TuT IDA Hacking Tutorial #2

Zahir · November 5, 2015

My old tutorial when I was extremely n00b but might help

Requirements:
- IDA Pro/Demo - Demo just works fine
- Hex Editor
- Arm Converter (http://armconverter.com/)
- The game you are hacking
- The cracked binary of that game ( I am using Infection )

Instructions:
1. Open IDA and Copy the binary inside IDA
2. See the settings here:

3. After that the IDA will start loading and wait until it finishes loading fully
4. Now after everything is loaded, you can search for anything you like [Press Alt+T to search]
5. Since the game I am hacking is Infection, the main thing in there is DNA
6. So I will search for DNA
7. Now it's time to find the right function, I have found this function called DNA - SPEND
8. Which means this function represents when you Spend your DNA what happens
9. Now this is the function:

10. As the function says spend it means it subtracts
11. So the only subtraction function is SUBS r0, r2, r0
12. Highlight that function and go to Hex View-A (At the top category)
13. This is how it looks like in Hex View-A:

14. Now go back to IDA View and copy the function (SUBS R0, R2, R0)
15. Open up http://armconverter.tk or ARM To Hex and paste the function there
16. Click submit and it show Thumb Output there which is 101A
17. Go to Hex View-A again and check if it's same as the one which showed in armconverter.tk
18. Now it's time to hack the function
19. Open up Hex Editor and copy the binary inside
20. Now it's time to locate the place of the function in Hex Editor
21. You can find the hex location from here:

22. Now go to Hex Editor and go to Search > Go to...

23. Now write the location you have found in IDA:

24. Now it will take you to the right location that you have found in IDA
25. Now it's time to hack that function

There are several ways to hack it (The Ones I have learnt till now):

1. SUBS R0, R2, R0   =>  ADD R0, R2, R0 [In HEX: 1018] (It will give you the money it took instead of substracting)
2. SUBS R0, R2, R0   =>  MOVS  R0, R7 [In Hex: 38 1C] (Will give you millions instead of substracting)
3. SUBS R0, R2, R0   =>  NOP [In Hex: C0 46] (it will be FREE)

26. Now change the function SUBS to any of them you like!
27. When you have changed it will be red (The place you have changed)
28. Now you can save it and go test your hack
29. Enjoy!

----------------------

There is another method you can use

STR R0, [1] - Stored 0 in 1
Change it to STR R7, [1] - Stores 668 Millon in 1

Done!

IDA Hacking Tutorial #3: http://iosgods.com/topic/1470-tutorial-ida-hacking-tutorial-3/

Tokyo_Ghoul · September 8, 2014

thanks

RaamSongara · August 6, 2015

Thanks man

Great work!

--Techarmor-- · November 20, 2015

Thanks Dude!

Updated November 20, 2015 by --Techarmor--

DrogenKinder · December 16, 2015

This is very helpful but why can't I find what I search like coins, gold etc..? And my second question is can u make a tut how to do mods? How to upload them to cydia etc??

Rinoqp · August 20, 2016

I have a question every time I open Ida pro with a cracked file it opens everything looking like this

ADD X29, X21 why are they not R1 and R2 I have watched every video on YouTube and looked at every post I could find on this website so I got the basics of doing it but I can't change anything because it is all X and numbers instead of R0 please help

iCrush · August 27, 2016

Copied Get Rekt

3XK · October 15, 2016

@@ZahirSher, http://armconverter.com not found

Updated October 15, 2016 by 3XK

Zahir · October 15, 2016

@

http://armconverter.com/

Goggwell · October 15, 2016

I have a question every time I open Ida pro with a cracked file it opens everything looking like this

ADD X29, X21 why are they not R1 and R2 I have watched every video on YouTube and looked at every post I could find on this website so I got the basics of doing it but I can't change anything because it is all X and numbers instead of R0 please help

Cause you're looking at the ARM64 portion of the binary. If you want to see Rs instead of Xs and Ws, use the 32-bit portion