Galmin

How do you find offsets in this game? I tried there's nothing in strings... I have tried to use iGG and GDB but the game reloads when I try to find ammo... @shmoo Any tips? P.s this is so bulletforce https://forum.unity3d.com/threads/anti-cheat-toolkit-stop-cheaters-easily.196578/

Obviously, free games don't give you authorization error....However, the apps that you earlier had pirated contain a different apple id and this will cause the authorization error in iTunes which won't let you sync and if it won't let you sync you can't download the app to your phone with iTunes but only stare at the iPA, and again the only way to get the game you want is by using iTunes to download the iPA and then install it with iFunbox ( you do this if it's not in AppCake or any other app ). You can't crack a directly downloaded app from Appstore, and besides I have no idea why you just went back to the iTunes subject if I was talking about what to do if the game you're looking for isn't in AppCake or anywhere else. Are you getting somewhere with this no offense? You seemed like a nice guy until you started this war of who's right even though we both know how iPA's work & cracking them... You do seem very knowledgeable and I don't doubt it... but we literally fought over the exact same information. Game from Appstore= Crack failure Game not in Appcake = use iTunes (method 1) iTunes (authori error...) = iFunBox + iPA from iTunes (method 2) Are we clear? Cheers, Galmin

There's probably a secret about Unity games and @Shmoo knows it...

I need help asap... So this is actually a protection that BulletForce uses? I found this: https://docs.unity3d.com/Manual/AttachingMonoDevelopDebuggerToAnAndroidDevice.html @ it doesn't seem like unity has something I have to hack... I'm just trying to figure out how to GDB this game...

Here's more to this:

Hey, I just found something interesting in strings of BulletForce. Here's a picture: It literally says: "UNITY_GIVE_CHANCE_TO_ATTACH_DEBUGGER" What is that? Also, I know there is MOV, ADD, STR.... What's DCB? Sorry for so many questions I'm just trying to get back into hacking... Cheers, Galmin

Thanks for writting this! Hope to see more tutorials from you Cheers, Galmin

Thanks! I have definetly learned something new. This was very well written, and thank you for your time. Can't wait to see a new tutorial. Maybe how to find offsets if there's no strings and you can't use gdb or lldb because the app is protected against memory reading? Cheers, Galmin

Nice!

I came to a conclusion... GDB and LLDB won't work in BulletForce because memory reading isn't working just makes the game go back to main menu, and gdb and lldb requires an offset from iGG to set a watchpoint. Furthermore, there's no strings that I've found so far... So strings won't work. Any ideas? @Shmoo ?

Some free games aren't always in Appcake

Not sure how this guys helped me. How am I supposed to find strings in BulletForce if they are under sub_x

Can someone assist me with GDB? Are there any good tutorials for GDB I couldn't find one... Also, whenever I try to find ammo in iGG the app BulletForce reloads again... there's some sort of protection against GameGem and iGG so this won't work... because I can't find the ammo offset I can't do GDB watchpoints. I heard there's an option called " breakpointing " but I can't find anything in IDA in order to do " breakpointing " I can't find any offsets need help asap!

I'll try

I searched for _syscall and there's none in BulletForce. How do you find so many offsets in BulletForce... I'm trying to learn. PM me some useful information if you have time Br, Galmin

What if the whole game is sub_x? How to find ammo in BulletForce? Debugging? Can you make a tutorial on debugging ?

Tutorials

Thanks!

Any questions feel free to ask

CHAPTER 1 - Preparing to hack in IDA PRO Requirement (Instructions of getting them will be in the steps *ordered*): -Cydia -iFile -Rasticrac -MTerminal (iOS 9.3.3) -iFunBox -iTunes -PC -Brain Hi, This topic is mostly for those who want it detailed and specific Have you ever wanted to hack a game on your own? You're in the right place for the first step! We will be using [bulletForce] for this tutorial. Method 1: Step 1- Find a game that you'd like to hack... In this case [BulletForce] Step 2- Open up iTunes on Windows Step 3- Now download BulletForce from iTunes (DO NOT DOWNLOAD FROM APPSTORE DIRECTLY) Step 4- Connect your iDevice to iTunes and find your device there (Backup screen) Step 5- Click on "Apps" & Select the app you downloaded before connecting your device and press "Install" the app should say "Will Install" Step 6- Press "Sync" or "Apply" -- Now please wait until it finishes syncing and installing -- - Error? Failed to authorize... ? No worries I got you covered Method 2 ( If failed to authorize your PC because you have pirated apps from different apple ID's ): Step 1- Download iFunBox: http://www.i-funbox.com/ Step 2- Install iFunBox on your PC Step 3- Connect your device Step 4- In iFunBox Press "Managing App Data" Step 5- Click "Install App (*.ipa)" Step 6- Go to \Music\iTunes\iTunes Media\Mobile Applications\ Step 7- Click on the .IPA that we downloaded earlier from iTunes when it failed. Please Wait & Be patient Step 8- You now have the crackable app on your phone! (Do not open it & follow instructions) Cracking the app once you got the game app using iTunes (The methods above): Step 1- Go to Cydia and add this source: http://cydia.iphonecake.com/ Step 2- Go to search in Cydia and write "Rasticrac" Step 3- Select the one with yellow logo from Appcake (version: 3.3.4b) Step 4- Install it! Important - Make sure you have iFile. Get it from this source: http://sinfuliphonerepo.com/ Step 5- Install iFile from the source I gave you ( I use iFile Cracked/ Version: 2.2.0-1 ) Step 6- Open iFile Step 7- Navigate to /usr/bin/ Step 8- Find "rc.sh" and rename it to something you will remember ( I named it "cra" ) Step 9- Open up MTerminal Important - If you don't have MTerminal then get it from this source: http://apt.thebigbos...pofiles/cydia/ - I used version 1.4-5 because it works great on iOS 9.3.3 Step 10- In MTerminal write "su" then "alpine" Step 11- Write the name you gave to the rc.sh file, and I had named it "cra" so I will write "cra -m" in MTerminal Step 12- You should now see a bunch of apps after you wrote "cra -m" Step 13- Find the game and some game names don't match! --BulletForce is "iosfps"-- Step 14- Write the letter that is before the game name! Mine was "bs" Step 15- Goto iFile again Step 16- Navigate to /var/root/Documents/Cracked/ Step 17- Click on the .ipa and rename it to .zip at the end Step 18- Click on it and press "Unarchiver" --Please wait and be patient!-- Step 19- Now you should see a bunch of files should be extracted and click on Payload Step 20- Now click on "appname.app" in this case mine is "iosfps.app" Step 21- You should see a bunch of files & now scroll until you find the appname (mine is "iosfps" ) Step 22- Copy it Step 23- Paste it in /var/mobile & rename it to "2" Step 24- Go back to MTerminal & type this in order: "su" then "alpine" then "lipo 2 -thin armv7 -o iosfps3" Step 25- Go back to iFile and you should see in /var/mobile/ a new file named "iosfps3" or whatever app you were cracking Step 26- Click on (info) and change it's both Ownerships to "mobile" and the Access Permissions to 777 (Read,Write,Execute) Step 27- Now copy "appname3" the one you just edited, and I had named it "iosfps3" when we were writing lipo 2 -thin armv7 -o iosfps3 Step 28- Paste it in the game original directory mine is /var/mobile/containers/bundle/application/BulletForce/iosfps.app/ Step 29- rename original from "appname" to "appname1" just add something at the end Step 30- The one you just pasted rename it to the original name "appname" mine is "iosfps" Congratulations! You're done cracking and thining the binary and it's now ready to be placed in IDA PRO for hacking FAQ: Why I can't use Appstore from my device to download the app? - Your app will be sliced and only valid on your device or even won't crack at all! Why I can't find the original game directory there's a lot of numbers? - Download Filza from Cydia and compare the numbers (we call them bundle ID's) with iFile and you will find it eventually Please Hit that like button

Thanks for the great tips

Welcome to Looking forward seeing you!

Hello, everyone! I have been trying to hack a few games but with no luck. Furthermore, when I open up a binary in IDA PRO everything is in sub_x. Also, how do you guys find the correct offsets? Could anyone help me live or send me some tutorials... I have no idea from where to start. Also, any good tutorials on quick patcher making and mod menu's? P.s can I watch someone in action hacking a game ? ammo,recoil... Looking forward to your reply's Br, Galmin

Interesting...