Jump to content

Search the Community

Showing results for tags 'Tutorial'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Forum Related
  • No Jailbreak Section
  • VIP Section
  • Game Cheats & Hack Requests
  • Android Section
  • Tutorials, Tools, Support & Coding!
  • Everything Else
  • Dank Memes's Memes
  • Dank Memes's Funny
  • Football Club's News
  • Football Club's Goals
  • Football Club's Live Score
  • Steam Club's Steam Profiles
  • Steam Club's Steam News
  • Steam Club's General
  • Console & PC Gaming's Our specs and setups
  • Console & PC Gaming's Cheap parts and advice
  • Console & PC Gaming's Favourite game songs/themes
  • Console & PC Gaming's Console and PC Gaming
  • Anime's Anime Discussions
  • Anime's Manga Discussions
  • Anime's Recommendations
  • DomiNations Club's DomiNations Discussions
  • DomiNations Club's Friends & Alliances
  • BLEACH Brave Souls Club's Discussions
  • BLEACH Brave Souls Club's BBS Help & Support
  • DRAGON BALL Z DOKKAN BATTLE Club's Updated Links!
  • DRAGON BALL Z DOKKAN BATTLE Club's Global Discussions
  • DRAGON BALL Z DOKKAN BATTLE Club's Japan Discussions
  • DRAGON BALL Z DOKKAN BATTLE Club's News
  • One Piece Treasure Cruise (Global & Japan)'s OPTC Discussion
  • One Piece Treasure Cruise (Global & Japan)'s One Piece Treasure Cruise (Global)
  • One Piece Treasure Cruise (Global & Japan)'s One Piece Treasure Cruise (Japan)
  • One Piece Treasure Cruise (Global & Japan)'s Japan/Global Help & Support
  • One Piece Treasure Cruise (Global & Japan)'s Status Hack For One Piece Treasure Cruise (Global & Japan)
  • Clash of Clans Club's Topics
  • Summoners War Club's Summoners War Discussions
  • Summoners War Club's Help & Support
  • MARVEL Contest of Champions Club's Help & Support
  • MARVEL Contest of Champions Club's Discussions
  • Mobile Legends: Bang bang Club's Discussions
  • Mobile Legends: Bang bang Club's Help & Support
  • Photography's Topics
  • Overwatch Club's Overwatch Discussions
  • Overwatch Club's Play(s) of The Game & Highlights
  • Overwatch Club's Tips, Tricks & Tutorials
  • Overwatch Club's Funny Videos & Others
  • Monster Super League Club's Discussions
  • Injustice 2 Club's Discussions
  • Dungeon Hunter Club's DH5 Topics & Discussions
  • Dungeon Hunter Club's DH5 Help & Support
  • Dungeon Hunter Club's Topics
  • Dungeon Hunter Club's Profile Sharing
  • Last Day on Earth: Survival Club's LDOE Discussions
  • Last Day on Earth: Survival Club's LDOE Help & Support
  • Last Day on Earth: Survival Club's LDOE News
  • Last Day on Earth: Survival Club's LDOE Guides & Tutorials
  • Futurama: Worlds of Tomorrow Club's Discussions
  • MARVEL Avengers Academy Club's Discussions
  • Modern Combat 5 Club's Discussions
  • DC Legends Club's Discussions
  • Golf Clash Club's Golf Clash Discussions
  • Golf Clash Club's Golf Clash Help & Support
  • Yu-Gi-Oh! Duel Links Club's Duel Link News
  • Yu-Gi-Oh! Duel Links Club's Duel Link Farming Guides
  • Grand Theft Auto 5's General Talk
  • Grand Theft Auto 5's Glitches
  • Grand Theft Auto 5's Mods
  • Grand Theft Auto 5's Questions
  • King's Raid Club's Discussions
  • MARVEL Future Fight Club's Discussions
  • iOS Jailbreak Setups's Announcements
  • iOS Jailbreak Setups's Device Setups
  • iOS Jailbreak Setups's Tweak, Theming & General Questions
  • iOS Jailbreak Setups's Tweak & Theme Recommendations
  • iOS Jailbreak Setups's General
  • Movies & Series Club's Topics
  • Movies & Series Club's Movies trailers
  • Movies & Series Club's Movies release date
  • Movies & Series Club's Series trailers
  • Taichi Panda Club's Discussions
  • Destiny 2's General
  • Destiny 2's Help/Support
  • Destiny 2's Looking For Group
  • Destiny 2's News
  • Destiny 2's Glitches, Tricks, Tips & Strategies
  • Club Français iOSGods's Groupe de discussion en Français
  • Club Français iOSGods's Support en Français
  • Club Français iOSGods's Support iOS en Français
  • Club Français iOSGods's Support Android en Français
  • iOSGods Svenska Klubb's Diskussioner
  • iOSGods Svenska Klubb's iOS Hjälp
  • iOSGods Svenska Klubb's Android Hjälp
  • iOSGods Svenska Klubb's Generell Hjälp
  • Everything Mac's Discussions
  • Everything Mac's Other Stuff
  • Everything Mac's Questions
  • Everything Mac's Announcements
  • Everything Mac's Apps & Games
  • The Respawnables Club's Respawnables Tips and Tricks
  • The Respawnables Club's Ask your questions here
  • The Respawnables Club's General Discussion
  • Italiano iOSGods Club's Discussioni generali
  • Italiano iOSGods Club's Guide e traduzioni
  • PLAYERUNKNOWN'S BATTLEGROUNDS's Squads
  • PLAYERUNKNOWN'S BATTLEGROUNDS's Discussions
  • España iOSGods Club's Topics
  • Cuphead Club's Boss Levels
  • Cuphead Club's Run and Guns
  • Ultimate Ninja Club's Events
  • Ultimate Ninja Club's Team
  • Ultimate Ninja Club's Tips
  • Ultimate Ninja Club's Clans
  • Brave Frontier Club's Brave Frontier Discussions
  • Brave Frontier Club's Brave Frontier Help & Support
  • iOSGods Turkish Club's Genel Bilgilendirme
  • Naruto x Boruto Ninja Voltage Club's Help & Support
  • Naruto x Boruto Ninja Voltage Club's Announcement
  • Naruto x Boruto Ninja Voltage Club's Clans
  • Naruto x Boruto Ninja Voltage Club's Layout
  • Call of duty WWII's Glitches
  • Call of duty WWII's Mods
  • Call of duty WWII's Boosting
  • Call of duty WWII's General Talk
  • South Park: Phone Destroyer Club's Topics
  • Toram online MMORPG's Topics
  • Rules Of Survival Club's News & Announcements
  • Rules Of Survival Club's Play together!
  • Rules Of Survival Club's Discussions
  • Rules Of Survival Club's Q&A
  • Rules Of Survival Club's YouTube
  • Forward Assault's Topics
  • Forward Assault's FA Help & Support
  • Star Wars: Galaxy of Heroes Club's Working Combos for Non-Jailbreak Mod
  • Star Wars: Galaxy of Heroes Club's Question Section
  • Star Wars: Galaxy of Heroes Club's Ban Warning ⚠️
  • Bullet Force's Glitches, Tricks, Mods & Hacks
  • Bullet Force's Announcements
  • Bullet Force's General
  • Bullet Force's Help & Support
  • Tekken Club's Topics
  • Tekken Club's Q&A
  • Tekken Club's Arcade Sticks & Pad
  • Tekken Club's Character Quick Notes
  • Tekken Club's Frame Data
  • Tekken Club's Tekken Tournaments
  • Tekken Club's Events
  • Marvel&DC Heroes's Topics
  • Marvel&DC Heroes's Movies
  • Marvel&DC Heroes's Series
  • Marvel&DC Heroes's Comics
  • Modern Combat Versus's Glitches, Tricks, Mods & Hacks
  • Modern Combat Versus's Help & Support
  • Modern Combat Versus's Announcements
  • Modern Combat Versus's General
  • GFX Club's GFX Tutorials
  • GFX Club's GFX - Graphic Studio
  • GFX Club's GFX Resources
  • GFX Club's Portfolios
  • GFX Club's GFX Requests
  • Fantasy War Tactics's Topics
  • Club Archives's H A R M O N Y
  • Club Archives's AdventureQuest Worlds Club
  • Club Archives's Call of Duty
  • Club Archives's Game Exploits
  • Club Archives's Counter Strike: Global Offensive
  • FC Barcelona Fans Club's LaLiga
  • FC Barcelona Fans Club's Copa del Rey
  • FC Barcelona Fans Club's UEFA Champions League
  • FC Barcelona Fans Club's News & Discussions
  • PC Game Hacking Club's Modded DLL Hacks
  • PC Game Hacking Club's Other PC Hacks
  • Fortnite's Gameplays
  • Fortnite's Glitches
  • Fortnite's Other stuff
  • Marvel Avenger’s Academy's Topics
  • Norsk iOSGods Club's Topics
  • PUBG MOBILE's PUBG Discussions
  • PUBG MOBILE's Find Friends
  • PUBG MOBILE's Help & Support
  • PUBG MOBILE's Japan / Korea
  • PUBG MOBILE's PUBG MOBILE China
  • DragonProject's Topics
  • IDA/Hacking Club For Tips's Tips
  • ConsoleGods's Topics
  • ConsoleGods's Wii
  • ConsoleGods's PS3 Moddig
  • ConsoleGods's Xbox Modding
  • ConsoleGods's Nintendo Switch
  • ConsoleGods's PS4 Modding
  • iOS Development Club's Tutorials
  • iOS Development Club's Shares
  • iOS Development Club's Help
  • iOS Development Club's Requests
  • One Piece Thousand Storm OPTS Club's Topics
  • Marvel Strike Force's Topics
  • Marvel Strike Force's MSF Help & Support
  • Java & Android Development's Java & Android development Tutorials
  • Java & Android Development's Java development questions
  • Java & Android Development's Android development questions
  • Java & Android Development's Challenges!
  • HTML CSS & JAVASCRIPT's Topics
  • Jurassic Survival Club's News
  • Jurassic Survival Club's Discussions
  • Jurassic Survival Club's Guides & Tuts
  • Jurassic Survival Club's Help & Support
  • Russian community iOSGODS's Приветствие
  • The Simpsons™: Tapped Out's Topics
  • DRAGON BALL LEGENDS Club's DBL Discussions
  • DRAGON BALL LEGENDS Club's DBL Help & Support
  • Grim Soul: Survival Club's General Topics
  • Grim Soul: Survival Club's Help & Support
  • Dungeon Hunter Champions's Discussions
  • Dungeon Hunter Champions's Help & Support
  • Dungeon Hunter Champions's News
  • Arena of Valor's Topics
  • Darkness Rises Club's Topics
  • Pokémon Quest's Topics
  • Durango: Wild Lands's Topics
  • Durango: Wild Lands's Durango Discussion
  • Dawn of Titans Club's General Forum
  • Dawn of Titans Club's Dawn of Titans News
  • Dawn of Titans Club's Alliances
  • The Walking Dead: Our World's Topics
  • 8 Ball Pool Tips and Tricks Club's Topics
  • 8 Ball Pool Tips and Tricks Club's New version of 8 ball pool 4.0
  • iOSGods Vietnam's Khu vực bàn chuyện chung
  • iOSGods Vietnam's Hỗ trợ kĩ thuật
  • Shadowgun Legends's Topics
  • النادي العربي's (قسم ببجي)
  • النادي العربي's قسم هاكات اخرى
  • النادي العربي's قسم ادوات السيديا
  • النادي العربي's قسم المواضيع
  • النادي العربي's قسم المساعده
  • SPANISH IOSGODS's Topics
  • AutoTouch Script Club's VIP AutoTouch Scripts
  • AutoTouch Script Club's FREE AutoTouch Scripts
  • AutoTouch Script Club's AutoTouch Script Requests
  • AutoTouch Script Club's AutoTouch Tutorials
  • AutoTouch Script Club's Off Topic
  • Arabic iOSGods Club's الأعضاء الجدد
  • Arabic iOSGods Club's هاك ببجي
  • Arabic iOSGods Club's الهاكات الاخرى
  • Arabic iOSGods Club's أدوات السيديا
  • Arabic iOSGods Club's المواضيع
  • Arabic iOSGods Club's المساعدة
  • Asphalt 9 In-game Club's Topics
  • Asphalt 9 In-game Club's Joint the club
  • Crossfire: Legends Club's Topics
  • Critical Ops Club's Topics & Discussions
  • iOSGods: Indian Club!'s Topics
  • Call of Duty®: Black Ops 4's Topics
  • IOSGODS Romania's Topics
  • IOSGODS Romania's Ce joc te joci?/ What game do you play?
  • Red Dead Redemption II's Topics
  • iOSGods Georgia's Topics
  • Minecraft's Topics
  • Flex Club's Topics
  • Flex Club's Blockheads
  • Flex Club's FlexSupport
  • Star Ocean: Anamnesis's Topics
  • IOSGOD’S IRAN's Topics
  • Enthusiastic Programmers | C#, .NET, Xamarin & more's C# & .NET, .NET Core
  • Enthusiastic Programmers | C#, .NET, Xamarin & more's Xamarin
  • Enthusiastic Programmers | C#, .NET, Xamarin & more's Mono
  • Enthusiastic Programmers | C#, .NET, Xamarin & more's Help
  • Enthusiastic Programmers | C#, .NET, Xamarin & more's Talk
  • Enthusiastic Programmers | PHP & Laravel's Talk
  • Enthusiastic Programmers | PHP & Laravel's Help Desk
  • Enthusiastic Programmers | PHP & Laravel's Laravel
  • Enthusiastic Programmers | PHP & Laravel's Artisan
  • Enthusiastic Programmers | JavaScript, React & more's Talk
  • Enthusiastic Programmers | JavaScript, React & more's Help
  • Enthusiastic Programmers | JavaScript, React & more's JavaScript
  • Enthusiastic Programmers | JavaScript, React & more's jQuery
  • Enthusiastic Programmers | JavaScript, React & more's React, React Native & JSX
  • Enthusiastic Programmers | JavaScript, React & more's Angular
  • Enthusiastic Programmers | JavaScript, React & more's Vue, Vue Native
  • Enthusiastic Programmers | JavaScript, React & more's NodeJs
  • iOSGods Philippines's Topics
  • Romanian iOSGods Club's Topics
  • Sword Art Online Integral Factor's Topics
  • Disney Tsum Tsum's Global
  • Disney Tsum Tsum's Japan
  • Disney Tsum Tsum's Events
  • Kurdistan Club's Topics
  • iOS Gods BRASIL's Topics
  • iOSGods Mexico's Topics
  • iOSGods Mexico's MEXICAN Survival Guides
  • iOSGods Mexico's MEXICAN Youtubers
  • iOSGods Mexico's Spanish Music
  • AFK ARENA's Topics
  • Another Eden's Topics
  • Save Wizard's Quick Codes
  • Save Wizard's Quick Codes
  • War robots's Topics
  • Modern Ops Hack's Topics
  • Area F2's Team Up!
  • Area F2's Help & Support
  • Area F2's News & Events
  • Area F2's Suggestions
  • Kings Of Pool's Upcoming Mods
  • Kings Of Pool's Clubs
  • The Club's General Discussion
  • The Club's Memes
  • The Club's Serious Responses Only

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


  1. *BEST VIEWED ON DESKTOP* The Unity tool. I hate it. All it does is make people worse at hacking because no one is developing actual analysis skills anymore. Now all you have to do to make an awesome hack is to CTRL-F everything until you have 100 features. If you want to get good at something, take the hard route. I can't stress that enough. Anyway, when I first heard about it, I thought it just revealed method names and locations. I was surprised upon finding that not only does it reveal method names and their locations, it reveals class names, parameters, instance variables, and the location in memory where said instance variables can be found. I couldn't believe what was right in front of me because everyone was just taking advantage of visible methods and their locations. This applies to non-Unity games as well. You just need to have knowledge of object oriented programming to really know how to take advantage of instance variables. I guess I could cover that in a later tutorial. Anyway, let's get started. This tutorial pertains to iOS only. Not the concepts, just the tutorial. [hide] *****Get the Unity tool from here: https://github.com/Perfare/Il2CppDumper/releases Part A. Instance Variables 1. Memory Layout I went to make this absolutely clear. For example, this... STR X3, [X0, #0x248] ...is telling the machine to store whatever X3 is holding (let's say ammo) in X0+0x248 (let's say X0 points to a Gun object). X0 contains the address of wherever the Gun object is held in memory. Let's say the address of the Gun object is 0x16fd27640. That means the machine is assigning whatever is at 0x16fd27640+0x248 to X3. That's why when you NOP a STR instruction, the value freezes. The machine can no longer update the value at the location of whatever you NOP'ed. Let's look at an actual example involving arrays: #include <stdio.h> #include <malloc.h> #include <conio.h> int main(){ int *a = (int *)malloc(sizeof(int)*4); free(a); _getch(); } This program allocates some memory for an array of four integers, then frees that memory. _getch() forces the machine to wait for a letter to be pressed before it terminates the program. Now I'll give the elements in this array some values: #include <stdio.h> #include <malloc.h> #include <conio.h> int main(){ int *a = (int *)malloc(sizeof(int)*4); a[0] = 3; a[1] = 2; a[2] = 4; a[3] = 1; free(a); _getch(); return 0; } The memory map of this array would be as follows: a[0] a[1] a[2] a[3] 3 2 4 1 But that's not all. Here's another equivalent way of writing the memory map: *(a+0) *(a+1) *(a+2) *(a+3) 3 2 4 1 This is the way we'll be able to get and set instance variables on various objects, but that is later down the line. Why does this work? Because when the compiler sees the [] operator, it translates it into pointer addition (as well as a dereference), which is exactly what we are doing by writing *(a+X). If you're still confused, hopefully this next part will clear this up. When we created the array of four ints, the machine allocated sixteen bytes space on the heap for it (as well as a pointer for it on the stack, but that isn't important for this tutorial). Why sixteen bytes? Because the size of an int on most machines is four, and we allocated memory for four ints. 4*4=16 We can take a look at what the memory looks like where the array is located in Visual Studio's debugger: The highlighted area is where the array is located. You can see the elements in the exact order as they were declared (3, 2, 4, 1) on the heap. Now we can use our newfound knowledge of memory layout to access and modify instance variables in iOS games. 2. The 'this' pointer In C++, the 'this' pointer is best thought of as a hidden argument in every non-static function call. (Static methods do not need to be called with a class object) It references the current instance of its class. To better illustrate this concept, I have created a tiny class called Test. Also, take note that both of Test's instance variables are private, which means I cannot access them directly. Here is Test.h: class Test { private: int a; int b; public: Test(); int getA() const; int getB() const; void setA(int newA); void setB(int newB); ~Test(); }; Here is Test.cpp: #include "Test.h" //create a new Test object and set its instance variables to 5 and 8 respectively Test::Test(){ this->a = 5; this->b = 8; } int Test::getA() const { return this->a; } int Test::getB() const { return this->b; } void Test::setA(int newA){ this->a = newA; } void Test::setB(int newB){ this->b = newB; } Test::~Test(){} See how I use the this pointer to get and set Test's instance variables? If I wanted to call setA, I would do this: Test *t = new Test(); t.setA(100); Obviously, in assembly, we don't have the luxury of syntax. In assembly, the call to setA would look like this: setA(t, 100); t is the this pointer. In assembly, the this pointer is always the first argument to any (non-static) function. For additional clarity, if I included this method in the Test class: void Test::setAB(int newA, int newB){ this->a = newA; this->b = newB; } and called setAB like this: Test *t = new Test(); t.setAB(1000, 2000); The function call in assembly would be setAB(t, 1000, 2000). No matter what type the function is, however many arguments it has, or whatever class it belongs to, the this pointer is always the first argument. If the method is static, there is simply no this pointer. 3. A "Hacky" Way of Getting and Setting Instance Variables Recall our class called Test and the array example. In the array example, our array was located at 0xba5d38, with sixteen bytes of extra space for the four elements. This is no different with our Test class. Consider this code: #include <stdio.h> #include <malloc.h> #include <conio.h> #include "Test.h" int main(){ Test *t = new Test(); _getch(); return 0; } The machine created a pointer to our Test object on the stack and allocated the appropriate amount of memory on the heap for its instance variables. In the Test constructor, I set a and b to 5 and 8 for visibility. Let's take a look at our memory in Visual Studio's debugger: You can see t's instance variables on the heap! Again, since an int is four bytes on most machines, there are eight byes of memory reserved for the two instance variables. And remember, they are private. When I try and directly access the instance variable "a", I get this error: (side note: I changed my project directory and I forgot to change it back) Fortunately for us, since C++ gives us complete control over our memory, we can access and modify a without a function through pointer arithmetic! Since a is our first instance variable, it is located where our Test object is located. b is located at our test object + 0x4, and so on if we had more instance variables. And remember, t is our this pointer. Consider this code: int instanceVariableA = *(int *)(t + 0x0); /*---1---*/ /*--2--*/ Don't be worried if this looks confusing. I'll explain this step by step. Just like with the array example, we can access data through pointer arithmetic. In the comments I've numbered each thing I am going to explain. 1. Since t is literally just the address to its location on the heap, this is also the address to its first instance variable. Also, throughout this entire tutorial I have been including "+ 0x0" for clarity. In your code you don't have to do this. 2. Cast whatever is at t + 0x0 to an int pointer and dereference it to access its value. After all that, we have successfully grabbed t's instance variable a without a function. Remember that when a Test object is created, a is set to 5 and b is set to 8. if I wanted to grab b, I would replace t + 0x0 with t + 0x4. We can modify a in a similar manner in which we used to grab it. All we have to do is treat all of our pointer arithmetic and casting like a variable, and set it to whatever we want, like so: *(int *)(t + 0x0) = 1000; Let's see if this is successful: Success! I call getA() to make sure that I actually did change a. Let's take a look at our memory on the heap: Sure enough, the data at where a is located changed to 0xe803. But since the hex here is in little endian, 0xe803 is actually 0x03e8, which is 1000. We successfully modified a without calling a function. This will be extremely useful when making game hacks because we won't need to call a function that may or may not be present in the game itself every time we want to modify an instance variable. Everytime we call a function from the game, a little instability is added because we don't actually know how it works, and we want as much stability as possible. 4. Applying These Concepts to Game Hacks Why did I use a program I wrote on my computer to illustrate these concepts? Because C++ on Windows is no different than C++ on iOS. A program that counts from one to one hundred on Windows would do the exact same thing on iOS. Obviously, there are API differences, but we aren't dealing with that. Also, Visual Studio's debugger is great for showing memory. Anyway, let's say that I made a dump of some Unity game and the Player class looked like this: public class Player : MonoBehaviour // TypeDefIndex: 5545 { // Fields private float health; // 0x18 private int ammo; // 0x1c private float moveSpeed; // 0x20 private bool isDead; // 0x24 private Player playerLastDamaged; // 0x28 private bool mine; // 0x30 // Methods public void .ctor(); // 0x100093720 private void Awake(); // 0x1000937A0 private void Update(); // 0x1000938FC private void InitPlayer(); // 0x100094000 private void OnDestroy(); // 0x100094AF0 } (I made every instance variable private as a proof of concept - it doesn't matter if something is public or private as shown in the last example) While taking a look at this, you should notice the instance variable "playerLastDamaged" is eight bytes. This is fine. Size does not matter when grabbing instance variables. You should also notice there are no accessors or setters for any of the instance variables. Notice the function called "Update". Any function called LateUpdate or Update is of massive use to you. Why? Because this is a non-static function that is called by Unity once per frame. If you have 60 FPS in a game, Update is being called 60 times a second. Why is this good? Think about it. We wouldn't want to get and set instance variables on a Player object that hasn't been updated for a while right? We need our most current Player object to modify, and what better way of getting it than hooking a function that is called 60 times every second? You all know how to hook a function with MSHookFunction. At least I hope so. In this example, I'm not going to show the call to MSHookFunction. Just imagine it is there. In this example, the game we are hacking is an online FPS. Everyone in the room is a Player object, and Update is called for each Player object. And for some reason, the game is so insecure that we can modify other people's instance variables non-visually. Here's how the barebones function hook would look: void (*Player_update)(void *player); void _Player_update(void *player){ Player_update(player); } Remember the previous examples. The first argument to any non-static function in assembly is the this pointer. It is best to name the this pointer the class name, because it is representing that class. We also have to use a void pointer (void *) because we don't actually have access to the Player class, only its objects. Because of this, the way we get and set instance variables will be a bit different. We also have to check if the player object isn't NULL to prevent crashes! Recall what you read about the this pointer. If the Player object is NULL, this is what the call to update would look like in C++: NULL.Update(); And that doesn't make any sense, right? For this first example, we'll be giving ourselves infinite ammo, infinite health, and increased move speed, as well as making everyone else's health 1.0 and taking everyone else's ammo away. Obviously we don't want to apply anything bad to ourselves, so we can make use of the mine instance variable. This boolean just tells us if this Player object belongs to me. To get this instance variable, we need to do this: if(player != NULL){ bool isMine = *(int *)((uint64_t)player + 0x30); } The one difference is casting the void pointer to uint64_t. We need to do this in order to perform pointer arithmetic on the player object. Also, a boolean in C and C++ just holds a 0 or a 1... which means we can substitute int for it. So far, the Update hook looks like this: void (*Player_update)(void *player); void _Player_update(void *player){ if(player != NULL){ bool isMine = *(int *)((uint64_t)player + 0x30); } Player_update(player); } Now that we have the mine instance variable, we can test to see if our Player object is indeed ours, and if it is, apply the hacks: void (*Player_update)(void *player); void _Player_update(void *player){ if(player != NULL){ bool isMine = *(int *)((uint64_t)player + 0x30); if(isMine){ //ammo *(int *)((uint64_t)player + 0x1c) = 999; //health *(float *)((uint64_t)player + 0x18) = 100.0f; //increased move speed, normal is 1.0f *(float *)((uint64_t)player + 0x20) = 5.0f; } } Player_update(player); } That's not all we want to do, though. We want to wreak havoc on other people so we need to take everyone's ammo away and make everyone have 1.0 health. void (*Player_update)(void *player); void _Player_update(void *player){ if(player != NULL){ bool isMine = *(int *)((uint64_t)player + 0x30); if(isMine){ //ammo *(int *)((uint64_t)player + 0x1c) = 999; //health *(float *)((uint64_t)player + 0x18) = 100.0f; //increased move speed, normal is 1.0f *(float *)((uint64_t)player + 0x20) = 5.0f; } else{ //enemy ammo *(int *)((uint64_t)player + 0x1c) = 0; //enemy health *(float *)((uint64_t)player + 0x18) = 1.0; } } Player_update(player); } If you want to get more creative, you can make use of the "playerLastDamaged" instance variable to make a "freeze tag" hack. This hack will freeze the person you just shot, just like if you tag a person in freeze tag. Like before, we have to check if the player object is ours, and then we can access the playerLastDamaged instance variable. void (*Player_update)(void *player); void _Player_update(void *player){ if(player != NULL){ bool isMine = *(int *)((uint64_t)player + 0x30); } Player_update(player); } Now we have to get the playerLastDamaged instance variable. Like I said before, size does not matter. You would access it just like any other instance variable. We also have to check if it isn't NULL. void (*Player_update)(void *player); void _Player_update(void *player){ if(player != NULL){ bool isMine = *(int *)((uint64_t)player + 0x30); if(isMine){ void *playerLastDamaged = *(void **)((uint64_t)player + 0x28); if(playerLastDamaged != NULL){ } } } Player_update(player); } Now we have to set playerLastDamaged's moveSpeed instance variable to 0.0. Remember that playerLastDamaged is a Player object, so we have access to the Player instance variables. Again, we don't have access to the actual Player class, so we have to use a void pointer. void (*Player_update)(void *player); void _Player_update(void *player){ if(player != NULL){ bool isMine = *(int *)((uint64_t)player + 0x30); if(isMine){ void *playerLastDamaged = *(void **)((uint64_t)player + 0x28); if(playerLastDamaged != NULL){ //set person we just shot moveSpeed to 0.0 *(float *)((uint64_t)playerLastDamaged + 0x20) = 0.0f; } } } Player_update(player); } And just like that, our freeze tag hack is complete! There you have it, two full fledged hacks that work by modifying instance variables! ALWAYS REMEMBER TO CHECK ALL POINTERS TO SEE IF THEY'RE NULL!!!! Part B. Function Pointers Function pointers are great when you want to call a function but don't want to sacrifice stability by hooking it. This part is much simpler than instance variables. Here's an example of a function pointer in C++: #include <stdio.h> #include <conio.h> void func(){ printf("Hello, someone called me!\n"); } int main(){ //&func takes the address of where func is kept in memory void (*func_ptr)() = &func; func_ptr(); _getch(); return 0; } We can this in action here: The & operator takes the address of whatever it is being used on. You can think as a function pointer as a pointer to the address of where the function is in memory. The syntax here should look a bit familiar because you are creating a function pointer to the original function whenever you use MSHookFunction to hook something. But again, that adds instability to the hack. The concept here is the same on iOS, but the syntax is not as simple. First of all, let's add some new methods to our Player class from Part A: public class Player : MonoBehaviour // TypeDefIndex: 5545 { // Fields private float health; // 0x18 private int ammo; // 0x1c private float moveSpeed; // 0x20 private bool isDead; // 0x24 private Player playerLastDamaged; // 0x28 private bool mine; // 0x30 // Methods public void .ctor(); // 0x100093720 private void Awake(); // 0x1000937A0 private void Update(); // 0x1000938FC private void InitPlayer(); // 0x100094000 private void OnDestroy(); // 0x100094AF0 private void KillPlayer(); // 0x100095CF4 private void SetPlayerTeam(int team); // 0x100095FF8 private void RespawnPlayerAtLocation(Vector3 location, int health); // 0x10009A230 private int GetPlayerID(); // 0x10009B34C private static void Suicide(int playerID); // 0x10009C99C } Again, it doesn't matter if a function is private or public. To get the correct offset with the ASLR slide, I use a function called getRealOffset. This is what it looks like: uint64_t getRealOffset(uint64_t offset){ return _dyld_get_image_vmaddr_slide(0) + offset; } Now that that's out of the way, this is how to declare a function pointer: <type> (*<function name>)(<this pointer>, <any additional parameters>) = (<type>)(*)(void *, <types of additional parameters))getRealOffset(<offset>); To remember the syntax, learn to look at this as pairs. I'll add comments to pairs you should remember: <type> (*<function name>)(<this pointer>, <any additional parameters>) = (<type>)(*)(void *, <types of additional parameters>))getRealOffset(<offset>); /*A*/ /*------B------*/ /*-----------------C-----------------------*/ /*-A-*//*B*/ /*----------------C------------------*/ /*-------D--------*/ If it is hard to tell, here's what corresponds to what: //A <type> = (<type>) //B (*<function name>) = (*) //C (<this pointer>, <any additional parameters>) = (void *, <types of additional parameters>) //D getRealOffset(<offset>) has no corresponding part It looks really weird, but once you get used to it, it just feels right. Here's what the function pointers would look like for the five new methods I added: void (*Player_KillPlayer)(void *player) = (void (*)(void *))getRealOffset(0x100095CF4); void (*Player_SetTeam)(void *player, int team) = (void (*)(void *, int))getRealOffset(0x100095FF8); void (*Player_RespawnPlayerAtLocation)(void *player, Vector3 *location, int health) = (void (*)(void *, Vector3 *, int))getRealOffset(0x10009A230); int (*Player_GetPlayerID)(void *player) = (int (*)(void *))getRealOffset(0x10009B34C); void (*Player_Suicide)(int playerID) = (void (*)(int))getRealOffset(0x10009C99C); Side note - Vector3 is a class that you can recreate yourself. Notice how the last method I added was static. That's why there's no this object included in the parameters. You can call these function pointers as normal functions: //kill someone Player_KillPlayer(player); //get someone's ID int playerID = Player_GetPlayerID(player); //force someone with ID 1 to suicide Player_Suicide(1); Now that you know how to create and call function pointers, let's make a hack that constantly kills someone with a specific ID. For this example, it will be 10. First, we hook Update. //declare function pointers void (*Player_KillPlayer)(void *player) = (void (*)(void *))getRealOffset(0x100095CF4); void (*Player_SetTeam)(void *player, int team) = (void (*)(void *, int))getRealOffset(0x100095FF8); void (*Player_RespawnPlayerAtLocation)(void *player, Vector3 *location, int health) = (void (*)(void *, Vector3 *, int))getRealOffset(0x10009A230); int (*Player_GetPlayerID)(void *player) = (int (*)(void *))getRealOffset(0x10009B34C); void (*Player_Suicide)(int playerID) = (void (*)(int))getRealOffset(0x10009C99C); void (*Player_update)(void *player); void _Player_update(void *player){ Player_update(player); } Now we have to figure out which Player object is ours, because we don't want to kill ourselves in case our ID is 10. //declare function pointers void (*Player_KillPlayer)(void *player) = (void(*)(void *))getRealOffset(0x100095CF4); void (*Player_SetTeam)(void *player, int team) = (void(*)(void *, int))getRealOffset(0x100095FF8); void (*Player_RespawnPlayerAtLocation)(void *player, Vector3 *location, int health) = (void(*)(void *, Vector3 *, int))getRealOffset(0x10009A230); int (*Player_GetPlayerID)(void *player) = (int(*)(void *))getRealOffset(0x10009B34C); void (*Player_Suicide)(int playerID) = (void(*)(int))getRealOffset(0x10009C99C); void (*Player_update)(void *player); void _Player_update(void *player){ if(player != NULL){ bool isMine = *(int *)((uint64_t)player + 0x30); } Player_update(player); } Now we can check if the Player object isn't ours and then get the Player ID of the Player object if it is not ours. //declare function pointers void (*Player_KillPlayer)(void *player) = (void(*)(void *))getRealOffset(0x100095CF4); void (*Player_SetTeam)(void *player, int team) = (void(*)(void *, int))getRealOffset(0x100095FF8); void (*Player_RespawnPlayerAtLocation)(void *player, Vector3 *location, int health) = (void(*)(void *, Vector3 *, int))getRealOffset(0x10009A230); int (*Player_GetPlayerID)(void *player) = (int(*)(void *))getRealOffset(0x10009B34C); void (*Player_Suicide)(int playerID) = (void(*)(int))getRealOffset(0x10009C99C); void(*Player_update)(void *player); void _Player_update(void *player){ if(player != NULL){ bool isMine = *(int *)((uint64_t)player + 0x30); if(!isMine){ int playerID = Player_GetPlayerID(player); } } Player_update(player); } Now we can check if playerID is 10, and if so, force that player to kill themselves: //declare function pointers void (*Player_KillPlayer)(void *player) = (void(*)(void *))getRealOffset(0x100095CF4); void (*Player_SetTeam)(void *player, int team) = (void(*)(void *, int))getRealOffset(0x100095FF8); void (*Player_RespawnPlayerAtLocation)(void *player, Vector3 *location, int health) = (void(*)(void *, Vector3 *, int))getRealOffset(0x10009A230); int (*Player_GetPlayerID)(void *player) = (int(*)(void *))getRealOffset(0x10009B34C); void (*Player_Suicide)(int playerID) = (void(*)(int))getRealOffset(0x10009C99C); void(*Player_update)(void *player); void _Player_update(void *player){ if(player != NULL){ bool isMine = *(int *)((uint64_t)player + 0x30); if(!isMine){ int playerID = Player_GetPlayerID(player); if(playerID == 10){ Player_Suicide(playerID); } } } Player_update(player); } (I know this is inefficient, but it is a great way of showing use of function pointers) And there you have it, a hack to kill a certain player if their ID is 10 using function pointers. You can get really creative with this method of hacking! It's really addicting Here is an example Tweak.xm (dead trigger 2 hack): https://iosddl.net/cc637e33bdf2a037/Tweak_for_tutorial.xm Check out my aimbots I put on my Github: http://www.github.com/shmoo419/ [/hide] Please let me know if you have any questions (It took about 6 hours to write this tutorial)
  2. This tutorial covers floats in ARM64, so I expect you to have a basic understanding of IDA and how it works. I won't be going into depth on this subject, but I will show you how I hacked a game with floats in ARM64, so you can get a grip of it. Also, this tutorial will cover ground on ARM64, so I suggest you do a bit of reading up on this before continuing with the tutorial. This tutorial made by is a really good starting point for you to learn how to hack in ARM64. [Hidden Content] That was my brief tutorial on floats in ARM64. If you have any questions, please feel free to ask below!
  3. This is a start pack/list with everything about iOS Hacking. We will try and keep this up to date as much as we can but you should also always use the search function on iOSGods to find new topics. If you have any questions or problems, make a Help & Support topic. We also have a Coding Center where people share their offsets and code for you to study and learn. Here is a list of some general tools for hacking iOS applications: How to Install Theos: Have you never hacked on iOS? Flex is a great way to start: How to hack iOS Apps & Games using Cheat Engines: How to Hack Games with IDA: How to Decrypt/Crack an Application:
  4. Hello, I'm Editing This Topic With A Completely NEW Method And A New Layout As The First One Got Patched. This Tutorial Is Much More Complicated And Takes A Lot Longer And Is A Bit Harder. But It's Worth It In My Opinion. This Might Get Patched Soon I Don't Know. DISCLAIMER: I Am NOT Responsible For ANY Bans Using This Method! It's Your Responsibility And NOT Mine! Be Careful If You Want To Play On An Account You've Spent Money On Or You Care About! ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- [Hidden Content] ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Settings / Keybinds: ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- [Hidden Content] ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- ↓↓↓ Now You're Done! It Might Get Patched Again! If You Get The Error After Finishing A Game Follow The Steps Down Below ↓↓↓ ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- [Hidden Content] ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Credits: - Indian Nova (YouTube) I'm Not Exactly Sure This Is The Guy Who Made This But It's The Person I Got This Method From So Therefor I'm Giving The Credits To Him. If You Know Who The Real Creator Is Please Comment That And Give Me Some Proof Or Something And I'll Change The Credit ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Bada Bing, Bada Boom
  5. You will need a Jail-broken phone and a DLG cheat engine ( you can search iOS Gods for a .deb or a cydia link for one) Disclaimer this will not work on some games like sever sided games (clash royal/of clans) or games with a lot of different offsets (PvZ heroes) [Hidden Content]
  6. Hello guys, here is a tutorial for UNBAN snapchat account (12 hours to 72 hours) Before starting, if your account is already banned, this method is less fortunate to work. (For 100% work) Use this methode just after seen this SnapChat message (SnapChat prevents you before ban) : this method will make you lose : - (PROBABLY) your SNAPSTREAKS 🔥 (if the ban is more than 24 hours) - Snapchat will delete all your friends (This is obviously TEMPORARILY) and all your snapchat friends will be added AUTOMATICALLY again after this method. this whole process is automatic, you just have to wait. You used SnapChat tweaks like ? : Wraith DzSnap DzSnap2 SnapChat ++ SCOthman For Snapchat Phantom For Snapchat (Other Tweak) Here is the method : (All image are in french) [Hidden Content] have fun !
  7. Hello everyone, in this tutorial i will share you a SnapChat tweak and my method to NOT get banned ! I have been using this SnapChat tweak for about 2 weeks (May 6 2020) and have never received a SnapChat warning or ban ! I will also update this topic every time something happens on my snapchat account and if not, every two weeks I think Snapchat will soon have the Dark Mode so if you install this tweak for the dark mode, wait a few weeks and you will have it without tweak. FEATURES : See DELETED messages from others + custom the color for deleted messages Save Pictures / Videos from everywhere (Chat, Snap, Group, Story (+private), Discover) Save to gallery or specific folder (vault) Save options for tagged users Upload video from the gallery Upload picture from the gallery EDIT picture + video when upload video/picture View snaps for an unlimited times View snaps for an infinite time View stories anonymously Disable Screenshots / Records detection (in Chat, Snap and profile) Hide your presence in chat (no 'is typing' or bitmoji) Fake your location (and get regional geofilter) Fake some stickers data (speed, wheather, date) Fake views and screenshots of snaps of your story Account manager (Switch from account in one-click) Darkmode for Snapchat Automatically save all messages Fake pseudo (change ANY username to what you want + yours (visual only) Spoof the number of requests from friends Show all requests friends (not +99 but +154[example]) Create SnapBreak group (put all your 🔥 in one group) it DOES NOT send in a group, sends to each person at time Can write infinitely lines Infinite upload from galery to chat I don't have ANY other SnapChat tweak (keyborad, font, or any tweak that "modify" SnapChat) I am iOS 12.4, iPhone 6 Week 1 AND 2 : No SnapChat warning or ban ! Week 3 AND 4 : No SnapChat warning or ban ! Since may 2020 : No SnapChat warning or ban ! Happy New Year 2021 🎊: No SnapChat warning or ban ! Here are some picture : Presentations : Dark Mode : Settings : Here are the tweaks needed (repo + .deb file) : [Hidden Content] Here is the method (VERY detailed) : [Hidden Content] I know that there many step "not really useful" but I still advise you to do it (better to waste one minute than 48 hours ban 😁) I also recommend to test this tweak + method on a tester account and then put it in your main account ! if unfortunately you receive this SnapChat message (image): check this topic :
  8. Cho mình hỏi có tài liệu nào hướng dẫn về cách tìm offset với các game hiện nay và cách chỉnh offset để làm deb hack game không Cảm ơn mọi người @Laxus
  9. This tutorial is mainly aimed at helping those who got permanently banned, although this could be applied in the event of a temporal ban as well if you wish to. For one thing, this will result in your account getting lost, along with all your progress, but if you reached this stage your progress has already been erased and there's nothing you can do to get your account back, unless you are somehow able to prove to the EA Customer Service that you didn't cheat (there's no use trying to reason with them if you cheated). However, also according to them, once you get perm ban you are prohibited from playing the game ever again on the same device, no matter how many times you delete and re-install the app, yet that is far from true. You CAN actually continue playing Asphalt 9 as much as you want. Here's how to: [Hidden Content]
  10. Ok so let's get right into this. Many of you might have seen this hack posted on this website. [Hidden Content] Tada
  11. Free phone calls using PopTox. Make online calls to mobile & landline phonesLINK [Hidden Content] PopTox lets you make free calls from your PC or Smartphone. You can use PopTox from any standard web browser. No need to download apps or plug-ins. Absolutely no payment is required. Simply enter the phone number and click on the “Call” button to start your first free call. Make entirely free calls to your loved ones today!WORKING!!!!!!!!!!!!!!!!
  12. Hello Everyone, in this Tutorial i will show you how can you jailbreak on a windows pc's. you can jailbreak from iphone 5 to iphone x up to ios 14.4.1 REQUIRED: 1. Windows Pc 2. Usb Flash Driver 8gb 3. Rufus: the latest can be found here: https://rufus.ie/ 4. 7z or winrar 5. CHECKRA1N ISO FILE DOWNLOAD ISO FILE: [Hidden Content] Let's get started: Unzip the ISO FILE, put the usb flash driver in your pc and make sure its empty and formated, then open up rufus select your usb flash driver , and for the starttype u select the 3rd one which says "medium or image(please select an image)" after that, press on "selection" and select the "checkra1n ios file" and hit start. when something pop ups just hit yes/ok/start whatever it says. when rufus finished his job, hit on "close" so now restart your pc and go to Bootmanager or Bios and boot from usb flash driver. Then checkra1n will start booting, when its completely booted you will see the checkra1n menu, now connect your phone go to "options" and select "allow untested ios version" and if u are on a "A11" Device u must allow A11 skip BPR check. after that hit "back" then hit "start" and follow the instructions. when the jailbreak its done, hit "done" then select "Quit" in the checkra1n menu type in "reboot" press "Enter" and remove the usb flash driver. Now open checkra1n on your phone and install Cydia. YOU ARE DONE. CREDITS: - xGOGETAx
  13. DONT LEECH!!! Hit the ( Button) for REP. if you want to see more accounts for FREE . All I need is from you guys is to say thank you on my post ... ______ First of all i joined a buy and sell group on Facebook.. but when i posted products because they are cheap they kicked me out! so i made another Facebook account but when i did new one the new Facebook account wants a Phone number to verify the account.. so i searched all the results in Google and saw 1 worked method but you can only make 1 account not unlimited.. because they give you 1 phone number only.. i hated this method.. So i worked hard on this and made a method for me and i would love to share it on HF for the first time on internet! here's the method : Follow The Steps From 1 to 5 (Step By Step) [Hidden Content] Waiting your Feedbacks! if there's an error please post the error and i'll help you out just comment : ..
  14. Hello guys, If you are as unlucky as me -- being stuck with an A12/13 iDevice (iPhone X and newer) AND iOS version of 13.6, 13.6.1, or 13.7 for whatever reason. edit: Also works for 14.x using any Sileo JB. Your only reliable option to jailbreak and hack your games would be by Odyssey 12.2.2. And unfortunately, getting help from the Odyssey JB community feels like playing the lottery sometimes. Here is what I did in the past 24 hours of researching and trying different things before getting everything working (if you already successfully jailbroke with Odyssey - skip to 12) [Hidden Content]
  15. How to make a IPA Hack With Windows You have to have some knowledge But i will Answer Questions When i can Unity games only [Hidden Content]
  16. Hello everyone, I'm creating this tutorial because many hacks are broken on latest version of unc0ver and substrate. You can use this as an alternative to writeData and vm_write because of this. It should work fine and give no crashes. 😄 Requirements: -Cydia Substrate (0.9.7020) -Filza File Manager -Basic IDA/Game hacking knowledge -Theos [Hidden Content]
  17. When I just started hacking, this was the the first game I give up on after 2 days of trying due the fact I had no idea what strings were. I tried it with watchpoints & breakpoints for DAYS. Today I thought, let's try it again & it literally took me 2 minutes. So I thought let's explain it & hope I can help some people with it [Hidden Content] Hope ya learning something
  18. How To Get Unbanned From Almost Every Game! Requirements: -Jailbroken iPhone/IPad/IPod Features: -Get Unbanned from almost every game [Hidden Content] Feel free to hit the heart button
  19. UPDATED AS OF 2021 Works with PugBG This method will probably ALWAYS work. I've read through some of the comments and people say they aren't unbanned. Most game developers ban both your device and your account, some only your device or your account. This method can't unban your account ( no method can ). But it clears your phone, so you are able to play the game, on a new account ofcourse. So, first of all, there are probably many different guides out there regarding how to remove your own bans. Now, I have found a way, that is in my opinion the most effective way to get rid of a ban AND it always works. No matter what ban you get, this will remove it, unless you are IP (then just switch to Mobile Networkd if it happened at home, or the other way around). Some people mean this is too much, and not needed and what not, but I mean that, if you want to get unbanned, then why not? It takes 2 minute of your time, and you're done. Now, this method will remove all saved passwords/information on your phone. Meaning you will have to type in your iCloud credentials, Facebook, WiFi Password & whatever else you have. It could possibly cause even more issues with your iDevice so use this at your own risk. I have heard people are having issues with this method. Again, I warn you to use this method as unexpected issues can occur if you use this method. There are other, easier methods you should try first, and ask around. I posted this since I have friends in different countries with no real knowledge about anything regarding this. So the easiest way for them to do it, is to remove the Keychains. I myself use this method aswell, without anything happened, except loosing some game data and passwords. You have been warned. MAKE SURE TO ALWAYS MAKE A BACKUP USE AT OWN RISK A safer way to do this is to remove the App's tables via a SQL command like on this topic which shows you how to get unbanned from Gameloft Games: http://iosgods.com/topic/5595-tutorial-how-to-get-unbanned-from-gameloft-games-on-your-idevice/ This method can be called "hardcore" as it removes Data from your phone. You can read more about it if you just google it. I highly recommend using the above method before anything else. This method will work, if you really really like a game and will go through hell to be unbanned. This method can also remove your Game Data of some games. For example Clash of Clans and so on. I am sorry that I don't have a list of the games this affects, but you can probably look it up in no time if you need to. [Hidden Content]
  20. Hi all, just want to share what I learnt from this community so far by these 2 very long and detailed articles about how to find where to start when you looking into tweak an iOS app or any methods. My journey as tweak dev just started so I hope if you find more tools/techniques can be used, please share if you don't mind. Feel free to connect me on Twitter @ReverseThatApp and drop me a message for feedbacks/discussions... any kinds are welcome I will try to have more posts on how to reverse iOS apps and by pass in-app purchases soon [Hidden Content]
  21. As of September 30th 2019, this thread has been updated to (maybe) support some other games. (Pokemon GO doesn't work so far) Method 1 Method 2 Method 3 Note: You may use Methods 2 and 3 in conjunction if they do not work standalone. Method 4 Note: This reverts to before you jailbroke! Method 5
  22. Hello this video is about modding unity games mobile target is: FPS.io next target: critical ops, modern combat 5 [Hidden Content]
  23. Crashing fix for clash of clans September 2021 update. It seems like supercell has implemented jailbreak detection. 1. Add cydia repo: https://cydia.ichitaso.com/ 2. install tweaks: vnodebypass and libkrw vnodebypass app should be on your home screen now. “Enable” tweak through app every time you want to play coc. Disable when not needed. Try on account you don’t care about for a few days to a week first. damn you supercell. let us play in peace.
  24. A simplistic way of fixing Unable To Verify App & other revoked certificate messages, errors & crashes with ReProvision. We just have to fix the tweak first since it was patched. Requirements: Jailbroken Device Valid Apple ID [Hidden Content]
  25. Ok this will only work on mac os If you don't own a mac use VMware there are lots a tuts for getting Vmware set up with mac even if u have a amd processor like me :p ok 1st download this debugger and place in /usr/bin/ set permission 775 [Hidden Content] Ok now to begin 1st Make sure you have xcode installed to be able to use lldb. 1. You will have to install usbmuxed and iproxy. To do this open a terminal in mac and type brew install usbmuxd when it's downloades and installed open another terminal and type iproxy 2222 22 & When it's opened new port at 2222 close terminal and open another type iproxy 6666 6666 & It will say waiting for connection leave terminal open just minimize it 2. Connect your phone via usb cable make sure you set up VMware usb config so you can connect. Open 2 new teminals and Type ssh -p 2222 [email protected] In both to connect to your device,When connected In 1 terminal Type debugserver device ip debugserver will start in the other terminal Type ps ax this will show you pid of debugserver now type /electra/jailbreakd_client <debugserver pid> 1 Now u can close debugserver terminal and stay in pid 1 Type /usr/bin/debugserver localhost:6666 -a <game pid or game binary name> either 1 will work game will now attach open new terminal for lldb type lldb when lldb is ready type process connect connect://localhost:6666 now it will connect give it a bit sometimes lldb take long than others all depends on game. Once it have type image list Go right to the top to very 1st call you will see game name example Var/container/bundle/gamename 0x0000000100fa4000 this is the aslr slide take a note of it as it changes every time you detach and re-attach game now you have you offset from igg ect type in lldb w s e -- 0xiggadress then c to continue when you a hit it will show like below value will be here: 0x101703d78 <+7732600>: ldr x20, [x19, #0x30] 0x <+7732604>: adrp x24, 9017 0x101703d80 <+7732608>: add x24, x24, #0xeb8 ; =0xeb8 0x101703d84 <+7732612>: ldr x0, [x24] TropicThunderDev`_mh_execute_header: -> 0x101c1be88 <+13074056>: ldr w8, [x19, #0x50] 0x101c1be8c add w8, w8, #0x1 ; =0x1 0x101c1be90 <+13074064>: str w8, [x19, #0x50] 0x101c1be94 <+13074068>: ldp x29, x30, [sp, #0x70] now remember your aslr example 0x0000000100fa4000 now subtract fa4000 from the offsets you got. 0x101c1be8c - fa4000 Use the new offset in ida that's all to it :p
×
  • Create New...

Important Information

We would like to place cookies on your device to help make this website better. The website cannot give you the best possible user experience without cookies. You can accept or decline our non-essential cookies. You may also adjust your cookie settings. Privacy Policy - Guidelines