0xSolana

Mod Requirements:
- Jailbroken iPhone/iPad/iPod Touch.
- iGameGod / Filza / iMazing or any other file managers for iOS.
- Cydia Substrate, Substitute or libhooker depending on your jailbreak.
- PreferenceLoader (from Cydia, Sileo or Zebra).

 

STATUS  SAFE

INFORMATION Use A-Bypass or any good JB bypass, or you will get instant ban.

Hack Features:
- ESP
- Lines
- Boxes
- Health bar
- Health text

 

Source Code Here : 

Non-Jailbroken & No Jailbreak required hack(s): https://iosgods.com/forum/79-no-jailbreak-section/
Modded Android APK(s): https://iosgods.com/forum/68-android-section/
For more fun, check out the Club(s): https://iosgods.com/clubs/

iOS Hack Download Link:

Installation Instructions:
STEP 1: Download the .deb Cydia hack file from the link above. Use Safari/Google Chrome or other iOS browsers to download.
STEP 2: Once the file has downloaded, tap on it and then you will be prompted on whether you want to open the deb with iGameGod or copy it to Filza.
STEP 3: If necessary, tap on the downloaded file, and then, you will need to press 'Install' from the options on your screen.
STEP 4: Let iGameGod/Filza finish the cheat installation. Make sure it successfully installs, otherwise see the note below.
STEP 5: If the hack is a Mod Menu — which is usually the case nowadays — the cheat features can be toggled in-game. Some cheats have options that can be enabled from your iDevice settings.
STEP 6: Turn on the features you want and play the game. You may need to follow further instructions inside the hack's popup in-game.

 

NOTE: If you have any questions or problems, read our Troubleshooting topic & Frequently Asked Questions & Answers topic. If you still haven't found a solution, post your issue down below and we'll do our best to help! If the hack does work for you, please post your feedback below and help out other fellow members that are encountering issues.

Credits:
- 𓄼 . f v c k . 𓄹

Cheat Video/Screenshots:

7 minutes ago, Muhd Firdaus Ariff said:

can you help me to reedit to UIAlertControllet?

https://developer.apple.com/documentation/uikit/uialertcontroller

4 hours ago, Muhd Firdaus Ariff said:

Tweak.x:32:430: error: 'UIAlertView' is deprecated: first deprecated in iOS 9.0 - UIAlertView is deprecated. Use UIAlertController with a preferredStyle of UIAlertControllerStyleAlert instead [-Werror,-Wdeprecated-declarations]

use UIAlertController as it suggest it

Really cool tutorial 

 Hello!

Since the new iGameGod update update was released, a new debugging feature has appeared and we will see it in this tutorial!

This feature will work on Non-Jailbroken & Jailbroken devices!

iGDebugger allows you to debug iOS apps directly from iGameGod without a Mac or any terminal; no need to use LLDB and freeze your device with each test 

You can use it to find and patch an offset! We're going to cover the whole process!

First of all, enable (or inject iGameGod Jailed) iGameGod in your app! We'll be using Godus as an example here. 

 

Now, basics, just search your coins value on iGG until you get a few results!

Here comes the nice feature!

Long press the offset (usually the first one is the right one) and select 'Set Watchpoint'.

And, buy something or do anything that can change your value. I've done 2/3 interactions with my balance. 

Now, we want to check our watchpoint!

To do this, click on the Search icon located bottom right, and select Watchpoints.

On the new window will be all your watchpoints, on my screenshot, there is only one because I trust this watchpoint to be useful  But you can add more!!

You can toggle On/Off your watchpoint by the toggle option. 'Writes: 3' means that our "memory offset" got edited 3 times, Let's take a closer look.

This screenshot is interesting, it shows us many things :

• Our "function name" : _ZN8Currency6Belief....BeliefUseType

note  This is called a Symbol, and its generated by the compiler. Sometimes it wont even deal with the function name. But in our example it deal with, so all good

• Our IDA offset : 0x1777B0. This one will be the same for you (if you use the same version as me)!
• And our coins logs!

*I cut something that got me +49 gold*

You can click any of theses logs to see the Register Values and the Stack Trace! I will click the first result since it's my actual balance.

NOTE As you can see, x0 holds our increased value and x9 our current balance (1329 + 49 = 1378)

So, well let's directly take a look at this in IDA!

Once you have loaded your binary file into IDA, and select Mach-O dylib decomplication mode, let's go to the function/offset we found in iGameGod!

This is a Non-Unity (UnityFramework) game so we need to add a value to it to find it on IDA (100) : 0x1001777B0

Click OK and you should see your instruction.

NOTE As you can see, our function name is "BeliefUseType" like on iGG! 

So this function gets triggered once something is getting added to our balance. 

We can see that there is an ADD instruction at 0x100177AC that is dealing with x9 and x0! and we have seen previously that x0 = amount and x9 = balance.

Here it's simple, it does something like this:

x9 = x9 + x0
x9 = 1329 + 49

 Mhh how we could hack this?

Well there a few possibilities, and I will chose a legit one. I will add 100 to my balance each time I receive something.

So i do it like this :

ADD x9, x9, #100.

I will use Live Offset Patcher to test the hack.

NOTE Do not RET the instruction after the ADD. Here, we are dealing with an instruction INSIDE our function, if you RET the next instruction, it gonna crash since your device won't know what to do.

And indeed it worked! This is how you can easily hack your games without needing a PC to debug your game. And yes... I lied a bit by saying that you don't need a computer... But atm there is no way to see ARM instructions on iOS, yet!  If that changes, I will edit the topic!

I've cut one more tree (that would normally give me +1 Gold.

Our result went from 1378 to 1478! (thanks to our patch)

The game was Godus, version : 1.36. You can download this version from the Decrypted App Store.

 

Well that's all, hope you learned one more thing in modding

 

Want to learn more? Check out the next tutorial: Using iGameGod Breakpoints & iGDisassembler (On-Device)

22 minutes ago, Happy Secret said:

I am customising Unity 5D. 
Of course Unity 5D, by itself has no such feature. 
 

My question Is, how to access the Unity Component’s fields (like what you said e.g. HP -> 0x24). 
 

I found online that there are way to get the gameobject (and it’s transform) from monobehavior component object. 
https://www.unknowncheats.me/forum/2562233-post1403.html

You can see it is also accessing through series of offset. 

Anyway, let me continue to share around. Will share if I find anything useful. 

Oh okay, yeah afaik Unity5D do not have such features.

Tho if you could manage to do something like this, it would be insane 

2 hours ago, Happy Secret said:

I don’t think it is completely true. Those Monobehavior class are actually Components and part of objects. Just some we no longer get the class name.

for the one I am working on is Arena Of Valor. 
I can see ActorConfig is shown in Component list. It is Part of the player game object. I am sure it is player, because I already draw the ray line to them.

But I need way to get the field value within ActorConfig component.

 

Mhh i think i do not understand what you mean... are you looking for a field inside the ActorConfig class like : private int HP; 0x24 ?

If its the case, i don't think U5D can help you  

9 hours ago, Happy Secret said:

I mean fields like HP / something indicate enemy/ Ally of a Monobehavior class. It is now a Component of a GameObject that I draw.

I want to paint the line Color differently. Anyway, I am trying to extend the logic to not just paint green Color line for every logic that meet the filter requirement. 

I think Unity5D show’s only some Il2cpp related stuff, it won’t show the game itself function/fields since it will be different for any game. 

It just shows the class and all the native Il2cpp stuff

As Puddin said it, look for theses instructions once u think u got the right function. check also ADD instruction, sometimes its tricky and they ADD negative number to your balance instead of substraction.

Example : 

100 - 8 //SUB

100 + (-8) // ADD

 

10 minutes ago, Shrino said:

reading memory changes?

 

You mean using lldb to read the memory ?

No it doesnt change anything, it was for the demo

5 hours ago, Happy Secret said:

How do we access to Component’s fields? It seems can’t access with offset. Not sure how does it being wrapped.

 

any idea ?

wdym exactly ? the field isn’t clickable ?

Nice done ! 

3 hours ago, Fazehiugo said:

Nope i don’t but i downgraded cuz i really want to be safe i don’t have other phone. Imma might ask iphone 8 from my friend so i could jailbreak have been waiting over 1y jailbreak and still not for a13 ios 15.3 that sucks

yeah, but if u installed it on trollstore u might be safe 

9 hours ago, Fazehiugo said:

Idk really know i don’t have any kinda crashing maybe sometimes insta crash when i start but not big problem

well then all is good, you don’t have crash when going to chat and back to camera ?

1 hour ago, Fazehiugo said:

Idk i have used 11.80 idk if i now change the version would i still get banned if 11.80 is detected still gonna do that anyway to be safe

11.80 worked good for me without ban but theses annoying crash made me choosed the other version. 

if you log out then uninstall and install the 11.71 i think it should be good

45 minutes ago, Fazehiugo said:

How long have u been using it, downloaded it like 7h ago but idk still it would suck if i get ban and i don’t have second phone

since 6 months, i posted the topic 7 days after tested and still no ban yet. I’ve reset my phone and re followed the tut for the installation and still not ban, if you follow the requirements and the steps you are good. i use the 11.71 version 

11 minutes ago, Alihackali said:

thanks because I am waiting u

it will be my next tutorial

14 hours ago, Alihackali said:

 thanks for everything

but you did not complete the H5GG    explain how to make a mod menu that changes or allows offsets to call a function in html for the modmenu

thanks again 

let me a few weeks or days

6 hours ago, Happy Secret said:

Thanks for sharing. That is a really good LLDB cheat sheet.

But apparently I can’t find the parameter for ‘p’ or ‘x’ to display Double value on a Memory Address.

Can you share an example? 

i didn’t mentioned it on my tutorial but i used also ‘p (int *) 0x9’ to read to a registrer or an instance var, maybe you need to add another pointer like this ´p *(float*) 0x8c’ i will clarify it this afternoon once i can check and will confirm you 

15 hours ago, Houari_manar10 said:

did we get ban or no ?

not for me, still on my main account with it

40 minutes ago, Happy Secret said:

To supplement a bit here:

The key reason behind:

1. The watchpoint break right after the triggering instruction:
    Default watchpoint type (w or write) only trigger when the address that we watch changed. So, it will always be after the fact (value changed). The trigger instruction will always be one instruction before the one got highlighted.

2.We saw long random value in the watch result:
   That number could be float or double (or some Boolean) which has a very different representation in memory. What we see is, LLDB try to understand the underlying hex as a normal decimal number. For Floating point, we can apply formatter to our memory read. For Double, I always need to refer to online Double tool like this one - https://gregstoll.com/~gregstoll/floattohex/

Please do let me know if there are simple way to read Double in LLBD.

mhhh i seem not understanding what you are trying to tell me 😅, in this case it was an int, as shown on iGG, float would have been FADD.

To read double values, i guess you can use the 'p' command with a few parameter or the 'x' one

https://www.nesono.com/sites/default/files/lldb cheat sheet.pdf

 

38 minutes ago, Puddin said:

Doesn’t lldb only work on iOS 12 and below or something?

depends on which Xcode version you use (and so lldb) but nah, the tutorial is based on a jailed iOS 15.1

if you used a lldb version from Xcode with compatibly iOS 12 then yeah it might not support anything higher