Jump to content
Community Announcements, Giveaways & More!

Getting offsets of functions in a non-unity game

Turtle3925

By Turtle3925
in Help & Support

 Share

13 posts in this topic

Recommended Posts

Turtle3925 Newbie

Turtle3925 9
  •   iPhone X 
  •   12.4

    • Posted
    Posted (edited)

    Hi all,

    I have been making simple MS hacks for quite a while now and I decided that I would like to create some mod menu hacks. I followed ZoZo’s tutorial on how to hack a unity game which required you to use IDA Pro and il2cpp get the offsets. il2cpp requires the global-metadata.dat and the globalgamemanagers file which only appear in the files of unity games. So on to the main point of this post; how would I get the offsets without a tool like il2cpp? I have already searched and couldn’t really find anything. I have found tutorials using programs like iGameGuardian and setting watchpoints but that is for values in the memory and I am looking for the offsets of a function. Thanks in advance.

    Updated by Turtle3925
    0xNoctis Community Regular

    0xNoctis 9.8k
  •   iPad Pro (5th gen) 
  •   13.3
  • Donor
  •  

    • Posted
    Posted
    18 hours ago, Turtle3925 said:

    Hi all,

    I have been making simple MS hacks for quite a while now and I decided that I would like to create some mod menu hacks. I followed ZoZo’s tutorial on how to hack a unity game which required you to use IDA Pro and il2cpp get the offsets. il2cpp requires the global-metadata.dat and the globalgamemanagers file which only appear in the files of unity games. So on to the main point of this post; how would I get the offsets without a tool like il2cpp? I have already searched and couldn’t really find anything. I have found tutorials using programs like iGameGuardian and setting watchpoints but that is for values in the memory and I am looking for the offsets of a function. Thanks in advance.

    Well I mean you could use LLDB method via A cheat engine and lldb debugger or the other way is searching the strings of the game using IDA           Just load up the binary in Ida wait for it to load then simply search threw the strings (if you’re not familiar then it will be hella hard)

    • Informative 1
    Turtle3925 Newbie

    Turtle3925 9
  •   iPhone X 
  •   12.4

    • Posted
    • Author
    Posted
    On 3/30/2020 at 1:32 PM, Noctisx said:

    Well I mean you could use LLDB method via A cheat engine and lldb debugger or the other way is searching the strings of the game using IDA           Just load up the binary in Ida wait for it to load then simply search threw the strings (if you’re not familiar then it will be hella hard)

    LLDB or GDB are for values in the memory... I’m looking for how to find the offsets for a function such as - (int)coins.

    0xNoctis Community Regular

    0xNoctis 9.8k
  •   iPad Pro (5th gen) 
  •   13.3
  • Donor
  •  

    • Posted
    Posted
    Just now, Turtle3925 said:

    LLDB or GDB are for values in the memory... I’m looking for how to find the offsets for a function such as - (int)coins.

    use llc2ppdumper and dump the Game if its a unity game and download Dnspy and Drag the dummyDll files into dnspy and search for what you want


    example https://prnt.sc/rsx7h7    Also chage the search method to method

    Turtle3925 Newbie

    Turtle3925 9
  •   iPhone X 
  •   12.4

    • Posted
    • Author
    Posted
    12 minutes ago, Noctisx said:

    use llc2ppdumper and dump the Game if its a unity game and download Dnspy and Drag the dummyDll files into dnspy and search for what you want


    example https://prnt.sc/rsx7h7    Also chage the search method to method

    My post literally says not a unity game lmao

    0xNoctis Community Regular

    0xNoctis 9.8k
  •   iPad Pro (5th gen) 
  •   13.3
  • Donor
  •  

    • Posted
    Posted
    Just now, Turtle3925 said:

    My post literally says not a unity game lmao

    Oh sh!t lmao well your gonna have to use the Strings View  in IDA and Openrend to xref to be able to see the Funtions itself 

    Turtle3925 Newbie

    Turtle3925 9
  •   iPhone X 
  •   12.4

    • Posted
    • Author
    Posted
    11 minutes ago, Noctisx said:

    Oh sh!t lmao well your gonna have to use the Strings View  in IDA and Openrend to xref to be able to see the Funtions itself 

    Thanks! Following Shmoos tutorial now. I have 54 functions so rip me 😩

    Ted2 Supporter

    Ted2 39.1k
  •   iPhone 13 Pro 
  •   16.0
  • Donor
  •  

    • Posted
    Posted

    I'd suggest setting up LLDB, so you can use strings & breakpoints while hacking. Breakpoints are very useful, as it'll freeze the game if the location you set a breakpoint on is used, so for example if you think you found ammo & you shoot, it should freeze the game because of the ammo value changes.

    You can also see which registers hold what, so then you'd also know which register to hack.

    XoChelsea Newbie

    XoChelsea 65
  •   iPhone Xs Max 
  •   14

    • Posted
    Posted

    Is there anyway to find offsets and patches without idapro ?? It’s really expensive and the free version doesn’t seem to work can anyone help me ? 

    Create an account or sign in to comment

    You need to be a member in order to leave a comment

    Create an account

    Sign up for a new account in our community. It's easy!

    Register a new account

    Sign in

    Already have an account? Sign in here.

    Sign In Now
     Share
    Go to topic listing
    ×
    ×
    • Create New...

    Important Information

    We would like to place cookies on your device to help make this website better. The website cannot give you the best user experience without cookies. You can accept or decline our cookies. You may also adjust your cookie settings. Privacy Policy - Guidelines