_Maro

On 8/11/2020 at 4:16 PM, bR34Kr said:

That offset is based on the class. So it's not literally 0x2ECF56 in memory, it's PlayerOffset+0x2ECF56. So yes, you need to find a way to get your player instance and then to read it you read the float stored 0x2ECF56 after that base address.

thanks.

but what are those ways to find my player instance ?

Hello

after dumping il2cpp lib with il2cppDummper and by browsing dumy dlls i found alot of useful staff

no my problem is if a var lets say health is at offset 0x2ECF56

can i read this var from memory without injecting scripts into app or mod it

if il2cpp base addres inside memory is 0x8000000 can i then read the health var from lib base addres + heallth var offset ? 

Hello,

after duming game's IL2CPP lib i found that the variable holding player badges count is at 0xEF2CC600

so what i does is 

-search for game pid (found xx)

-read /proc/xx/maps and looked for il2cpp base address (found it at 0x80000000)

-read /proc/xx/mem from libbaseaddr + variable offset to some length ( 4 bytes ) as my var is unit 

-but i got value different than what i was expecting

my question is am i correct ? regarding the procedure i used to search for the variable ? 

may it be what i am looking for but encrypted ? 

what do you think guys?

Edit :

please note that i'm trying to read data only and i'm not interested into decompiling app and mod it.