DarkArrow

Thx

i am confuse. i dont see any thing like MOVS R1, #0x1F mov #r0,0x1F mov r1,#0x1F Also the only function i see is sub_E77FF4 and it does not contain _menset or getpid. i look at other sub at contain sysctl but they dont have any sub around them only loc_x __text:00E7B134 sub_E7B134 ; CODE XREF: sub_E75A2C:loc_E75C24p __text:00E7B134 __text:00E7B134 var_214 = -0x214 __text:00E7B134 var_210 = -0x210 __text:00E7B134 var_20C = -0x20C __text:00E7B134 var_208 = -0x208 __text:00E7B134 var_1F8 = -0x1F8 __text:00E7B134 var_1C = -0x1C __text:00E7B134 var_18 = -0x18 __text:00E7B134 var_14 = -0x14 __text:00E7B134 var_10 = -0x10 __text:00E7B134 var_C = -0xC __text:00E7B134 __text:00E7B134 PUSH {R4,R5,R7,LR} __text:00E7B136 ADD R7, SP, #8 __text:00E7B138 SUB.W SP, SP, #0x20C __text:00E7B13C MOVW R0, #(:lower16:(___stack_chk_guard_ptr - 0xE7B14C)) __text:00E7B140 MOVS R5, #0 __text:00E7B142 MOVT.W R0, #(:upper16:(___stack_chk_guard_ptr - 0xE7B14C)) __text:00E7B146 MOVS R1, #0xE __text:00E7B148 ADD R0, PC ; ___stack_chk_guard_ptr __text:00E7B14A LDR R4, [R0] ; ___stack_chk_guard __text:00E7B14C LDR R0, [R4] __text:00E7B14E STR R0, [sP,#0x214+var_C] __text:00E7B150 MOVS R0, #1 __text:00E7B152 STR R0, [sP,#0x214+var_1C] __text:00E7B154 STR R1, [sP,#0x214+var_18] __text:00E7B156 STR R5, [sP,#0x214+var_1F8] __text:00E7B158 STR R0, [sP,#0x214+var_14] __text:00E7B15A BLX _getpid __text:00E7B15E STR R0, [sP,#0x214+var_10] __text:00E7B160 MOV.W R0, #0x1EC __text:00E7B164 STR R0, [sP,#0x214+var_20C] __text:00E7B166 ADD R0, SP, #0x214+var_1C ; int * __text:00E7B168 ADD R2, SP, #0x214+var_208 ; void * __text:00E7B16A ADD R3, SP, #0x214+var_20C ; size_t * __text:00E7B16C MOVS R1, #4 ; u_int __text:00E7B16E STR R5, [sP,#0x214+var_214] ; void * __text:00E7B170 STR R5, [sP,#0x214+var_210] ; size_t __text:00E7B172 BLX _sysctl __text:00E7B176 CBZ R0, loc_E7B194 __text:00E7B178 MOV R0, #(aSSysctlFailedW - 0xE7B18C) ; "%s: sysctl failed while trying to get k"... __text:00E7B180 MOV R1, #(aClsprocessdebu - 0xE7B18E) ; "CLSProcessDebuggerAttached" __text:00E7B188 ADD R0, PC ; "%s: sysctl failed while trying to get k"... __text:00E7B18A ADD R1, PC ; "CLSProcessDebuggerAttached" __text:00E7B18C BL sub_E77FF4 __text:00E7B190 MOVS R0, #0 __text:00E7B192 B loc_E7B19E __text:00E7B194 ; --------------------------------------------------------------------------- __text:00E7B194 __text:00E7B194 loc_E7B194 ; CODE XREF: sub_E7B134+42j __text:00E7B194 LDRB.W R0, [sP,#0x214+var_1F8+1] __text:00E7B198 AND.W R0, R0, #8 __text:00E7B19C LSRS R0, R0, #3 __text:00E7B19E __text:00E7B19E loc_E7B19E ; CODE XREF: sub_E7B134+5Ej __text:00E7B19E LDR R1, [sP,#0x214+var_C] __text:00E7B1A0 LDR R2, [R4] __text:00E7B1A2 SUBS R1, R2, R1 __text:00E7B1A4 ITT EQ __text:00E7B1A6 ADDEQ.W SP, SP, #0x20C __text:00E7B1AA POPEQ {R4,R5,R7,PC} __text:00E7B1AC BLX ___stack_chk_fail __text:00E7B1AC ; End of function sub_E7B134 __text:00E7B1AC PS this sub is being by another that have this text:00E75C24 loc_E75C24 ; CODE XREF: sub_E75A2C+1DCj __text:00E75C24 BL sub_E7B134 __text:00E75C28 LDR R1, [R5] __text:00E75C2A STRB R0, [R1,#1] __text:00E75C2C LDR R0, [R5] __text:00E75C2E LDR.W R1, [R8,#4] __text:00E75C32 STR R1, [R0,#0x10] __text:00E75C34 LDR.W R1, [R8,#0xC] __text:00E75C38 STR R1, [R0,#0x14] __text:00E75C3A LDRB.W R1, [R8,#8] __text:00E75C3E STRB R1, [R0,#0x18] __text:00E75C40 ADDS R0, #0x34 __text:00E75C42 BL sub_E762C8 __text:00E75C46 LDRD.W R0, R1, [R5] __text:00E75C4A MOVW R2, #0x3008 __text:00E75C4E ADD R1, R2 __text:00E75C50 ADD.W R0, R0, #0x184 __text:00E75C54 BL sub_E7E22C __text:00E75C58 LDRD.W R0, R1, [R5] __text:00E75C5C ADDS R1, #8 __text:00E75C5E ADDS R0, #0x1C __text:00E75C60 BL sub_E5FB3C __text:00E75C64 LDR R0, [R5] __text:00E75C66 LDRB R1, [R0,#1] __text:00E75C68 CMP R1, #0 __text:00E75C6A BEQ loc_E75C86 __text:00E75C6C MOV R0, #(aSDebuggerPrese - 0xE75C80) ; "%s: Debugger present - not installing h"... __text:00E75C74 MOV R1, #(aClscontextinit - 0xE75C82) ; "CLSContextInitialize" __text:00E75C7C ADD R0, PC ; "%s: Debugger present - not installing h"... __text:00E75C7E ADD R1, PC ; "CLSContextInitialize" __text:00E75C80 BL sub_E77FF4 __text:00E75C84 B loc_E75CAC

After i loaded a binary in IDA, i search for ptrace and sysctl in Import. I did not found any ptrace but i found sysctl. Does this mean the binary does not have any ptrace to block me from attach with gdb but it has sysctl to block it? (when i try to debugserver host: binary, i got error segment fail 11). and i foudn this too . BLX _sysctl CBZ R0, loc_E7B194 MOV R0, #(aSSysctlFailedW - 0xE7B18C) ; "%s: sysctl failed while trying to get k"... MOV R1, #(aClsprocessdebu - 0xE7B18E) ; "CLSProcessDebuggerAttached" ADD R0, PC ; "%s: sysctl failed while trying to get k"... ADD R1, PC ; "CLSProcessDebuggerAttached" BL sub_E77FF4 MOVS R0, #0 B loc_E7B19E any one have any idea to how deal with this

thx you

thx you

thx you

cool bean

Do you know any one have the ability to do and in game mod menu? we can work together becuase i can't code.

No, there no pop up that say i need to update the game. If that the case do you know how any way to turn on and off a hack while in game? it can be done but i dont know how.

thx

Does any one was able to get the auto loop hack for brave frontier 1.3.42 working for both unit and item using the debug method? if please respone i would love to compare note. Since i am stuck. The offset i have is currently working, but the game will crash if 1) i use any item in battle, 2) i obtian an item in battle. If i dont get/use item in battle then everything is fine.

thank you

thx you

thx you

thx you