Tutorial H5GG Basic Tutorial - Getting Started with H5GG

[GodModerator 201 iPhone X 13.4]

What is H5GG?

On Android, they have GameGuardian, which has complex functions, perfect interface, and most importantly, it has lua scripting function, which can realize complex, fast, automatic, and interactive work.
And on Android, they have tools like AndLua, AutoJS, AIDE, etc. to make powerful hacks directly on the phone.

But on ios, we only have some simple tools, such as memory search, modification, speed hack, etc., the functions are still relatively simple, and there is no support for writing scripts for automated operations.
Although we have theos to write tweaks on the iphone, theos is really difficult to make mod menus, and the Objective-C language is essentially a superset of the C language, which is a well-known language that is difficult to learn and understand. And it is very easy to cause errors and crashes. It is far less easy to use than scripting languages such as lua and js. It is a club activity that only a small number of high-end people can participate in.

So here comes H5GG, I guess its full name should be called "Html 5 Game Guardian(or God)", which is based on two simple principles:

1: It uses Html5 as the interface engine, which is essentially a web page, you can use any web page creation software to create Menu, whether it is on a computer or an iphone/ipad.

2: It uses JavaScript as the scripting language and JS as the embedded script of the web page, which is very easy to write and use, and can be seamlessly integrated with Html5.

It's so simple, but we have it all on ios. Html5, as the most powerful UI engine, can create any menu effect you can imagine, and any menu effect you can't imagine. JS is a mature and powerful script language, but much easier to learn than C. You can find countless tutorials and examples on google and youtube for both.

So this is H5GG, so simple, yet so powerful. A new club that any beginner and rookie can enter, there are no barriers, and it is very friendly. And it's completely free and open source!  

 

How to start using H5GG?

The core of H5GG is H5GG.dylib, which contains all the functions and engines of H5GG. H5GG.dylib can be run in 4 ways:

1: On non-jailbroken devices, you can use sideloadly(pc/mac), esign(ios), boarsign(ios), GBox(ios) and other tools to inject H5GG.dylib into ipa, and re-sign (need to purchase a A personal certificate), and then install it on ios. In this way, H5GG.dylib will run in the process of the APP.

2: On the jailbroken device, you can install the deb package of the general injection version of H5GG (install via Filza), so that H5GG will be automatically injected and loaded by each APP. In this way, H5GG.dylib will run in the process of the APP .

3: On the jailbroken device, you can install the deb package of the standalone APP version of H5GG (install via Filza), so that H5GG will run as a separate system-level APP, and you can select the target APP process to operate in H5GG. In ipad, you can even use SplitView/SliderOver to run H5GG APP. In this way, since H5GG.dylib will not be injected into the target APP process, some protection and detection can be avoided.

4: On the jailbroken device, you can install the deb package of H5GG's floating APP version (install via Filza), which is basically the same as method 3. The main difference is that the H5GG APP can be displayed on the entire screen in a translucent manner. It can even be displayed on the main screen. This can be more convenient to use and operate, and you can also perform screen drawing in H5GG's APP to realize ESP, etc. But in this way, H5GG's APP will not be able to run in SplitView/SliderOver mode.

So you see, H5GG can run on both jailbroken and non-jailbroken devices at the same time, it can work in any situation, and, in these different operating modes, the Mod Menu and script hacks you write can be seamlessly compatible. .

 

Endless Possibilities of H5GG:
The built-in js script extension function of H5GG.dylib itself is mainly memory search and modification, which is what most people can easily use and need. But in many cases, this may not meet all needs, so H5GG has a built-in plug-in API interface, It is very convenient to use Objective-C to write dylib plug-ins with various extended functions, and the functions in the dylib plug-ins can be loaded and called directly through JS.

 

The power of H5GG plugin:
H5GG official plug-in - h5frida, brings the world's most advanced and powerful hook control engine <frida> into H5GG, and frida's scripting language is also js, they are a natural pair, through frida you can call any system API, Objective -C method, you can even call the unnamed function inside the APP, as long as you have the offset.

With frida you can hook any system API, Objective-C method, or even the unnamed function inside the APP, as long as you have the offset.
!Even on a non-jailbroken device, you can inline-hook any function (even unnamed functions) in the dylib/main-executable of the APP, and you can also dynamically patch any offset instruction in the dylib/main-executable of the APP . Yes, you heard it right, you can dynamically patch on non-jailbroken devices. These two features were completely impossible before! But H5GG did it!

 

The path to learn and use H5GG:
1: You need to know how to use tools such as igg for memory search and modification to hack, or you can use any C/Objective-C call/hook skills and read data methods.
2: Learn the basic syntax and logic of javascript scripting language, so that you can use js to call H5GG/h5frida's api to automate the operations in 1. (write js files)
3: Learn Html5 interface writing and layout, as well as CSS interface appearance properties, so that you can make ModMenu and build your js script into it. (Write html file)

 

MakeTweak - Your ModMenu dylib:
This is one of the amazing features of H5GG, just click the MakeTweak button on the H5GG interface, then select a png image file as the icon, select your html file as the Menu, and H5GG will generate a brand new one for you. dylib file, every time H5GG.dylib starts, it will automatically load and display your icon and ModMenu, and the original icon and UI of H5GG will be deleted. Yes, you just need to click the button and select the file. To make, no theos, no command line, no coding, no compile.

 

Advanced:
If you have macOS (mac computer or vmware virtual machine), you can connect your ios device to macOS, and debug the running ModMenu in ios through safari in macOS, for example, you can analyze UI layout, real-time dynamic adjustment and Edit UI, add breakpoints to js scripts, dynamically break and single-step scripts, etc. You can also enter any js script through safari's console and let H5GG execute it directly.

 

HTTP request:
JavaScript itself has built-in ajax function, you can use ajax to communicate with your remote server. But there is a small limitation: if your ModMenu is loaded from a local file, you can access any domain name remote server through ajax, But if your ModMenu is loaded through a remote server, you can only communicate with the server with the same domain name through ajax.

 

Fuzzy Search & Memory View:

There are currently no plans to add these two functions to H5GG, you should use other tools like igg to use these two functions.

 

Tips:
You can build a web server (or on your own computer), and then add a button to refresh the page in your ModMenu, so that you can edit the ModMenu on the computer, and then on ios without restarting the APP, you can dynamically Refresh your ModMenu, of course, you can also put ModMenu on your remote server to achieve dynamic update.

 

Suggest:
If you make ModMenu and script hacks on ios, it is recommended to download Easy HTML or HTML Editor in AppStore. I have downloaded and tried all the editor apps in AppStore, only these two are more suitable.

 

Final:

Friends, if you have any questions about H5GG or want to know the detail which part of H5GG, you can reply to this post, I will regard it as the most important opinion.

 

screenshots:

 

Updated August 13, 2022 by tuancc
detail

[Kapis1210 12 iPhone 7 Plus 13.3.1]

Thanks for the wonderful tool and for your guide!

[vi.i 0]

Nice

[Slimu 1]

Very good because there is a Chinese version

[xiongxiong 0 iPhone 12]

thanks 

[Egyptian 1.4k iPhone 13 Pro Max 15]

thanks ❤️ 

[Alihackali 18 iPhone X 14]

I  put the mode menu code in html, but I don't know how to put the Offset , it's a bit complicated. Can you please explain where to put the Offset and link it in the button ?

h5gg.require(7.9);
var h5frida=h5gg.loadPlugin("h5frida", "h5frida-15.1.24.dylib");
if(!h5frida) throw "Failed to load h5frida plugin";

function ActiveCodePatch(fpath, vaddr, bytes) {
    if(!h5frida.ActiveCodePatch(fpath, vaddr, bytes)) {
        var result = h5frida.ApplyCodePatch(fpath, vaddr, bytes);
        alert(fpath+":0x"+vaddr.toString(16)+"-修改失败!\n" + fpath+":0x"+vaddr.toString(16)+"-PatchFailed!\n" + result);return false;
    } return true;
}
function DeactiveCodePatch(fpath, vaddr, bytes) {
    return h5frida.DeactiveCodePatch(fpath, vaddr, bytes);
}

/*HERE IS OUR OFFSET PATCHING CODE*/

//this is just a POC
if (switch_Jump) {
    ActiveCodePatch("Frameworks/UnityFramework.framework/UnityFramework", 0x28D89C8, "0090261EC0035FD6");
} else {
    //when you desactivate a patch, it need to be the same HEX that you use to enable the hack.
    DeactiveCodePatch("Frameworks/UnityFramework.framework/UnityFramework", 0x28D89C8, "0090261EC0035FD6");
}

@tuancc

here is the mod
https://github.com/H5GG/H5GG/blob/main/examples-HTML5/H5Menu(DarkStyle).html

[RealllyYo 0]

ok

 

 

[raven Z 0]

The Dylib compiled by Make Tweak can only be injected into the APP. What should I do if it runs as a separate process like H5GG

[GodModerator 201 iPhone X 13.4]

7 hours ago, raven Z said:

The Dylib compiled by Make Tweak can only be injected into the APP. What should I do if it runs as a separate process like H5GG

there is a H5GG.dylib in the h5gg jb app.