Tutorial How to use iGDebugger - (iGameGod on-device debugging)

[0xSolana 23.7k 10.0]

 Hello!

Since the new iGameGod update update was released, a new debugging feature has appeared and we will see it in this tutorial!

This feature will work on Non-Jailbroken & Jailbroken devices!

iGDebugger allows you to debug iOS apps directly from iGameGod without a Mac or any terminal; no need to use LLDB and freeze your device with each test 

You can use it to find and patch an offset! We're going to cover the whole process!

First of all, enable (or inject iGameGod Jailed) iGameGod in your app! We'll be using Godus as an example here. 

 

Now, basics, just search your coins value on iGG until you get a few results!

Here comes the nice feature!

Long press the offset (usually the first one is the right one) and select 'Set Watchpoint'.

And, buy something or do anything that can change your value. I've done 2/3 interactions with my balance. 

Now, we want to check our watchpoint!

To do this, click on the Search icon located bottom right, and select Watchpoints.

On the new window will be all your watchpoints, on my screenshot, there is only one because I trust this watchpoint to be useful  But you can add more!!

You can toggle On/Off your watchpoint by the toggle option. 'Writes: 3' means that our "memory offset" got edited 3 times, Let's take a closer look.

This screenshot is interesting, it shows us many things :

• Our "function name" : _ZN8Currency6Belief....BeliefUseType

note  This is called a Symbol, and its generated by the compiler. Sometimes it wont even deal with the function name. But in our example it deal with, so all good

• Our IDA offset : 0x1777B0. This one will be the same for you (if you use the same version as me)!
• And our coins logs!

*I cut something that got me +49 gold*

You can click any of theses logs to see the Register Values and the Stack Trace! I will click the first result since it's my actual balance.

NOTE As you can see, x0 holds our increased value and x9 our current balance (1329 + 49 = 1378)

So, well let's directly take a look at this in IDA!

Once you have loaded your binary file into IDA, and select Mach-O dylib decomplication mode, let's go to the function/offset we found in iGameGod!

This is a Non-Unity (UnityFramework) game so we need to add a value to it to find it on IDA (100) : 0x1001777B0

Click OK and you should see your instruction.

NOTE As you can see, our function name is "BeliefUseType" like on iGG! 

So this function gets triggered once something is getting added to our balance. 

We can see that there is an ADD instruction at 0x100177AC that is dealing with x9 and x0! and we have seen previously that x0 = amount and x9 = balance.

Here it's simple, it does something like this:

x9 = x9 + x0
x9 = 1329 + 49

 Mhh how we could hack this?

Well there a few possibilities, and I will chose a legit one. I will add 100 to my balance each time I receive something.

So i do it like this :

ADD x9, x9, #100.

I will use Live Offset Patcher to test the hack.

NOTE Do not RET the instruction after the ADD. Here, we are dealing with an instruction INSIDE our function, if you RET the next instruction, it gonna crash since your device won't know what to do.

And indeed it worked! This is how you can easily hack your games without needing a PC to debug your game. And yes... I lied a bit by saying that you don't need a computer... But atm there is no way to see ARM instructions on iOS, yet!  If that changes, I will edit the topic!

I've cut one more tree (that would normally give me +1 Gold.

Our result went from 1378 to 1478! (thanks to our patch)

The game was Godus, version : 1.36. You can download this version from the Decrypted App Store.

 

Well that's all, hope you learned one more thing in modding

 

Want to learn more? Check out the next tutorial: Using iGameGod Breakpoints & iGDisassembler (On-Device)

Updated April 20, 2023 by Rook

[Puddin 76.7k iPhone 14 Pro Max 17.0 Donor]

Amazing work, guys. Truly amazing! ❤️ 

[Parxdy 24.5k iPad Pro (4th gen) 14.4]

Great tutorial thank you!

[Satmig 772 iPhone 12 15.0]

Impressive. Very nice.

[34306 3.3k iPhone 15 Pro 17.0]

I'm still got freeze when I set watchpoint and buy something, have any idea to not freeze my device?

if it still freeze then lldb should be better than it 😂

[มือสมัครเล่น 3.8k iPhone SE (2022) 17.0]

good tool 

Hopefully in the future it can be ARM view. @𓄼 . f v c k . 𓄹

Updated March 8, 2023 by Look just

[0xSolana 23.7k 10.0]

8 hours ago, 34306 said:

I'm still got freeze when I set watchpoint and buy something, have any idea to not freeze my device?

if it still freeze then lldb should be better than it 😂

usually it shouldn’t freez, @Rook ?? 

2 hours ago, Look just said:

good tool 

Hopefully in the future it can be ARM view. @𓄼 . f v c k . 𓄹

Maybe in the future  

[Rook 550.1k iPad Pro (2nd gen) 17.4 Donor]

11 hours ago, 34306 said:

I'm still got freeze when I set watchpoint and buy something, have any idea to not freeze my device?

if it still freeze then lldb should be better than it 😂

Which Jailbreak? Is it Subway Surfers?

4 hours ago, Look just said:

good tool 

Hopefully in the future it can be ARM view. @𓄼 . f v c k . 𓄹

We can definitely do this, but it won't be as good and sophisticated as something like IDA.

[0xSolana 23.7k 10.0]

9 minutes ago, Rook said:

We can definitely do this, but it won't be as good and sophisticated as something like IDA.

I think that this would still be a great idear, even if its only idk the 10 last Instructions, it will give us an idear

Updated March 8, 2023 by 𓄼 . f v c k . 𓄹

[มือสมัครเล่น 3.8k iPhone SE (2022) 17.0]

this arm view

I hope it will be available in the near future. @Rook 

Updated March 8, 2023 by Look just