFunction(((void*)MSFindSymbol(NULL, "Alexplay.OilRush.App.Extraction.Machines.SwipeChargingMachineActionDetector$$SetSwipeProgress")),(void*)infAutoSwipe, NULL); // should give inf auto swipe MSHookFunction(((bool*)MSFindSymbol(NULL, "Alexplay.OilRush.App.Extraction.Machines.MachineUtils$$IsMachineOwned")),(bool*)ReturnTrue, NULL); // own all machines MSHookFunction(((double*)MSFindSymbol(NULL, "Alexplay.OilRush.App.Extraction.Machines.Upgrades.MachineUpgradeUtils$$GetPrice")),(double*)ReturnNone, NULL); // 0 upgrade price MSHookFunction(((double*)MSFindSymbol(NULL, "Alexplay.OilRush.App.Extraction.Machines.Machine$$get_ExtractionMultiplier")),(double*)multi, NULL); // 99x extract multi }
If someone could help that would mean alot aswell as give a good explanation of function hooking etc. The tutorials available kind of confuse me.
Also some functions have custom types and or types that I cannot define by default so I am not too sure what to do about those.
-
-
21 hours ago, Taylor Meyer said:
so I want to mention right away to make it clear that this is not my expertise at all
but what I did is I took your code and did some prompts into Copilot AI code interpreter and this is what it said:
Disclaimer: keep in mind if anything is wrong it is the AI
everything in the quote and the extra quote is by the code interpreter
Generated using Copilot AII appreciate you trying to help but if you don't know please don't go to an AI bot. They only know from the data given to them from when they were learning from the internet meaning they can be wrong most of the time.
-
-
Just now, Puddin said:
How far into the game are you?
Far enough to use essence and also do like the second dungeon but that's really it.
-
1 minute ago, Puddin said:
I mean for upgrades, I can’t be arsed to check pm
I only used: 000080521F2003D5C0035FD6 for the patches
-
Just now, Puddin said:
What hex / patch did you use? I doubt hex matters lol
I havent touched this at all lol
-
-
42 minutes ago, DO DUY HIEP said:
I tried upgrading, then quitting the game, and logging back in. data is not saved.
It does save. Not sure what you're doing or what @Puddindid to the patch but it should save. I dont have the source so 🤷♀️
-
1
-
-
Ill have a look. If it is heavily server sided then it wont happen.
-
Sick stuff!
Jackpot Friends
in Hack Requests
Posted
Gotcha thanks.