Help/Support Cheat Crashes

[Phoneapphack 0]

hey, guys! I have a problem, I started doing ios cheating, and I don't have a jailbroken device, and I decided to do a non jailbroken cheat, which I noticed is static members, as I understood, hooks are not needed here, and I was told that it works on non jailbreaked, and I tried, I get that's how SomeClass_TypeInfo_c -> access static_fields _offset -> field offset, I get dyld of unityframework, and I'm offseting to typeinfo, and I can offseting to access static field, but then when offseting the pointer from access static field to static field, I crash, and it's not a problem that I have a non jailbreak. since typeinfo and access to static fields, when nslog is output, pointers are displayed, and something seems to be read in memory, but it crashes when I get the fields already, here is my code, help 

#import <Metal/Metal.h>
#import <MetalKit/MetalKit.h>
#import <Foundation/Foundation.h>

#import <mach-o/dyld.h>
#import <pthread/pthread.h>
#import <substrate.h>

uint64_t getRealOffset(uint64_t offset) {
    uint32_t c = _dyld_image_count();
    for (int i = 0; i < c; i++) {
        if (strstr(_dyld_get_image_name(i), "UnityFramework")) {
            return _dyld_get_image_vmaddr_slide(i) + offset;
        }
    }
    return 0;
}

void *modifyGameVarDefs(void *arg){
	while(true){
		if (true) {
			auto typeinfo = getRealOffset(0x37EB940);
			auto staticfields = *(uint64_t*)((uint64_t)typeinfo + 0xB8)
			NSLog(@"animspeed %lu", typeinfo);
			if(typeinfo) {
				float animspeed = *(float*)((uint64_t)staticfields + 0x0);
				NSLog(@"animspeed %f", animspeed);
			}
		}
		sleep(1);
	}
	return NULL;
}

__attribute__((constructor))
void hackthread() {
    pthread_t thread;
    pthread_create(&thread, NULL, modifyGameVarDefs, NULL);
}

 

[Haidar_phantom 1.4k iPhone X 14.8]

Unfortunately your method works only on jailbroken devices since there is no spoof or rewrite dyld images

[Phoneapphack 0]

On 12/16/2024 at 12:06 AM, Haidar_phantom said:

Unfortunately your method works only on jailbroken devices since there is no spoof or rewrite dyld images

you're wrong, in my case I've already figured out the error, I'm not hooking anything and it's possible to get and change values using static fields, and it worked, the error was that I wasn't getting typeinfo correctly, I needed to use 

*(uintptr_t*)(getrealoffset(some offset))

and I It worked

[Haidar_phantom 1.4k iPhone X 14.8]

1 hour ago, Phoneapphack said:

you're wrong, in my case I've already figured out the error, I'm not hooking anything and it's possible to get and change values using static fields, and it worked, the error was that I wasn't getting typeinfo correctly, I needed to use 

*(uintptr_t*)(getrealoffset(some offset))

and I It worked

Interesting, isn’t this method can work with up to 6 offsets?

+ Can you use a different bytes for the offset instead of using that float function?