godfather9797

@RyanZ I hope you will win

@nd3r I HOPE YOU WON THE GIVEAWAY

hi i want to hack this game https://itunes.apple.com/us/app/tap-titans-2/id1120294802?mt=8&uo=4&at=1010lce4 the thing that i want to hack is mana ( freezing or infinity mana ), by IDA and LLDB , and this is the adress of gameplayer 10C38E830 and it is a float so i set watcpoint in lldb w s e -- 0x10C38E830, and i get these three addresses 0x10046c0f8: mov x0, x19 0x10046c0fc: orr.16b v0, v8, v8 0x10046c100: ldp x29, x30, [sp, #48] (lldb) x/i 0x10046c0f0 0x10046c0f0: 0x54000120 b.eq 0x24 (lldb) x/i 0x10046c0f4 0x10046c0f4: 0xbd02f260 str s0, [x19, #752] (lldb) x/i 0x10046c0f8 0x10046c0f8: 0xaa1303e0 mov x0, x19 So the LLDB Address is 10046c0f8 , 10046c0f8 − 44000 = 1004280f8 this is the address of IDA after subtract ASLR load thin (arm64) binary in IDA and i jumped to this address 1004280f8 and i found this function __text:00000001004280F4 STR S0, [X19,#0x2F0] how can i modification this Address to get freezing or infinity mana and there are the register When LLDB breaks s0 = 13.6334 s1 = 13.6 s2 = 1.52466e-020 s3 = 0 s4 = -1.#QNAN s5 = -1.66304e+038 s6 = 0 s7 = 0 s8 = 13 s9 = 35 s10 = 0.0333333 s11 = 13.6 s12 = 0 s13 = 0 s14 = 0 s15 = 0 and a photo for mana inside the game https://imgur.com/zNp0dBY and these are the addresses above the address 1004280f8 After changed to graph view https://imgur.com/Ooc1kUD https://imgur.com/TL6GRva https://imgur.com/h0KjoiZ

Merry Christmas @DiDA and thank you

@Joka Nice man

@GrimezHope you have a good christmas

Thank you @Joka

Thank you @Joka

Thank you

@cooliosdudebro Hope You win Giveaway

Nice!

Thank you

Nice

Nice

- Unlimited Mana this Features dose not work can you fix it please @Diversityy

Thank you

Nice

i remove the ASLR, the game always crash and i tried to play around with it, it giving me two offset as showing below https://imgur.com/y6xoh9t

after i get the offset from lldb for arm64 thinning binary (subtract from Aslr), and load the same thin binary in the IDA Pro 7 (processor type = arm Little-endian) i cann't find the same offset in IDA

Thanks @DiDA

@DiDA Same error '' fatal: could not create work tree dir '/opt/theos/sdks': Permission denied ''

Install SDK sudo rm -rf /opt/theos/sdks/ && git clone https://github.com/theos/sdks /opt/theos/sdks giving me fatal: could not create work tree dir '/opt/theos/sdks': Permission denied

Thanks @K_K

Thanks @DiDA when try to install Toolchain after download it using this command sudo wget https://developer.angelxwind.net/Linux/ios-toolchain_clang%2bllvm%2bld64_latest_linux_x86_64.zip -O LinuxToolchain.zip it giving me this error ( sudo: unzip: command not found )