Help/Support Bypass Codestage Anti-Cheat

Sr20Debt · November 4, 2022

Hi guys! Long time lurker, first time poster. I've been trying to modify this game for fun. It's Survivor.io and it has been previously modded by multiple people here on iOSGods. Since I know its possible to bypass, I have tried doing it myself to no avail. I've heard that the anti-cheat isn't too hard to bypass but I haven't gotten that far yet.. I'm not too new to making cheats for games but I've only done it on PC games without anti-cheat. I've tried patching the offsets multiple times, different bytes, etc. It always freezes, and crashes. I have yet to see anyone post a write up to bypass anti cheat by writing to the offsets or any other similar methods, so I came to ask for some help.

Here's an example of the code I'm currently trying to use:

  patchOffset(ENCRYPTOFFSET("0x1DE6448"), ENCRYPTHEX("0x1F2003D5C0035FD6"));
  patchOffset(ENCRYPTOFFSET("0x1DE64BC"), ENCRYPTHEX("0x1F2003D5C0035FD6"));
  patchOffset(ENCRYPTOFFSET("0x1DE6618"), ENCRYPTHEX("0x1F2003D5C0035FD6"));

  //Have also tried this
  patchOffset(ENCRYPTOFFSET("0x1DE6618"), ENCRYPTHEX("0xC0035FD6"));
  //This too
  patchOffset(ENCRYPTOFFSET("0x1DE6618"), ENCRYPTHEX("0x1F2003D5"));

Example of classes and methods

Would really appreciate anyone pointing me in the right direction! Thank you

Puddin · November 4, 2022

1F2003D5 is a NOP which is designed for a single instruction. You don't need it for the first 3 patches since you've used C0035FD6 which just ends the entire function.

Sr20Debt · November 4, 2022

Would this cause the app to freeze though? I've tried 1F2003D5 and C0035FD6 separately and it still freezes. I'm not sure if the anti-cheat is being set off and that causes the game to freeze or if I'm somehow using the wrong offset.

Puddin · November 4, 2022

1 minute ago, Sr20Debt said:

Would this cause the app to freeze though? I've tried 1F2003D5 and C0035FD6 separately and it still freezes. I'm not sure if the anti-cheat is being set off and that causes the game to freeze or if I'm somehow using the wrong offset.

If you're using 1F2003D5, you're targeting just a single instruction. I.e a STR W0, W1 or something else like LDR X1, X4.

Sr20Debt · November 4, 2022

Okay yeah, I get what you're saying now. Regardless what I do, it freezes the game. Would I be able to just "ret" all of the offsets to the StartDetection(), StartDetectionAutomatically(), etc? I just can't figure out what to patch to bypass anti-cheat and stop the freezing. I'm at a loss honestly

Updated November 4, 2022 by Sr20Debt
Added more words

Puddin · November 4, 2022

3 minutes ago, Sr20Debt said:

Okay yeah, I get what you're saying now. Regardless what I do, it freezes the game. Would I be able to just "ret" all of the offsets to the StartDetection(), StartDetectionAutomatically(), etc? I just can't figure out what to patch to bypass anti-cheat and stop the freezing. I'm at a loss honestly

That’s the exact approach. With reverse engineering, unfortunately everything is trial and error. No modder knows what’s they’re modding or if they’ve modded it until they test it themselves.

Sr20Debt · November 4, 2022

I appreciate the honest help! I'll give it another shot tomorrow. Thanks again

Zahir · November 4, 2022

I can tell you for a fact, those detector classes are pretty useless for jb bypass, you might consider looking into other classes or strings in some cases. I am not sure how easy it is to use that program you're using but using IDA is usually simpler to look for stuff