Jump to content
Community Announcements, Giveaways & More!

Assistance in True or False in IDA ARM64

Haidar92

By Haidar92
in Help & Support

 Share
Go to solution Solved by Rook,

3 posts in this topic

Recommended Posts

Haidar92 Newbie

Haidar92 1

Posted
Posted (edited)

Hello every one,

i'm new to ida pro & and i always using flex to patch some apps

but i wanted to change to ida for better experience 

i have a question about Boolean ( True / False ) in ida

as you see below i have this function which i can change it to true of false in flex easily

but i want to know how to make This Function TRUE in ida

  

STP             X20, X19, [SP,#-0x10+var_10]!
STP             X29, X30, [SP,#0x10+var_s0]
ADD             X29, SP, #0x10
ADRP            X8, #_OBJC_IVAR_$_TitleModel.titleTextView@PAGE ; TextViewWithColor *titleTextView;
LDRSW           X8, [X8,#_OBJC_IVAR_$_TitleModel.titleTextView@PAGEOFF] ; TextViewWithColor *titleTextView;
LDR             X0, [X0,X8] ; void *
ADRP            X8, #selRef_font@PAGE
LDR             X1, [X8,#selRef_font@PAGEOFF] ; char *
BL              _objc_msgSend
MOV             X29, X29
BL              _objc_retainAutoreleasedReturnValue
MOV             X19, X0
ADRP            X8, #selRef_familyName@PAGE
LDR             X1, [X8,#selRef_familyName@PAGEOFF] ; char *
BL              _objc_msgSend
MOV             X29, X29
BL              _objc_retainAutoreleasedReturnValue
MOV             X20, X0
MOV             X0, X19
BL              _objc_release
ADRP            X8, #classRef_TitleModel@PAGE
LDR             X0, [X8,#classRef_TitleModel@PAGEOFF] ; void *
ADRP            X8, #selRef_fontFantasyIncludesFontFamilyName_@PAGE
LDR             X1, [X8,#selRef_fontFantasyIncludesFontFamilyName_@PAGEOFF] ; char *
MOV             X2, X20
BL              _objc_msgSend
MOV             X19, X0
MOV             X0, X20
BL              _objc_release
MOV             X0, X19
LDP             X29, X30, [SP,#0x10+var_s0]
LDP             X20, X19, [SP+0x10+var_10],#0x20
RET
; End of function -[TitleModel IsPremium]
Updated by Haidar92
explain more
  • Like 1
Link to comment
https://iosgods.com/topic/161735-assistance-in-true-or-false-in-ida-arm64/
Share on other sites
  • Solution
Rook iOS God

Rook 537.3k
  •   iPad Pro (2nd gen) 
  •   17.4
  • Donor
  •  

    • Posted
    • Solution
    Posted

    To return this whole function to TRUE or FALSE, you need to write 

    20 00 80 52 C0 03 5F D6 -> TRUE

00 00 80 52 C0 03 5F D6 -> FALSE

    At the beginning of the function. In your case: STP             X20, X19, [SP,#-0x10+var_10]!

    Live Offset Patcher may be able to help you with testing!

    • Like 1
    Haidar92 Newbie

    Haidar92 1

    Posted
    • Author
    Posted (edited)
    5 hours ago, Rook said:

    To return this whole function to TRUE or FALSE, you need to write 

    20 00 80 52 C0 03 5F D6 -> TRUE

00 00 80 52 C0 03 5F D6 -> FALSE

    At the beginning of the function. In your case: STP             X20, X19, [SP,#-0x10+var_10]!

    Live Offset Patcher may be able to help you with testing!

    Thanks for reply

    I solve the issue FINALLY with your method 

    but there is some functions don't start with STP Like this one : 

    ADRP            X8, #selRef_ownsSubscription_@PAGE
LDR             X1, [X8,#selRef_ownsSubscription_@PAGEOFF]
ADRP            X2, #cfstr_Oneyearunlockv@PAGE ; "Unlock"
ADD             X2, X2, #cfstr_Oneyearunlockv@PAGEOFF ; "Unlock"
B               _objc_msgSend


    And this one also : 

    SUB             SP, SP, #0x140
STP             X28, X27, [SP,#0x130+var_50]
STP             X26, X25, [SP,#0x130+var_40]
STP             X24, X23, [SP,#0x130+var_30]
STP             X22, X21, [SP,#0x130+var_20]
STP             X20, X19, [SP,#0x130+var_10]
STP             X29, X30, [SP,#0x130+var_s0]
ADD             X29, SP, #0x130
MOV             X19, X0
ADRP            X8, #___stack_chk_guard_ptr@PAGE
LDR             X8, [X8,#___stack_chk_guard_ptr@PAGEOFF]
LDR             X8, [X8]
ADRP            X9, #cfstr_Oneyearunlockv@PAGE ; "OneYearUnlock"
ADD             X9, X9, #cfstr_Oneyearunlockv@PAGEOFF ; "OneYearUnlock"
STUR            X8, [X29,#var_58]
ADRP            X8, #cfstr_Halfyearunlock@PAGE ; "HalfYearUnlock"
ADD             X8, X8, #cfstr_Halfyearunlock@PAGEOFF ; "HalfYearUnlock"
ADRP            X10, #cfstr_Monthlyunlockv@PAGE ; "MonthlyUnlock"
ADD             X10, X10, #cfstr_Monthlyunlockv@PAGEOFF ; "MonthlyUnlock"
STP             X9, X8, [X29,#var_70]
STUR            X10, [X29,#var_60]
ADRP            X8, #classRef_NSArray@PAGE
LDR             X0, [X8,#classRef_NSArray@PAGEOFF] ; void *
ADRP            X8, #selRef_arrayWithObjects_count_@PAGE
LDR             X1, [X8,#selRef_arrayWithObjects_count_@PAGEOFF] ; char *
SUB             X2, X29, #-var_70
MOV             W3, #3
BL              _objc_msgSend
MOV             X29, X29
BL              _objc_retainAutoreleasedReturnValue
MOVI            V0.16B, #0
STP             Q0, Q0, [SP,#0x130+var_130]
STP             Q0, Q0, [SP,#0x130+var_110]
BL              _objc_retain
MOV             X20, X0
ADRP            X8, #selRef_countByEnumeratingWithState_objects_count_@PAGE
LDR             X21, [X8,#selRef_countByEnumeratingWithState_objects_count_@PAGEOFF]
MOV             X2, SP
ADD             X3, SP, #0x130+var_F0
MOV             X1, X21 ; char *
MOV             W4, #0x10
BL              _objc_msgSend
CBZ             X0, loc_1001631D0

    What should i edit ?

    Updated by Haidar92
    i solve the issue ,, but there is more

    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.

    Guest
    Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below. For more information, please read our Posting Guidelines.
    Reply to this topic... Posting Guidelines

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.

    ×
     Share
    Go to topic listing
    ×
    ×
    • Create New...

    Important Information

    We would like to place cookies on your device to help make this website better. The website cannot give you the best user experience without cookies. You can accept or decline our cookies. You may also adjust your cookie settings. Privacy Policy - Guidelines