Archangel04

Use [img=link.png/jpg] as tag

Is your LLDB built for armv7 or arm64? Where did you get your debugserver from? If you extracted it yourself did you thin armv7 or arm64? If you used lipo debugserver -thin armv7 -o debugserverthen there you go. Binary thinned means you removed arm64 portion. Seeing as debugserver was searching for arm64 it cant attach EDIT: It says searhing for arm64, meaning you shouldnt have thinned it. Thats what caused the problem

Its for those people who want replies or thanks. By seeing thanks, it lets me keep a track of how many people are actually using it

Where's the link

Nope

is it an online game?

Try again. Sorry, I had leftover from attempting the button which seems to be disabled

Ikr. Hide fail

Hacked App: Galaxy on Fire 2 HD iTunes Link: https://itunes.apple.com/us/app/galaxy-on-fire-2-hd/id465072566?mt=8&uo=4&at=1010lce4 Hack Requirements: - Jailbroken or Non-Jailbroken iPhone/iPad/iPod Touch. - iFile / Filza / iFunBox / iTools or any other file managers for iOS. Hack Features: - Kaamo club w/ VIP - All expansions (Valkyrie, Supernova) - Save games at beginning of Main, Valkyrie, Supernova with 1 billion gold each(normal difficulty) - Save game with game complete on normal, spector unlocked with 1 billion gold, top tier equipment (guns available and can be bought), 74 hours of playtime - Save game (saves to cloud as well) with 1 billion gold, 1 billion energy cells (in Kaamo), Spector unlocked, top tier equipment (guns available and can be bought easily if needed), 75 hours of playtime -Save game on Hard mode with full scenario completed (main ship is Bloodstar) -PM me or reply if you still need anything -.- Hack Download Link: [Hidden Content] Installation Instructions: Step 1: Open the app, play it a bit then close it from multitasking. Step 2: Download the file from the link above. Step 3: Unzip, copy/paste the files/folders to: For users on iOS 7, 6 and lower: /User Applications/AppName using iFunBox or /var/mobile/Applications/AppName using iFile/Filza. Jailbroken or Non-Jailbroken iOS 8 and lower, Jailbroken iOS 9, iOS 10 and higher users: /User Applications/AppName using iFunBox or /var/mobile/Containers/Data/Application/AppName using iFile/Filza. Non-Jailbroken iOS 8.3, 8.4, 9.0, 10.0 and higher need to follow this tutorial: http://iosgods.com/topic/9651-how-to-installapply-hacks-posted-in-this-section-if-youre-on-ios-83-84-90/ REPLACE LIBRARY FOLDER IN ORDER TO USE HACK Note: Backup your original app files before replacing them with these modified ones. Step 4: Overwrite the new hacked files with your old ones and open the app. Note: If you have any questions or problems, read our Frequently Asked Questions topic and if you don't find a solution, post your issue down below and we'll do our best to help! Please do tell me if it works on ios 10 or not Credits: - @ Hack Screenshots: N/A (Ask if you want)

Comparing with my save game

For ios right? they are probably offsets NVM, something else

Where?

Also died. story ended

Have you tried iGameGuardian

died.

was

Actually, there are multiple folders. Are they all empty?

mm

I used ADD X29, SP, #0x200 with the offset taken from cursor placed before ADD. I applied this using CI template and armconverter site. However, there is no effect when I use it. Do i need to crack/thin binary to use CI patchers? If so, how do i fix the crash (KERN_INVALID_ADDRESS acc to crashreporter)

the BL function leads to __text:000000010013AC3C sub_10013AC3C ; CODE XREF: sub_1000842C4+30p __text:000000010013AC3C ; sub_10008DCD0+16D0p ... __text:000000010013AC3C __text:000000010013AC3C var_20 = -0x20 __text:000000010013AC3C var_10 = -0x10 __text:000000010013AC3C __text:000000010013AC3C STP X20, X19, [SP,#var_20]! __text:000000010013AC40 STP X29, X30, [SP,#0x20+var_10] __text:000000010013AC44 ADD X29, SP, #0x20+var_10 __text:000000010013AC48 MOV X19, X0 __text:000000010013AC4C BL sub_10013AB7C __text:000000010013AC50 MOV X0, X19 __text:000000010013AC54 LDP X29, X30, [SP,#0x20+var_10] __text:000000010013AC58 LDP X20, X19, [SP+0x20+var_20],#0x20 __text:000000010013AC5C RET __text:000000010013AC5C ; End of function sub_10013AC3C

In IDA, i got this offset from LLDB on modding money (this watchpoint ocurred while increasing value) __text:000000010015B3F8 sub_10015B3F8 ; CODE XREF: sub_10001EFA0+718p __text:000000010015B3F8 ; sub_10008DCD0+18B4p ... __text:000000010015B3F8 __text:000000010015B3F8 var_30 = -0x30 __text:000000010015B3F8 var_20 = -0x20 __text:000000010015B3F8 var_10 = -0x10 __text:000000010015B3F8 __text:000000010015B3F8 STP X22, X21, [SP,#var_30]! __text:000000010015B3FC STP X20, X19, [SP,#0x30+var_20] __text:000000010015B400 STP X29, X30, [SP,#0x30+var_10] __text:000000010015B404 ADD X29, SP, #0x20 __text:000000010015B408 MOV X19, X1 __text:000000010015B40C MOV X20, X0 __text:000000010015B410 LDR X21, [X20,#0x200] __text:000000010015B414 CBZ X21, loc_10015B42C __text:000000010015B418 MOV X0, X21 __text:000000010015B41C BL sub_10013AC3C __text:000000010015B420 MOV X0, X21 __text:000000010015B424 BL __ZdlPv ; operator delete(void *) __text:000000010015B428 STR XZR, [X20,#0x200] Should i replace __text:000000010015B404 ADD X29, SP, #0x20 with __text:000000010015B404 LDR X29, R7 I got this offset on selling some random stuff in shop. Does replacing it mean i get R7 whenever i sell something? Assuming that this is infact the function for selling stuff

So, I got offsets for Galaxy on Fire v1.12 and I wanna make a patcher for it. I have the moddable functions. The only problem is that any cracked/thinned binary causes app to crash with EXEC_BAD_ACCESS and subtype KERN_INVALID_ADDRESS (basically some stuff necessary for it to work got killed with patch). Will offsets from cracked binary in IDA work with the game? Like if i make a patcher, will it still work or will there be an error? Also, I got an ASLR value of f0000 (or so). So i delete f0000 from all offsets i got right? I did that and got the functions but im not sure if they r the right ones. (Im using a non-thinned version of binary in 64 bit mode in ida)

In windows, if you see computer, it shows iPhone in devices. Copy photos from there. May or may not work, im not sure

If it fails to attach and says csnt find, use process id from "ps ax" or "pidof appname" or igg. thats if you still get error

Close it and reopen it in Mach-O format (the other one) with ARM64. You opened it in binary Also, after you do that wait for the bar to turn blue (mostly) atleast brown part