Infamous-Ash

Nice lets see

Thanks

I eanna join in.Need team mystic account

Some game data are encrypted

R.I.P

I think it can be done with Charles proxy I can have a look wait

nice well done

cant seem to see the image

Did you make this

lets see

ummm

Well done zahir

Easy games can only be hacked by flex.Ida is used for complex

Requirements: -Theos -iPhone SDK -IDA -an iDevice So, enough speaking and lets start explaining: Before starting, let me say that its better if you follow the guid on your computer and ssh to your device rather than using ifile. Step 1. You should first create a new project as so: su alpine $THEOS/bin/nic.pl If you changed your root pass, change alpine to it. Then type 5 for Tweaks or 6 if you added Iosgods patcher template. and type in the info you want until you reach the filter bundle question; there you type in your game's bundle "com.GAMECOMPANY.GAME" which is usually found in: "/var/mobile/Applications/"Game's Number"/Game.app/info.plist" Step 2. Important Note: Please Don't Close The MobileTerminal/Putty/etc... We Will Use It Later Open the Tweak.xm file and make sure that the following imports are used (if some aren't, add them): [list=1][*][b]#import <CoreFoundation/CoreFoundation.h>[/b] [*][b]#import <substrate.h>[/b] (just in case) [*][b]#import <Foundation/Foundation.h>[/b](just in case as well) [/list] Now, at the bottom of your code, either add: __attribute__((constructor)) void DylibMain(){ } Or %ctor{ } Inside either one of those two, add this: MSHookFunction((( *)MSFindSymbol(NULL, "")),( *)$,( **)&old ); this code is missing vital parts that you will add in later Don't worry if that confuses you, it will be explained MSHookFunction: This is part of Mobile Substrate that allows you to hook many functions that you can see in IDA (sort of like %hook) MSFindSymbol: This allows your tweak to find the function you want to edit Step 3: Open the game binary you want in IDA; in this tutorial, we'll be using the TempleRun binary which will be provided in the "Links" part. Search the function you want to hack (press alt+t)... In this case we will search "hasAngel". Then double click on "hasAngelWings". Then copy and paste the function's symbolic name... In this case its "__ZNK7cPlayer13hasAngelWingsEv" From here later, __ZNK7cPlayer13hasAngelWingsEv will be named as yourSymbolicFunction Go back to Tweaks.xm and change MSHookFunction((( *)MSFindSymbol(NULL, "")),( *)$,( **)&old ); With this: MSHookFunction(((return type of function*)MSFindSymbol(NULL, "yourSymbolicFunction")),(return type of function*)$yourSymbolicFunction,(return type of function**)&oldyourSymbolicFunction ); In our case, it looks like so: MSHookFunction(((bool*)MSFindSymbol(NULL, "__ZNK7cPlayer13hasAngelWingsEv")),(bool*)$__ZNK7cPlayer13hasAngelWingsEv,(bool**)&old__ZNK7cPlayer13hasAngelWingsEv); To find out the return type of the function you have to look at what it's called and decide for yourself if it is called something like "CanShoot" then it is probably a bool because you either can shoot or you can't if it is called something like "GetMoney" then it is probably an int because it is getting your money value if it is called something like "DoLevelUp" then it is probably a void bacuase it is "doing" something (this probably has an int argument though like "Player::DoLevelUp(int)" where the int is either your new level or what gets added to your current level Step 4: Add the following code to the beginning of the Tweak.xm file: return type of function (*oldyourSymbolicFunction)(); In our case it looks like this: bool (*old__ZNK7cPlayer13hasAngelWingsEv)(); Then, add this after the statement we wrote earlier and before the dylib part: return type of function $yourSymbolicFunction(){//Hack code you want.} In our case, we want to have unlimited wings, so this is what we write: bool $__ZNK7cPlayer13hasAngelWingsEv(){ return true;} Info: the above code can be very complex like so: bool $__ZNK7cPlayer13hasAngelWingsEv(){ if(ida_hack2) { return true; } else { return old__ZNK7cPlayer13hasAngelWingsEv(); }} or even more, but make sure you usually write the hack in c++ though . Part 5: Testing Before continuing, please find your game's MainDelegate (which contains a function such as "applicationDidBecomeActive") if you want to add a UIAlertView. From now on, this header file, will be named "APPDELEGATE". A good thing to do is to add an alert view telling you the hack is activated. If it appears, the hack is working, else its not. So add this code under all the other code you've got: %hook APPDELEGATE- (void)applicationDidBecomeActive:(id)fp8{%orig();UIAlertView *alert = [[UIAlertView alloc]initWithTitle:@"Hack is Working" message:@"Hack Successfully Attached. This hack was made By Infamous-Ash" delegate:nil cancelButtonTitle:@"Cool" otherButtonTitles:nil];[alert show];[alert release];}%end If you add the code above, be sure to add this code in your Makefile under "TempleRunHackTut_FILES = Tweak.xm": TempleRunHackTut_FRAMEWORKS = UIKit To test the hack save your tweak.xm in your project folder and type "make package" to compile. This not only makes your dylib but also puts it in a deb for you. Then, just install and run the game. VERY IMPORTANT NOTE: There are some games that can't run UIAlertViews so they cause the game to crash. Such games are like Bejeweled. So, the problem isn't in the code, but rather in the game. Credit: Alsafa7 and Kamizoom

wELCOME

wewll done shmoo

yup

nice one well done

Good luck to all of you guys participating

I am in

iphone 3gs ios 6.1.6 jailbroken

impossible

Really