Help/Support Trying to get ARM code

[Gordxn 0 iPhone 13 17.4]

I got my methods and found one I wanted to attempt to patch. However, I don't quite understand the HEX to ARM converter. I tried pasting the HEX instructions from DnSpy into it, but it gave some wacky results.

Instruction Hex: "1200FE15C3000002062A"
Offset: "3043E74"

 

ARM64 Result:

b #0xafc3ebc
.BYTE 0xc3, 0x00, 0x00, 0x02

 

ARM Result:
ldrbne r0, [lr, #0x12]!
andeq r0, r0, #0xc3

 

I don't know if it's just my lack of experience with the ARM architecture, but these instructions don't seem right to me. The C# function is a simple get function that returns a SecuredDouble. Any help or related links would be appreciated!

[Theo1357 26.1k iPhone 6s 14.4]

It's right iíntruction. Maybe "1200FE15C302062A"?

[Gordxn 0 iPhone 13 17.4]

24 minutes ago, tien0246 said:

It's right iíntruction. Maybe "1200FE15C302062A"?

So I see you removed that string of four 0's, how am I supposed to know to remove that in the future?

[Theo1357 26.1k iPhone 6s 14.4]

2 minutes ago, Gordxn said:

So I see you removed that string of four 0's, how am I supposed to know to remove that in the future?

I just random delete 

8 char = 1 instruction

your instruction have 20 char. So i guess your instruction is redundant somewhere

[Gordxn 0 iPhone 13 17.4]

Well, if anyone is still looking to help me, I'm still struggling quite hard. I've decided to just go for a simple isBlahBlah function that only works with booleans. However, I can't even figure out how to write a patch for these.

 

The function in dnSpy looks as follows:

[Token(Token = "0x6006702")]
[Address(RVA = "0x2C4688C", Offset = "0x2C4688C", VA = "0x2C4688C")]
[CompilerGenerated]
get
{
	return default(bool);
}

 

I tried using a basic return true or false patch, but neither worked. Return true patch in assembly:
 

MOV X0, #1
ret

I'm trying to test this using iosGod's live patcher. My offset is "102C4688C" and my patch is "200080D2C0035FD6"

 

Any help would once again be appreciated!

[Saitama 32.2k iPhone 6s Plus 15.7.9]

offset

0x2C4688C

its offset from base address
patch must be at point baseAddr+0x2C4688C

Updated March 20, 2024 by Saitama

[Theo1357 26.1k iPhone 6s 14.4]

On 3/19/2024 at 10:49 AM, Gordxn said:

Well, if anyone is still looking to help me, I'm still struggling quite hard. I've decided to just go for a simple isBlahBlah function that only works with booleans. However, I can't even figure out how to write a patch for these.

 

The function in dnSpy looks as follows:

[Token(Token = "0x6006702")]
[Address(RVA = "0x2C4688C", Offset = "0x2C4688C", VA = "0x2C4688C")]
[CompilerGenerated]
get
{
	return default(bool);
}

 

I tried using a basic return true or false patch, but neither worked. Return true patch in assembly:
 

MOV X0, #1
ret

I'm trying to test this using iosGod's live patcher. My offset is "102C4688C" and my patch is "200080D2C0035FD6"

 

Any help would once again be appreciated!

Maybe this function is trash, it is never called