DrBonsai

Thx

Let's see

Maybe I should Edit the Post and add more information...

Tsprotector, Xcom, Flex.... I am here for a reason man. Thanks anyway.

Maybe make a tweak. Because like i said before, it seems that the app just ignore the values you change with flex. I don't know how, and I don't know why. But it's simpy what it does. I tried anyway to make a tweak, but it seems that when i try ti extract the class, it has some sort of extrange format that make it impossible for a noob like me (This is my first incursion in the ios cracking) I search on the forum and i found a command called "lipo" to make a smaller version or something of my binary. But it also doesn't works. So in the enf i surrender to the only way i could do it, with an hex editor and ida.

Thanks, I will try that right now. But wich of the 3 not moded functions do you mean?

I am just in the same quest as you: http://iosgods.com/topic/20498-request-the-battle-cats-330-jailbreak-bypass/ I am now trying to mod the jailbreak detection system: http://iosgods.com/topic/21039-jailbreak-anti-cheat-system-bypass/#entry713595 Let me know if you find out something please.

I have made this. Is necesary to edit it with iDA. With flex it simply not work at all. http://iosgods.com/topic/20498-request-the-battle-cats-330-jailbreak-bypass/

What is this line doing? What is loading?

I want to bypass the jailbreak detection . So I need to know what are this functions doing and what modification should i make them.

Hi, I am trying to bypass the jailbreak detection of battlecats. FLEX2, TsProtector, Xcom, and more: ==> I have tryed and nothing work in ios 8.1.2 with this game. So I am trying to patch it with ida And an hex editor because is the only way to find the way it works from the inside. For the booblean functions i got help, but now I have a bigger problem I think. When the aplication is not modded it display a message like: Unauthoriced (A) activity has been detected. With the mod I have done, this don´t happend. But the app keeps stopping on the boot. There are 3 more functions related with jailbreak detection on the code: [MAT Utils checkJailBreak] Boolean (Patched) [GAD Device isJailbroken] Boolean (Patched) [MAT Settings jailbroken] Id (¿?) [MAT Settings setJailbroken] Id (¿?) [MobileAppTracker setJailbroken] Boolean (Patched) [MobileAppTracker setShouldAutoDetectJailbroken] Boolean (Patched) [MATTracker setShouldDetectJailbroken] Boolean (¿?¿?¿?¿) What should I do now? I am thinking on copy the BL in the end of the 2 Id functions. But the other one is a mess for me. I can´t understand what is doing. If anyone need the binary or something to examine it ask me in a PM. This is my first ios work, so I am completely noob here. I need help please. Thanks for your time.

I have patched this and works fine. Thanks!

I tried to do this. But it continues not working... Hummmmm... I am now learning mobile substrate as you told me. I will try to hook the functions (Because this one is just one of a lot of functions related with jailbreak detection) And i will get tired soon or later if i keep doing this with ida. The game is not a gameloft, gamevil or TinyCo game. So i will try to make a tweak.

Yeha, I know that, but is an anti-cheat subrutine. I think it expect a True or false return, if I skip the function maybe the program who call the subrutine will know something was wrong. I will try now anyway.

Wow, i will edit that. I just didn´t pay attention to that detail Wow interesting... I will investigate how to do that wit mobile substrate thanks. By the way... If i return at the beginning of the function it will return false? Is not going to return a null? That is what i thought, but i haven´t tried yet. Thank You all Anyway I will look for other people suggestion and add the spoiler.

Hi, I am actually learning how to hack with ida. I'm in my second year of computer engineer degree and Assembler languaje is one of my subjets, so this really interest me. I am trying to break the security of an app that uses this subroutine: Is a boolean subroutine that returns a true or false depending on the existence of some cydia related files. The return value must be stored in X0, but i am not sure. The stretegy I have in mind is replace the functions before the object_release and send_msg and the other modiffications of the X0 register with a MOV X0, #0. But i am not sure if 0 is the value for false. ¿Somebody can teach me more about the ARM proccessors and how this subroutine works? I am reading the manual (Over 1.000 pages) But it´s not a big help. WELP Sorry for the spelling mistakes and that stuff. I am spanish.

This is f**king Assembler languaje?! You are really telling me that I can edit the code of an app in Assembler languaje?! Anyone can give me the set of instructions for the iphone's proccessors? They are Ris or Cis machines? This is awesome! (I f**king study this year this at university)

I want to learn more, thanks

Hope I help with this

[Request] The Battle Cats, 3.3.0 https://lh3.googleusercontent.com/I3DRA_FN-iF4r7d44OsilrBKo6HtfG20kXV6_K_aOYEpxqvjY5HDECgeQWMMLsbznyS8=w300 App you want hacked: The Battle Cats Version of the app: 3.3.0 iTunes URL for the app: https://itunes.apple.com/es/app/the-battle-cats/id850057092?mt=8 Requested features: Jailbreak Bypass Jailbroken or Non-Jailbroken: JailBroken Well, this hack has been patched in the last version It seems that version 3.3.0 of battlecats add some kind of jailbreak device detection that unable the possibility to use IgameGuardian or others. The new update use this message before crash I have try to use xCom, tsProtector and i am actually on development of a patch on Flex, but i didn´t found anything yet. And it seems is something more complex to handle just with Flex. So it would be great if anyone could help. Thank you!

Well, this hack has been patched in the last version. It seems that version 3.3.0 of battlecats add some kind of jailbreak device detection. https://goo.gl/photos/G71TmLiWis7dGkHx6 The new update use this message before crash https://goo.gl/photos/G71TmLiWis7dGkHx6 I have try to use xCom, tsProtector and i am actually on development of a patch on Flex, but i didn´t found anything yet. So it would be great if anyone could help. https://goo.gl/photos/yDdqr3c3NM72tPbt6

Thanks, let's see if still updated

Thanks

Thanks

Thanks