Said9321

Thnx

Cool

Thanks

hmmmm

How to use Dobby framework (Link below) to create Theos tweak that can utilize the advantages of changing the registers at runtime, I have seen couple of tweak that used it but a could not understand can they used it or how I can create a new tweak with this framework.

https://github.com/jmpews/Dobby 

One more thing, Is there any other way to read registers and change them accordingly at specified breakpoint address.

main main goal is to set break point at every SVC80 in the assembly and check what type of syscall (by passing anti-debugger).

Thnx

thnx

Thanks

Pump 😑

Hi,

i there a native lldb that works on iOS 13.4.1 OR an lldb that would work on windows or linux?

is using ax Xcode is the only solution for iOS 13.4.1 and higher for dynamic analysis ??

thank to all in advance

watchpoint or breakpoint won't hit .. why it's getting skipped ??

Whenever I hide the menu and then bring it back the offset and byte would disappear ..is that normal ?? 🙄

Just use any momory injector, I used DLG memorInjected.

I don't think you need a real hack for this game, I just found a bug while testing the game.

1. Download GameGem and activate the game from the "Speed Optimize Manager" tool.

2. Open the game and then  tap on the small gear icon that will show to let the speed controlling menu pop up then set it to 100

3. Finally just swipe (from top to bottom) to show your notification after 30sec return to the game.

check offline bonus .. easy money 😁

hope that helped.    

On 9/15/2020 at 6:59 PM, Rook said:

Hey,

This sounds like the actual binary is in the .app/Frameworks folder.

I was able to hack framework .. tested by installing the patched ipa.

NOW time to create a tweak .. BUT there are 2 plist files and both have a different bundle identifier:

plist1. first one is in the main directory.

plist2. second one is in the framework folder where I found actual binary.

Using command "frida-ps -Ua" will show the bundle identifier in plits 1.

please advise .. as I tried both but nothing actually happened.

Is this tool calculate the ASLR shift? Can I just copy the address from IDA directly?

Hi,

I installed lldb on linux to conduct dynamic analysis debugging but when I enter the bellow command.

platform select remote-ios

it says, cannot find sdk path

how to fix it ??

It works, you are a true iOS god Rook.

thanks alot.

Hi,

straight forward on how this issue happened.

1. I managed to get the decrypted ipa using CrackerXI+

2. unzip it and found the Mach-O file of size 62 kb only and has no useful information when disassembled in ida

3. tried to use il2cpp using the Mach-O file and the global-metadata.dat but it throws the below error.

Initializing metadata...
Index was outside the bounds of the array.
   at Il2CppDumper.Metadata.CreateStringLiteralDic() in C:\projects\il2cppdumper\Il2CppDumper\Metadata.cs:line 128
   at Il2CppDumper.Metadata..ctor(Stream stream) in C:\projects\il2cppdumper\Il2CppDumper\Metadata.cs:line 90
   at Il2CppDumper.Program.Main(String[] args) in C:\projects\il2cppdumper\Il2CppDumper\Program.cs:line 34
Press any key to exit...

Q1. What does the error means and how to solve it?

Q2. what would be the approach in order to hack the game?   

NOTE: Mach-O file of size 62kb only and global-metadate.dat of size 4.2mb

Thanks to all in advance

thnx

thnx

Thnx

Thnx

test

thnxs