Jump to content

NitroxicDemon

Senior Member
  • Posts

    1,096
  • Joined

  • Last visited

Everything posted by NitroxicDemon

  1. where the og's at

    1. Rook

      Rook

      🙋‍♂️

    2. MaybeKevin

      MaybeKevin

      💁‍♂️

    3. Puddin

      Puddin

      Not oG but newG 🤝

  2. Hello, I want to know how I can hook into a binary in one of frameworks of an app? The app's main executable is not in any frameworks, it's in it's usual location inside the .app, but the app also uses additional frameworks. So I want to have a tweak which targets both, the main executable and also the additional frameworks binary.
  3. No, not yet if you are on iOS 15 on your 11 Pro Max then stay on it
  4. What would need to be updated to make it work? Not for all devices, A11 and below
  5. What needs to be done to make tweaks work on iOS 15 and iOS 16? Does kitty memory even work on the latest jailbreaks? I have a hack, it works fine for me. But for my friend, it crashes and he's on iOS 15. It's a mod menu hack, it shows up and all but as soon as he tries to enable a feature, it crashes. How can I make it compatible for the latest jailbreaks?
  6. Grr grr bark bark 🤤🙈

  7. fast update DiDA :D 

    1. Ted2

      Ted2

      #FastUpdateDiDA:D

    2. Fadexz

      Fadexz

      fast update DEEEDA?? :D:D:D:D:D

    1. bR34Kr

      bR34Kr

      Nice... but JB won't be able to play lol

    2. NitroxicDemon

      NitroxicDemon

      There is a bypass my friend knows

    3. Joka

      Joka

      My FrIeNd KnOwS

  8. I only tested one hack on my device, a critical ops mod menu for x64, and it works fine
  9. Same, my hacks always crash for other helix users. helix as in the 32 bit one double helix for 64 bit works fine
  10. doubleh3lix>g0blin

    1. Rook

      Rook

      DoubleH3lx > All Recent JBs

    2. bR34Kr

      bR34Kr

      DoubleH3lix < Electra

      Don't hate because I have a headache right now lol

      Spoiler

      :no.:

       

  11. You know who I dedicate this song to? 

    ?

    1. Show previous comments  4 more
    2. NitroxicDemon

      NitroxicDemon

      Fade, ignore Joka lmao. He always ges his homosexual dersires confused with other people. :lol:

      All jokes aside, if he wants yo continue talking sh!t, we will be in a cyber war he will forever regret.

    3. Joka

      Joka

      Just stating the facts mate

    4. Fadexz
    5. NitroxicDemon

      NitroxicDemon

      Your facts not mine. I ain't gay fuk boi

      Anyways, I warned you. But if you insist.

    6. Joka

      Joka

      Scared sh!tless

  12. I always did this lmao, some still take long time to load lel. For me, ARM64 loads bins load faster than 32 bit bins in ida 32
  13. In this tutorial, I will just give a brief overview of some ARM64 You need to know ARMv7 first so this will be easier to understand. Let's Get Started So basically, instructions are the same, ARM64 has LDR, MOV, STR, etc., same from ARMv7. You will notice ARM64 has different registers, instead of R0, for example, ARM64 uses X0, OR W0. You can hack it the same way as you would ARMv7. Example: This is ammo in the game Forward Assault. The highlighted instruction is what I hacked, SUB W8, W8, #1 Subtract 1 from W8 and put the value back into W8, simply NOP it. OR You can hack the STR underneath it and instead of storing W8, change it to W20 or W29. It will result in making your ammo a very high number. why? Because you silly goose, W20/W29 is the equivalent of R7. OR you can use X20/X29 if the function has X But wait, are the W20/W29 both the same Father Nitro? Well, I'm glad you asked, I was just about to get to that you eager mcbeaver. You see here, the 20 has a high value, but 29 has a even more higher value. Sometimes 29 can make it go too high it can go negative, so use 20 instead. BOOLS Now let's talk about Booleans in ARM64. In ARMv7, to make something return TRUE or FALSE, we simply change it to MOV R0, #1 OR MOV R0, #0 ARM64 is no different, it's just X instead. MOV X0, #0 or MOV X0, #1 Example: Here is an example function. In case you didn't know, it's a BOOL since this function loads a byte, which have 0 or 1 value. So as you can see, this function gets my sexiness. Obviously, to hack it you will change it to MOV X0, #1 making it true, which it is.. This can NEVER be false :kappa: FLOATS So floats in ARM64 are similar in ARMv7, using FMOV instead of VMOV. So just hack the instruction the same way as you would in ARMv7. Example: You can change that FMOv S2, #0.5 to FMOV S2, #31.0. Now it's time to discuss something else. As you make know in ARM7, sometimes we want to hack the beginning of a function and make it return a float value. so we would do: VMOV S0, #31.0 VMOV R0, S0 BX LR So father Nitro, is it the same in ARM64? I know what you're thinking, you're thinking in ARM64 the equivalent would be: FMOV S0, #31.0 FMOV X0, S0 RET WRONG! Do that and watch the game crash. In arm64 the second instruction isn't needed. FMOV S0, #31.0 FMOV X0, S0 RET SO just replace the first 2 lines of the function with FMOV S0, #31.0 then RET that bad boy. Now let me get into another example why ARM64 is bae. Example: This function is from Critical Ops, which gets the bounciness from the grenade. As you will see, it's a LDR, you can hack it and change it from LDR to FMOV. Yes, in ARM64 you can hack LDR functions to FMOV's. So to hack the function, you can replace the LDR S0, [X0,#0xA0] with a FMOV S0, #31.0 This function made my grenades super bouncy, it was funny to troll in public matches. The grenades bounced like crazy! In ARMv7 I found the same function, it was a LDR followed by a BX LR (RET). So to hack it, I tried many things, MOV R0, R7 and such but every time I threw a grenade it crashed. A VMOV S0, #31.0 VMOV R0, S0 BX LR wouldn't work since there isn't enough space. Unless you wanted to write your own code to the unused part of the binary and make the function branch there, which I'm not entirely sure would have worked since I never tried. So I just hacked it in ARM64 instead That's it for this tutorial EDIT: Forgot to mention, this tutorial was written specially for Amuyea
×
  • Create New...

Important Information

We would like to place cookies on your device to help make this website better. The website cannot give you the best user experience without cookies. You can accept or decline our cookies. You may also adjust your cookie settings. Privacy Policy - Guidelines