ada1016

thx

thanks

So, I like so start with thanks @arthurdapaz and @shmoo for the detail TuT on how to start Cydia Substrate journey I am now able to build deb, get it running and get the UI, the next step is of course, try on real game. For a game I am trying to start, I know what I want to change at HeX editor, and noticed there seems to be some pre-fix there so the actual offset at binary should minus 0x4000 __text:0094083C _Equipment_get_Attack_m171674799 ; CODE XREF: _AutoEquipLogic_GetAutoEquip_m241924269+3C6�p __text:0094083C ; _AutoEquipLogic_GetAutoEquip_m241924269+3DC�p ... __text:0094083C 00 6C LDR R0, [R0,#0x40] __text:0094083E 70 47 BX LR __text:0094083E ; End of function _Equipment_get_Attack_m171674799 The offset on IDA appeared as 0094083C but the actual offset at HxD is 0x93C83C, and I tried to change it to 58 46. On @arthurdapaz's template, I write it like this NSDictionary *hacks = @{ @"k01BasicSwitcher":@{ @"offsets": @[@"0x93C83C"], @"orig": @[@"0x006C"], @"patched": @[@"0x5846"], @"desc": @"God Power", @"label": @"God Power" }, }; The result is game crash.. Can I get some love and please let me know where went wrong? The original Tweak.xm attached. #import <APMenu.h> #import <CoreFoundation/CoreFoundation.h> #import <substrate.h> #import <Foundation/Foundation.h> /* // // You can use: [mm getFloat:@"SOME HACK KEY"]; // You can use: [mm getBool:@"SOME HACK KEY"]; // // For customizing the hack inside your hooks // see an example below: // // EXAMPLE OF HOOK FUNCTIONS // THAT GETS THE VALUE DEFINED // OF AN INTERFACE "KEY" ELEMENT float (*orig_func)(void *self); float new_func(void *self) { float newValue = [mm getFloat:@"aSliderKey"]; if (newValue) return newValue; else return orig_func(self); } */ %ctor { // the mod menu core mm = [APMenu sharedInstance]; // a writeData.h rewritten to my APMenu mp = [MemoryPatcher sharedInstance]; NSDictionary *hacks = @{ @"k01BasicSwitcher":@{ @"offsets": @[@"0x0093C83C"], @"orig": @[@"0x006C"], @"patched": @[@"0x5846"], @"desc": @"God Power", @"label": @"God Power" }, }; // HERE IS WHERE ALL THE FUN BEGINS :) [mm init:hacks openAfter: 1 // seconds (I like to use average game loading time) (OBLIGATORY) width: 260 // width in pixels (OBLIGATORY) maxVisibleToggles: 5 // only shows N first hacks, the others needs to be scrolled (OBLIGATORY) theme: rgb(0xbef7d9) // the main color for you hack menu (you can use any color :) (OBLIGATORY) title: @"MY VALANTFORCE GAME HACK" // your hack titlebar text upper case is better :) (OBLIGATORY) credits: @"Hack by ada1016. Thanks to DiDA n' shmoo for inspiration <3" // pretty self explicative, no? (Leave @"" for empty) creditsURL: nil // a URL for the user to visit on credits menu screen @"http://www.myblog.com" or simple: nil // CHOOSE YOUR INTERFACE TOGGLE GESTURE // APGestureTwoFingerTap // APGestureThreeFingerTap // APGestureFourFingerTap // APGestureTwoFingerSwipeUp // APGestureTwoFingerSwipeDown // APGestureTwoFingerSwipeLeft // APGestureTwoFingerSwipeRight // APGestureThreeFingerSwipeUp // APGestureThreeFingerSwipeDown // APGestureThreeFingerSwipeLeft // APGestureThreeFingerSwipeRight gesture: APGestureThreeFingerTap onFirstLaunch:^{ // this method listens to Mod Menu controller changes // and gets it's values according to the type of // UIControl you are dealing with // if you don't need this, just comment or remove these lines [mm listenChanges:^(id sender) { if ([mm ismodtext:sender]) { UIKeyTextField *textField = (UIKeyTextField*) sender; NSString *key = textField.featureKey; float value = textField.text.floatValue; NSLog(@"Value of modtext %@: %f", key, value); } if ([mm ismodslider:sender]) { UIKeySlider *slider = (UIKeySlider*) sender; NSString *key = slider.featureKey; float value = slider.value; NSLog(@"Value of modslider %@: %f", key, value); /* SIMPLE EXAMPLE OF USING THIS switch (value) { case 1: [mp write:0xbadf00d data:0xf33dbac]; break; case 2: [mp write:0xbadf00d data:0xf33dbac]; break; ... } */ } if ([mm ismodswitcher:sender]) { UIViewSwitcher *switcher = (UIViewSwitcher*) sender; NSString *key = switcher.featureKey; BOOL value = switcher.isOn; NSLog(@"Value of modslider %@: %d", key, value); } }]; /* DO SOMETHING AFTER HACK INTERFACE LAUNCH designed for customized hooks or you can popup an alert to warn the user that hack is already active and maybe send an UIAlertControl informing Gesture you have used ******** THIS IS HOW TO HOOK ******** (if you need hooking some internal function): ******** ******** MSHookFunction((void*)[mp calculateAddress:0xb4df00d], (void*)new_func, (void**)&orig_func); ******** ******** Please, notice that new_func and orig_func are declared at ******** the top of the file (before %ctor) */ NSLog(@"Initialized"); }]; }

@shmoo Thanks for the great Tut.. so I tired to play something but not quite getting there. I guess my main problem is I don't know what AppDelgate and how to answer with, The result is I can build the package but didn't see button show up at my game. please can you share where can be wrong at my end? NIC 2.0 - New Instance Creator ------------------------------ [1.] iphone/apmenu [2.] iphone/application [3.] iphone/library [4.] iphone/preference_bundle [5.] iphone/tool [6.] iphone/tweak [7.] shmoo's Mod Menu Template Choose a Template (required): 7 Project Name (required): vfcheat Package Name [com.yourcompany.vfcheat]: com.ap.valantforcehack Author/Maintainer Name [System Administrator]: Steveb [shmoo's Mod Menu Template] Cydia Substrate Bundle filter [com.apple.springboard]: com.diandian.valiantforce [warning] Asked to link theos, but template lacks an optional theos link. Creating one! Contact the author of this template about this issue. [shmoo's Mod Menu Template] Version of the app: 1.12.0 [shmoo's Mod Menu Template] Name of the hack: vfHack [shmoo's Mod Menu Template] Name of the binary: valiantforce [shmoo's Mod Menu Template] What is the AppDelegate: vfDegegate [shmoo's Mod Menu Template] List of applications to terminate upon installation (space-separated, '-' for none) [SpringBoard]: com.diandian.valiantforce Instantiating shmoo's Mod Menu Template in vfcheat/... Done. Steven6:/var/mobile/vfcheat root# make package Making all for tweak vfcheat... Preprocessing Tweak.xm... Constants from lexical variables potentially modified elsewhere are deprecated at /private/var/theos/bin/lib/aliased.pm line 42. Constants from lexical variables potentially modified elsewhere are deprecated at /private/var/theos/bin/lib/aliased.pm line 42. Constants from lexical variables potentially modified elsewhere are deprecated at /private/var/theos/bin/lib/aliased.pm line 42. Constants from lexical variables potentially modified elsewhere are deprecated at /private/var/theos/bin/lib/aliased.pm line 42. Constants from lexical variables potentially modified elsewhere are deprecated at /private/var/theos/bin/lib/aliased.pm line 42. Constants from lexical variables potentially modified elsewhere are deprecated at /private/var/theos/bin/lib/aliased.pm line 42. Constants from lexical variables potentially modified elsewhere are deprecated at /private/var/theos/bin/lib/aliased.pm line 42. Constants from lexical variables potentially modified elsewhere are deprecated at /private/var/theos/bin/lib/aliased.pm line 42. Compiling Tweak.xm... Compiling ModMenu.mm... Compiling Hack.mm... Compiling Hook.mm... Compiling SliderHook.mm... Compiling TextfieldHook.mm... Compiling InfoView.mm... Linking tweak vfcheat... Stripping vfcheat... Signing vfcheat... Making stage for tweak vfcheat... dpkg-deb: building package 'com.ap.valantforcehack' in './debs/com.ap.valantforcehack_1.12.0-1_iphoneos-arm.deb'. Steven6:/var/mobile/vfcheat root# dpkg -i ./debs/com.ap.valantforcehack_1.12.0-1_iphoneos-arm.deb (Reading database ... 10204 files and directories currently installed.) Preparing to unpack .../com.ap.valantforcehack_1.12.0-1_iphoneos-arm.deb ... Unpacking com.ap.valantforcehack (1.12.0-1) over (0.0.1-1) ... Setting up com.ap.valantforcehack (1.12.0-1) ... Steven6:/var/mobile/vfcheat root# at Tweak.xm, I add this line, updated some color setting as well addHack(@"God Mode", @"God Power", font, {0x93C83C}, {0x5846}, {0x006c});

thanks

looking forward to understand more

THANKS, THIS IS THE TOPIC i AM LOOKING FOR

love to learn

thanks

Is v1.11.0 really not possible to substrate?

poke, there is new version now and please update, appreciated.

thanks a lot! this is exactly what is needed