Goran

ok, i undestand now, but where is adress on this picture that i need to find in IDA PRO... can you mark that address on picture or write it down here...? And thanks for learning me...

YES I AM SIR LOL Where i need to jump, that is reason, why i tell you you need to write me EXACT what you will do in this case... with adress and everything

yeap.... in ida that offset is.... PUSH {R4-R7,LR} ADD R7, SP, #0xC PUSH.W {R8,R10,R11} SUB.W R4, SP, #0x40 BFC.W R4, #0, #4 MOV SP, R4 VST1.64 {D8-D11}, [R4@128]! VST1.64 {D12-D15}, [R4@128] SUB SP, SP, #0x40 MOV R4, R0 MOV R0, #(selRef_class - 0x1C6C2) MOV R2, #(classRef_AVKitVideoPlayback - 0x1C6C4) ADD R0, PC ; selRef_class ADD R2, PC ; classRef_AVKitVideoPlayback LDR R1, [R0] ; "class" LDR R0, [R2] ; _OBJC_CLASS_$_AVKitVideoPlayback BLX.W j__objc_msgSend MOV R5, R0 MOV R0, #(___gxx_personality_sj0_ptr - 0x1C6DA) LDR R1, =(unk_199EFCC - 0x1C6DC) ADD R0, PC ; ___gxx_personality_sj0_ptr ADD R1, PC ; unk_199EFCC LDR R0, [R0] ; ___gxx_personality_sj0 STR R0, [SP,#0x58+var_34] LDR R0, =(sub_1C7BC - 0x1C6EC) STR R1, [SP,#0x58+var_30] ORR.W R0, R0, #1 STR R7, [SP,#0x58+var_2C] ADD R0, PC ; sub_1C7BC STR.W SP, [SP,#0x58+var_24] STR R0, [SP,#0x58+var_28] ADD R0, SP, #0x58+var_4C BLX.W j___Unwind_SjLj_Register CMP R5, R4 BNE loc_1C7A0 in what to change and why? i ask so i can understand...

R1... So what is that offset in this case? which one exact? write me in numbers...

So, what then i need to search in ida??? Is that address or offset? Also, am i looking R2 address? in ida? if you can tell me that exacly so i can understand..

Can you please write me function that i need to enter in LLDB? ohh, something you can learn from me ;)

i know the command that is b 0x???? but am stuck in next step of this... it is CoinDozer game.... Am practicing on that... Am doing Coins, no ASLR.... And i dont know WHICH ADDRESS in this case to watch or breakpoint...??? I need exact command in this case with exact address so i can understand... this Register hold coin value.... r1 = 0x000186b2 CoinDozer.__TEXT.__text + 60642 so i need that you write to me exact command that you will be using in this case on live example, and why, so i can understand... thanks....

you got me nice explanation, thanks, BUT... What is in this case "offset i get in LLDB? http://imgur.com/Wnltf2f can you write me full command with offset for this case (like you are doing hack and writing next step of this), cuz i dont understand where is that new offset i got... Thanks man...

thanks

what is here subx man? and if you can write me "noob like" explanation, with LIVE EXAMPLE on this case... like you are doing this in ida pro...

I got this text in LLDB, finding coins in ZLATAN LEGENDS... Removed Aslr and thined binary... its ARMv7 game... Here is what i got in LLDB.... w s e -- 0x10A21F20 Watchpoint created: Watchpoint 1: addr = 0x10a21f20 size = 4 state = enabled type = w new value: 3719 (lldb) c Process 201251 resuming (lldb) Process 201251 stopped * thread #1: tid = 0x31223, 0x00051ee0 mimosa`ticationMethod_Basic + 303594, stop reason = watchpoint 1 frame #0: 0x00051ee0 mimosa`ticationMethod_Basic + 303594 mimosa`ticationMethod_Basic + 279210: 0x51ee0: ldrbmi r6, [r0, -r3, asr #4]! 0x51ee4: sbcvs r6, r3, #0x20000008 0x51ee8: movwvs r4, #0x2770 Watchpoint 1 hit: old value: 3719 new value: 3842 Now I need "retard like" explanation.... what to do in IDA PRO... i loaded binary, everything is ready... i nned to know what to search from this LLDB info, in ida pro... noob like explanation.... Thanks for helping... and if someone can explain me this functions.... 0x51ee0: ldrbmi r6, [r0, -r3, asr #4]! 0x51ee4: sbcvs r6, r3, #0x20000008 0x51ee8: movwvs r4, #0x2770 coins are in this case...

i found, i must run putty directly from ifunbox, not external one... Thanks maan, you solved my few years mistery.... place this iTunesDriver64_0205.exe is what fixed it for me heres the link http://www.datafilehost.com/d/6b5b5e81 in this tutorial so people can solve problems... Thank you mann

It solved one stuff, but... now lldb work, it says on seccond window CONNECTED but PUTTY says PUTTY FATAL ERROR: Network Error: Connection refused....

maan thank you.. i tried few times over few years.. never found problem... where is that tutorial? can you stick it here??? THANKS A LOT

maaan, there is no tunnelmux window at all... it open two, but one close really fast... am on windows 10 64bit... i run trough lidb.cmd... how to solve that mux problem??

naaah man I do that exacly, i open ifunbox v4, than i open putty 64bit as root, place in putty 127.0.0.1:23 --attach=PID, game freeze, i go to lldb and type process connect connect://127.0.0.1:23, but result in lldb is ERROR NO SUCH FILE OR DIRECTRORY...

iphone 6s 10.2 and windows 10 64bit I have Debugserver in usr/bin 755 Root/mobile i open lldb, than open ifunbox. than connect via putty as root than in putty i place 127.0.0.1:23 --attach=nameofapp i use default ip, because it works... than my game on phone freeze i go to lldb window and type this "process connect connect://127.0.0.1:23" and than NOTHING game is freeze and nothing happens... WHAT CAN IT BE GUYS???

I have Windows 10 64bit, openSSH on iPhone 6s 10.2, iFunbox v4... Firs I open ifunbox and go to see usb tunnel... it says connected to 127.0.0.1:22 than I minimize, open putty.. instert 127.0.0.1 port on 22 press connect, and nothing... it just stay green square, tried to change usb port on pc, but no luck...

@DiDA I have windows 10 64bit, iPhone 6s 10.2 Have installed openssh from cydia, i have ifunbox 4 it shows that is onnected to 127.0.0.1:22 But when i open Putty it wont promp for username and pass, just Green square and nothing...

@ZahirSher @Alyce @Zimon Guys can someone hack this fresh game.. maybe later be more patched.. thanks...

Can you hack it?

Yes it is, i just dont know what command to use in IDA PRO, but is possible.. and game is great..

@3L1T3 BL4Z3 broo, you need to separate this, or somehow block... it goes to NEGATIVE - thanks for hack

ZLATAN LEGENDS Really interesting new game... Zlatan Legends by Isbit Games AB https://itunes.apple.com/au/app/zlatan-legends/id1116965027?mt=8 Requested features: Gems, Coins Jailbroken Thank you!

@ZahirSher video is broken/dead.. please reupload...