Goran

my folder is named 1 /var/mobile/1 game is "com.LakeEffectApplications.TriggerFist" values are... Ammo 0x001527D4 0000A0E3 Nades 0x0015370C 000040E2 Can someone compile me tweak.xm and preference.plist for that??? because am going around like retard.... i see there is more plist file with name 1.plist in my procect, so i dont get it where to put, and am not sure i compiled good. so please help just for example.... thanks a lot

if i made tweak on http://armconverter.com/codeinjectgenerator/ do i need to delete whole content in tweak file and plist, or just to implement this inside.....???

ohh, it have tutorial for linux or something... but there is no exact ios tutorial... i enter " $ git clone --recursive https://github.com/theos/theos.git $THEOS" it want recognise $ command

is there on forum tutorial fow windows users for this one???

my folder is named "triggerfist" i go like this "cd /var/mobile/trigerfist && make package" is says this make: xcode-select: Command not found make: xcode-select: Command not found

just like that? it says "no rule to make target "package". stop

when i got all ready in folder, how to compile deb now??? example, my project folder is TriggerFist.. how to make deb from it??

thanks, where to put TWEAK XM and PREFERENCES.plist and where is located project and DEB file created???

I installed Theos, i installed [UPDATE 2.2][Template] Custom NIC Code Injection Patcher Template! i got codes for game NOW WHAT??? Am using game from "TriggerFist" IS GAME have hex codes.... how to use template? i go in terminal and choose CSCI PATCHER.... then i got this... PROJECT NAME? what need to write here? PACKAGE NAME?? what need to write here? AUTHOR NAME? what need to write here? MOBILESUBSTRATE BUNDLE FILTER? what need to write here? LIST OF APPLICATION TO TERMINATE UPON INSTALLATION? what need to write here? So i firs need to know where to put TWEAK XM and PREFERENCES.plist and what to write above this, also where the file deb will be created...?? thanks a lot...

thanks man...

since " https://sdks.website/ " is down, where to get SDK? am on iphone 6s 10.2...

i installed Theos from this tutorial... and all went good... then i copied template how instruction said in this one... But when i start command in terminal as su... /var/theos/bin/nic.pl is says... this sh: /var/theos/bin/nic.pl: /usr/bin/perl: bad interpreter; No such file or directory i installed just theos and this template... so what is wrong here, and what i miss...

Great tutorial, thanks a lot... this is good one.. i hope you will make good one too for advanced also you are doing this REALLY GOOD, so i hope you will make for Arm64 too... hope that advanced one is coming soon... RESPECT+++ just change this in tutorial to be perfect... "Alright, so we want to know the ida offsets of the gameplayer addresses we have." its not offset, its address.. offset in Ida is at bottom.. thanks man... ❤❤❤ PID= Process ID this need to be edited also,,, " The first offset, is the ida hex offset & the second is the hacked offset" this " The first offset, is the ida hex offset & the second is the hacked HEX" to this @Ted2

if i try to watch or breakpoint nothing... also everything with ASLR is done... calculated etc... and in ida pro it shows this one....

thansk man

what is backtrace function? when we are using this and how?

am begginer and when i get basics, i will make tutorial like you never seen before... to make it clear once for all... cuz i get many troubles by now.. because of lack of information and deformations... in tutorials.... binary was ARM64bit, but i thinned binary, and it works on iPhone 6s.. i found with iGG value its I64, and in lldb gave me this weird function, so i ask, what means this function??? why have codes like that??? -> 0x425cb4: andlo r6, r1, r0, lsr r11 0x425cb8: andlt r6, r7, r0, lsr r3 0x425cbc: stceq p8, c14, [r0, #-756]

you need to check places where is goes in ida to compare.... and then try that to watch....

@K_K you solved me many mistery, can you tell me why this code look like this??? also i sent you pm about code in CoinDozer.. Thanks man a lot for all your help..

nope, why to remove ASLR when i substract it from hex....

some game cant be unlinked.....

Here it is in details... i have iPhone 6s, that app is ARM64 and ARM7, so i thinned binary to ARMv7, and it works on phone... i found value for diamonds in app it is I64 in iGG, attached to lldb, do image list... w s e -- 0xiGGaddress and got this in lldb... * thread #1: tid = 0x36f39, 0x00425cb4 covetHome, stop reason = watch 1 frame #0: 0x00425cb4 covetHome -> 0x425cb4: andlo r6, r1, r0, lsr r11 0x425cb8: andlt r6, r7, r0, lsr r3 0x425cbc: stceq p8, c14, [r0, #-756] than i was stuck... because when i go 425cb4-F4000(ASLR) it give me "331cb4" ida address... but in IDA, there is no that address, as you can see on picture... Tried to watch and breakpoint those 0x425cb4, 0x425cb8, 0x425cbc... but no luck... here is IDA PRO part... as you can see here even don't have 331cb4 address... so what can it be problem here, because functions don't match... and how could you solve this? if you are working on that...

"IMAGE LIST" of course, i got ASLR in this case "F4000", but that is also have nothing with this on LLDB, aslr is important for IDA PRO, BUT WHAT TO DO IN THIS CASE? IF YOU GOTZ THIS ONE, WHAT YOU WILL DO NEXT IN THIS CASE?

@Ted2 man where did you got that i do watch on ida ADDRESS??? that is not offset that is ADDRESS.... i just gave you example where that lead me in ida... in which function.... man, you dont get the point what i ask... I JUST ASKED WHAT TO DO NEXT, SINCE THIS CAN BE IDA FUNCTION, THAT IDA FUNCTION NOT EXIST.... SO WHAT IS NEXT STEP, ALSO THERE IS NO OTHER IGG ADRESS TO WATCH JUST ONE THAT...

thats the case, it is now always, but i just post here and it says R1... that is not important in this case, important is WHAT TO DO NEXT.... TRIED TO WATCH 0x425cb4: andlo r6, r1, r0, lsr r11 0x425cb8: andlt r6, r7, r0, lsr r3 0x425cbc: stceq p8, c14, [r0, #-756] BUT NOTHING HAPPENED...