beantownfan73

I have all the necessary files installed; theos, perl, ios sdk I am getting this error when i run nic.pl /usr/bin/perl: bad interpreter: No such file or directory

Below is what is listed after attaching game to GDB ***WARNING***: Possible number of sections anti-debug trick detected at segment __DATA_DIRTY ! Number of sections reported from the header is 2, the real number should be 2 Reading symbols for shared libraries + done 0x391e9130 in mach_msg_trap () (gdb) info address _mh_execute_header Symbol "_mh_execute_header" is at 0x10000 in a file compiled without debugging.

Just a few questions as I am a little confused about some stuff 1 - In one of the tuts, it says in IDA go to the very beginning of the file and the first listed is the ASLR. It says to use this offset and subtract it (or add, can't remember at the moment) from the address given in GDB (using info address_mh_execute_header command) and then that address is the ASLR bias. Now, in IDA, the first listed for my binary is HEADER:00004000. The offset, located at the bottom left, is listed as 00000000. Does this sound correct? Am I looking in the right spot in IDA? 2 - Even with Google I am having a hard time finding a good tut on setting watchpoints in GDB, anyone know of any? Thank you for your time! NOTE - When I att the game to GDB and run the command info address _mh_execute_header, the game freezes up and I am unable to do anything with it

Nevermind...lol...i figured it out

I got GDB to work and i am following the dudes tut...but when they said to type in command info address _mh_execute_header, i am guessing address means the header address and not just address_mh_execute_header?

Hahahaha...I wish, would make life easier. I am using a pc

Ok cool...now, where do i get LLDB? I don't see it in Cydia...

LOL thats a great concept but i thought, from what I read here on the forum, that GDB and LLDB did not work too good or at all with iOS 9?

What would I have to change ADD R1, PC to, to get a higher total? Those R's are confusing to me...

I looked up LLDB on this site so I could follow a guide and I found out that it does not play nice with iOS 9. Oh well, back to the drawing board!

I haven't a clue how to use GDB. Last I knew it wasn't iOS 9 friendly anyway.

I tried it out and the app crashes during the splash screen.... Hey no prob, just glad to get some help! Sadly though i either did something wrong or we have to try a different instruction cause the app crashes lol

I found it finally...lol...thanks!

In IDA it says the offset is 000BF698 and when I search that in hex editor it says cannot find.

I've run into a problem finding the hex address in the editor that is in IDA. I looked for the hex address and offset and nada...

Thanks John!

Thanks guys!

Thanks! I'll try it out Well this is where my noob gets in the way. The converter lists Thumb-2 Hex 3846 and Thumb Hex 381C...how do i know which one?

Ok...now i'm a noob...so, using arm converter mov r0, r7 converts to 3846 thumb to hex. so i use a hex editor and change the original hex to 3846?

Can you tell me what i would change in here to add money? _tolua_function __text:000C367A MOVW R1, #(:lower16:(aAddmoney - 0xC3690)) ; "addMoney" __text:000C367E MOV R0, R4 __text:000C3680 MOVT.W R1, #(:upper16:(aAddmoney - 0xC3690)) ; "addMoney" __text:000C3684 MOV R2, #(__ZL32tolua_Game_GlobalData_addMoney00P9lua_State+1 - 0xC3692) ; tolua_Game_GlobalData_addMoney00(lua_State *) __text:000C368C ADD R1, PC ; "addMoney" __text:000C368E ADD R2, PC ; tolua_Game_GlobalData_addMoney00(lua_State *) __text:000C3690 BL _tolua_function

I am a total noob...have no clue how. I'm posting some pics now

I will do that, I need all the help I can get.

Ok so there are 119 strings with the word coin or coins lol. Some are self explanatory but others are vague...like coin and Coins. I wonder how to tell the correct one? There are ones called getcoin, setcoin as well

That's right...I forgot the shortcut for that, thanks dude!

I am having trouble finding the function for currency and coins. I've used flex and IDA to search for these and similar items but nothing is found. Is there a better way to find the functions for these? Thanks