ada1016

thanks @Happy Secret Still much to learn.. I made a recording on what I am experiencing below and found two new things 1. I was able to locate GWEconomyModel as class in UA, but when I click, it always goes to something else (e.g GWGameState). Please see the clip at 17 second. What does this tells me? Please educate 2. I love your tutorial, but if possible, can you share what the code looks like at dump.cs that leads you made aware that instead of tracking GamePlay directly, it is Gameplay.m_ItemStat that you are interested? Wanted to learn you thinking path as well. Thank you so much

This is my game looks like public class GWEconomyModel // TypeDefIndex: 9184 { public int LoyaltyBonusPerDay_Gold; // 0x288 } and my plug-in code try { script = initializeUnitySupport(); aryObj = script.call("findUnityObjectOfType", ["$GWEconomyModel", true]); if (!aryObj) { alert("Cannot find object to cheat. Engine stopped."); } else if (aryObj.length == 0) { var GWEconomyModel = new UnityObject(aryObj[0]) GWEconomyModel.loadFields(['DelveAttemptsPerDay']) var DelveAttemptsPerDay = new UnityObject(GWEconomyModel.DelveAttemptsPerDay) DelveAttemptsPerDay = 50 //CharacterMotor.loadFields(['DelveAttemptsPerDay']) //var DelveAttemptsPerDay = aryObj[0].DelveAttemptsPerDay alert(aryObj.length) } } catch (e) { //reset Unity Support gIl2cppInit = false; var script = initializeUnitySupport(); alert("Unity support crashed and reset complete"); } The result is app always crash at var GWEconomyModel = new UnityObject(aryObj[0]) the aryObj.length is always 0, but not able to load the field. Can you correct my understand and educate how to fix this error?

I am on v1.8.8 (thanks for the great work!) iOS 16.6 iPhone 14 (non-JB) when I try Unity and look for specific address, it froze, at least 5 mins I wait. Nothing happen, not able to tell if it is processing or just hanged. Is this because the game is "complex", or I have not wait no enough? Anyway to tell it is progressing? thank you

does it work on non-JB iOS? I am about to start everything you write here, just in case the JB is show stopper... please advise. thx

Thank you!!!

Thank you!

This is so embarrassing, the download link is hard to find for me. I'd like to download the 0.3.6 bed file directly to my PC. not any repo. Can you please direct where to find the link? I clicked almost all clickable link in the doc here. Thank you for answer me this damn simple question! But believe me, I tried..

thank you

Where is part 2? I love this, specially how lldb debug and how to find the value ..etc.. For part 2, can you perhaps give advance example? like a list object, how to further dive in and lock the value? and some turn based card game , the object is in same class, they used target index to indicate enemy/heros. But share same health/mp change function. Is it still possible to change the value (godmode) base on this structure? really appreciated in advance

how silly I am, you already gave instruction 1. Copy following files to Payload/<YourAppName>.app folder - frida-gadget-16.0.10.config - frida-gadget-16.0.10.dylib - h5frida-16.0.10.dylib 2. Repackage your game into ipa 3. Sideload the H5GGv7.9_with_Instruction_Debug_v1.4.dylib with your game. Note: You do not need the original H5GGv7.9通用注入版.deb will come back with more question later, thank you

Sorry I am new to H5GG, I found on the github there is deb version (https://github.com/H5GG/H5GG/tree/main/packages) and here I can find the zip, which has config and dylibs. Do I inject to install deb, dylib and config all at once? I am running my app on apple silicon. injecting with sideloadly. really appreciated in advance.

This is so cool, thank you

This is so cool, thank you

https://app.iosgods.com/store/appdetails/3277-lonely-survivor-hack I had same issue sideloadly this one to MBP M1 as well. It crashed. FYI, the snapshot, thank you ------------------------------------- Translated Report (Full Report Below) ------------------------------------- Incident Identifier: AE9FE080-A819-4691-84B1-763291C10C20 CrashReporter Key: 523CD9C6-8269-0A2D-6D8C-0007A32CE692 Hardware Model: MacBookPro18,2 Process: LonelySurvivor [73419] Path: /private/var/folders/*/LonelySurvivor.app/LonelySurvivor Identifier: com.cobby.lonelysurvivor.QB4KN3CKWY Version: 1.11.0 (22092223) AppStoreTools: 14A305 Code Type: ARM-64 (Native) Role: Foreground Parent Process: launchd [1] Coalition: com.cobby.lonelysurvivor.QB4KN3CKWY [3595] Date/Time: 2022-11-22 10:18:49.3344 +0800 Launch Time: 2022-11-22 10:18:47.1009 +0800 OS Version: macOS 12.3 (21E230) Release Type: User Report Version: 104 Exception Type: EXC_BREAKPOINT (SIGTRAP) Exception Codes: 0x0000000000000001, 0x0000000198f455b4 Exception Note: EXC_CORPSE_NOTIFY Termination Reason: SIGNAL 5 Trace/BPT trap: 5 Terminating Process: exc handler [73419] Triggered by Thread: 0 Application Specific Information: Crashing on exception: [<__NSFrozenDictionaryM 0x147a070e0> setValue:forUndefinedKey:]: this class is not key value coding-compliant for the key AppLovinSdkKey.

I’m interested in BETA testing Sideloadly for macOS

same here

update to 1.2.1 pls? much appreciated.

1.2.1 patch pls

Thank you! This is exactly what I was looked for. Cannot wait to practice this on my next game.

crashed when trying to insert _Equipment_get_Attack_m171674799, EXC_BAD_INSTRUCTION (SIGILL) iOS 9.3.3 iPhone 6 any hint? or anyone got a smoothly running platform? Exception Type: EXC_BAD_INSTRUCTION (SIGILL) Exception Codes: 0x0000000000000001, 0x0000000008a9bc04 Triggered by Thread: 0 Filtered syslog: None found Thread 0 name: Dispatch queue: com.apple.main-thread Thread 0 Crashed: 0 valiantforce 0x0000000100ca0414 0x100090000 + 12649492 1 valiantforce 0x0000000100c39174 0x100090000 + 12226932 2 valiantforce 0x0000000100cf63bc 0x100090000 + 13001660 3 valiantforce 0x0000000100b70f90 0x100090000 + 11407248 4 valiantforce 0x0000000100b7e238 0x100090000 + 11461176 5 valiantforce 0x0000000100b07534 0x100090000 + 10974516 6 valiantforce 0x0000000100b0d400 0x100090000 + 10998784 7 valiantforce 0x0000000100b09494 0x100090000 + 10982548 8 valiantforce 0x0000000100e89760 0x100090000 + 14653280 9 valiantforce 0x0000000101b22aa4 0x100090000 + 27863716 10 valiantforce 0x00000001024407a4 0x100090000 + 37423012 11 valiantforce 0x0000000101d586f0 0x100090000 + 30181104 12 valiantforce 0x0000000101d586a8 0x100090000 + 30181032

The youtube, as you indicated, is not for newbie, but still thanks. Quick question 1. Are you debugging the IPA application totally on Windows? 2. Are you using some sort of iOS simulator on Win? Please can you give some guidance on that aspect? had been looking for debugging/running IPA totally on Windows platform. Appreciated.

OK

thanks

thanks

ok